A high-performance transactional and bulk email API. DKIM, SPF, DMARC, IP warming, webhooks, and open/click tracking — all in one dead-simple REST API.
# Send a transactional email in one line curl -X POST https://api.mailaki.io/v1/messages \ -H "Authorization: Bearer mf_your_api_key" \ -H "Content-Type: application/json" \ -d '{ "from": "[email protected]", "to": ["[email protected]"], "subject": "Welcome aboard!", "html": "<h1>Hello world</h1>", "text": "Hello world", "tracking": { "opens": true, "clicks": true } }' # Response { "id": "01912345-6789-7abc-def0-123456789abc", "status": "queued" }
const res = await fetch("https://api.mailaki.io/v1/messages", { method: "POST", headers: { "Authorization": "Bearer mf_your_api_key", "Content-Type": "application/json", }, body: JSON.stringify({ from: "[email protected]", to: ["[email protected]"], subject: "Welcome aboard!", html: "<h1>Hello world</h1>", tracking: { opens: true, clicks: true }, }), }); const { id, status } = await res.json(); console.log(`Queued: ${id}`); // → "01912345-6789..."
import requests response = requests.post( "https://api.mailaki.io/v1/messages", headers={ "Authorization": "Bearer mf_your_api_key", }, json={ "from": "[email protected]", "to": ["[email protected]"], "subject": "Welcome aboard!", "html": "<h1>Hello world</h1>", "tracking": {"opens": True, "clicks": True}, }, ) data = response.json() print(data["id"]) # → "01912345-6789..."
use reqwest::Client; use serde_json::json; let client = Client::new(); let res = client .post("https://api.mailaki.io/v1/messages") .bearer_auth("mf_your_api_key") .json(&json!({ "from": "[email protected]", "to": ["[email protected]"], "subject": "Welcome aboard!", "html": "<h1>Hello world</h1>", "tracking": { "opens": true, "clicks": true }, })) .send().await?; let data: Value = res.json().await?; println!("Queued: {}", data["id"]);
Built for developers who care about reliability, deliverability, and not getting paged at 3am.
Send via JSON REST API or drop-in SMTP relay. Works with any language, any framework. Authentication via API key or SMTP credentials.
First-class email authentication out of the box. Per-tenant DKIM keys, SPF alignment, and DMARC policy enforcement — automatically configured.
Write-ahead queue with at-least-once delivery guarantees. Exponential backoff with jitter — 7 attempts over 72 hours before a bounce.
Real-time delivery events: delivered, bounced, opened, clicked. HMAC-signed payloads. Auto-retry with exponential backoff.
Transparent pixel injection and URL rewriting for open and click tracking. Real-time stats per message, domain, or tenant.
Dedicated IPs for high-volume senders, shared pools for low-volume. Automated IP warming over 6 weeks with reputation tracking.
Automatic suppression on hard bounces and spam complaints. Manual suppression management via API. Tenant-isolated lists.
Receive email via SMTP and route it to your webhook endpoint. Full MIME parsing, attachment handling, and reply-to threading.
Fully isolated domains, API keys, rate limits, and IP pools per tenant. Built for SaaS platforms that send on behalf of their customers.
A battle-tested pipeline that handles queuing, signing, delivery, and feedback — so you don't have to.
POST a JSON message or relay via SMTP. Your API key is validated, your domain ownership confirmed, and your sending rate checked in milliseconds.
The message is DKIM-signed with your private key, tracking pixels and click links are injected if enabled, then stored durably and enqueued in Postgres with priority ordering.
Delivery workers resolve MX records, pick the best IP from your pool, and deliver over STARTTLS. Failures are classified and retried automatically with per-domain backoff.
Delivery events fire webhooks to your endpoint. Bounces and spam complaints are processed automatically, updating suppression lists and protecting your reputation.
Deliverability is not an afterthought — every layer of the stack is designed around it.
RSA-2048 DKIM signing with relaxed/relaxed canonicalization. SPF and DMARC policy alignment validated before every send. DNS records generated automatically.
New dedicated IPs are ramped over a 6-week warming schedule — starting at 100 emails/day and doubling every few days. Reputation score tracked per IP.
ARF (RFC 5965) abuse reports from Gmail, Microsoft, and Yahoo are processed automatically. Complainants are suppressed; tenants with >0.1% complaint rate are alerted.
MTA-STS (RFC 8461) enforces TLS for domains that require it. ARC signing (RFC 8617) preserves authentication results through forwarding chains.
RFC 8058 one-click unsubscribe headers automatically injected. A hosted unsubscribe page handles the flow; suppressions are updated in real time.
RFC 7489-compliant DMARC XML aggregate reports generated and sent to your reporting address. Monitor authentication pass rates across all your domains.
Authenticate with a single bearer token. Send JSON. Get a message ID back. Every endpoint follows the same predictable pattern.
Base URL
https://mailaki.com/v1
Authentication
Authorization: Bearer mf_your_api_key
No per-recipient add-ons. No overage surprises. Pay for what you send.
Sending more than 2M emails/month? Talk to us about Enterprise — custom volume, SLAs, and dedicated support.
Additional emails beyond your plan are billed at $0.80 per 1,000. No hidden fees.
smtp.mailaki.io on port 587 with STARTTLS. Use your email address as the username and your API key as the password. It works as a drop-in replacement for any existing SMTP configuration.
X-Mailaki-Signature header containing an HMAC-SHA256 signature of the request body, signed with your webhook secret. Verify this signature on your server before processing any webhook event.