> ## Documentation Index
> Fetch the complete documentation index at: https://docs.senderz.app/llms.txt
> Use this file to discover all available pages before exploring further.

# Email

> Marketing and transactional email with per-tenant DKIM, failover routing and open/click tracking.

Email is the workhorse channel. Senderz signs every message with your own DKIM key, routes through a failover provider chain, and injects tracking and unsubscribe handling at the worker so your templates stay clean.

## Sending identity

Marketing email sends from a **verified domain** you control and an approved **From** name and address.

<Steps>
  <Step title="Verify a domain">
    Add and verify the domain you send from. See
    [Domains & authentication](/en/deliverability/domains).
  </Step>

  <Step title="Manage sender addresses">
    Under each verified domain, add the local parts you send from (for
    example `hello@`, `orders@`). A verified domain authorises every local
    part on it — no per-address approval.
  </Step>

  <Step title="Manage sender names">
    Keep a reusable list of From names. Pick one per campaign or override
    with a one-off value.
  </Step>
</Steps>

<Info>
  Every non-transactional send is checked against your verified domains at
  send time. A From address whose domain isn't verified is rejected — this
  protects DKIM alignment.
</Info>

## What the worker injects (marketing only)

For marketing sends, the email worker automatically adds:

<CardGroup cols={2}>
  <Card title="DKIM signature" icon="key">
    Signed with your per-tenant key in AWS KMS. The private key never leaves
    KMS.
  </Card>

  <Card title="Open & click tracking" icon="chart-line">
    A tracking pixel and rewritten links via your `track.` CNAME.
    Transactional and test mail are never tracked.
  </Card>

  <Card title="Unsubscribe" icon="ban">
    RFC 8058 one-click headers (`List-Unsubscribe`) plus an in-body link to
    your hosted preference center. Every marketing email is guaranteed one.
  </Card>

  <Card title="Copy-to BCC" icon="copy">
    An optional hidden envelope BCC to an address you configure (campaign
    marketing sends only).
  </Card>
</CardGroup>

## Deliverability & failover

Email routes through an ordered provider chain with per-provider circuit breakers. If the primary provider is degraded, the router fails over — and it never double-delivers: an ambiguous failure (timeout after the provider may have accepted the message) is treated as terminal, not retried against the next provider.

<Note>
  Provider selection, IP pools and warmup are managed for you. You control
  the domain and the content; Senderz owns the routing.
</Note>

## Transactional email

Order confirmations, password resets and OTP codes are transactional. They:

* bypass frequency caps and quiet hours,
* are never tracked,
* carry no unsubscribe footer,
* can route through transactional-only relays.

Send transactional email via the [Public API](/en/api-reference/messages) (`POST /public/messages/email`).

## Best-time & throttled sends

For campaigns you can enable:

* **Best time** — Senderz picks each recipient's most-engaged local hour (from their last 90 days of opens/clicks) within your configured bounds. Compliance still dominates: legal quiet hours are never bypassed.
* **Throttled rollout** — split the audience into percentage batches with per-batch delays.

Both only change *when* the existing send job runs; every gate still applies at fire time.

## Templates

Email content is built from reusable blocks (hero, image, columns, product, coupon, and more), raw HTML, or a gallery starter. See [Templates & content](/en/messaging/templates).
