Each case below is from an actual production engagement. Customer identities are anonymized at their request, which is part of why they hired us. The numbers are not. Volumes, IP counts, percentage shifts, dates: all reproducible from our internal records and customer-side dashboards (Postmaster Tools, SNDS, their own analytics) on request during pre-sales conversations.
Inbox placement collapsed from 89% to 41% after migrating to a new shared SMTP. Spamhaus listing detected.
Migrated to dedicated IP pool (3 IPs across BG + RO), 45-day re-warmup with engagement simulation, DKIM rotation introduced quarterly.
Cold outreach reply rates flatlined at 0.8%. Multiple Google Workspace domains entering Gmail spam.
4-IP rotation pool, 12-domain subdomain warmup, Microsoft 365 + Google Workspace dual routing, daily ramp-up automation.
Listed on Spamhaus SBL after a single campaign. All campaigns blocked across Gmail, Outlook, Yahoo simultaneously.
Root-cause analysis (compromised list segment), full delisting with evidence package, IP migration to 3 fresh IPs in BG, 30-day re-warmup.
Mailchimp costs hit €2,400/month with declining deliverability. Wanted ownership without losing reputation.
PowerMTA + MailWizz on dedicated server (RO), API-driven import preserving engagement signals, gradual cutover over 14 days.
Needed full operational anonymity: no KYC vendors in the stack, no US/EU data residency for billing.
BVI corporate structure, Iceland + Bulgaria infrastructure, crypto-only billing pipeline, end-to-end encrypted client database.
Gmail moved from soft enforcement to outright SMTP-level rejection in November 2025 for bulk senders that fail authentication or exceed complaint thresholds. The old behaviour was to route suspect mail to spam where recipients could still find it. The current behaviour is permanent rejection with 550-5.7.26 (unauthenticated) or 421-4.7.32 (no DMARC alignment) codes, and the mail never reaches the receiver in any retrievable form. Microsoft finished the equivalent rollout by April 30, 2026, returning 550 5.7.515 on non-compliant bulk mail to consumer Outlook properties. The bulk-sender threshold is 5,000 per day to personal accounts at either receiver.
Google Postmaster Tools v2 launched in October 2025 and replaced the previous High/Medium/Low domain-reputation scoring with binary compliance status that reads either Pass or Fail. The intermediate states that used to give operators a graceful warning band before enforcement are gone. A 2024 sender could watch reputation deteriorate from High to Medium and react before reaching Low. A 2026 sender gets Pass or Fail with no warning lane between them. The case-study incidents documented below would happen faster today than they did at the time, and the recovery framework matters more not less.
Industry data from Q1 2026 puts the average global inbox rate at 83.5%, meaning roughly one in six emails sent never reaches a recipient inbox. Median inbox placement by industry ranges from 86% in education to 92% in B2B SaaS, with retail and e-commerce sitting at the bottom of mainstream categories due to aggressive promotional send volume. The six-percentage-point spread between top and bottom converts directly to revenue: for a 1M-list ecommerce sender, the difference between 86% and 92% placement is roughly 3.1M additional inbox arrivals per year. The ecommerce case study below recovered into the top of the band, which is where the measurable revenue lives.
The 2026 Sopro outreach report puts the average B2B buyer at over 120 sales-related emails per week, roughly 25 per business day. Average reply rates have dropped to 1-5%, down from approximately 7% two years ago. Top-performing programmes still hit 15-25% but the gap between median and top quartile has widened: average campaigns get worse while disciplined campaigns get slightly better. The cold-outreach case below sits inside the disciplined half of that distribution and the architecture is what kept it there as receiver conditions tightened.
Mailchimp changed pricing twice in the first four months of 2026: the free plan was cut from 500 contacts to 250 in January (effective February 17), and legacy pre-May-2019 accounts received an 11-13% price increase in April. Since Intuit's USD 12 billion acquisition in 2021, paid-plan pricing has increased 30-33%, roughly three times the rate of most competitors. At 10K subscribers Mailchimp now runs USD 200-350 per month versus USD 49-99 for comparable alternatives. The newsletter-migration case below was a 2024 decision that has only looked smarter with each subsequent pricing cycle.
Across every case below, the cost of the incident is dominated by time-to-diagnosis, not by the cost of the remediation itself. Customers who self-diagnosed correctly inside 48 hours recovered in 2-3 weeks. Customers who took 2-4 weeks to identify the root cause spent 6-10 weeks in recovery because of compounding damage. The diagnostic patterns (bounce-rate signature inflection, complaint-rate slope analysis, content-fingerprint drift, IP geography mismatch) all require having seen similar incidents before. That pattern-recognition history is the actual value of a specialist engagement.
Two of the five cases below involved migrating between platforms or infrastructure. In both, the customer assumed their existing platform reputation would carry forward. It does not. Mailbox-provider reputation systems track sending IP and domain, not the platform orchestrating the sends. Moving to new IPs always means starting reputation from neutral, which is recoverable but never free. The parallel-period strategy used in the newsletter migration documents how to absorb this cost without producing a deliverability dip.
The cold-outreach case documents what most agencies miss: mailbox volume thresholds (20-50 daily per mailbox) only capture one layer of receiver evaluation. Domain-level volume matters independently, with a safe envelope of 60-350 per domain per day. Operator-level aggregation matters above that, because anti-spam gateways can correlate patterns across notionally independent client domains. Compliance at any single layer does not guarantee compliance overall. The architecture has to satisfy all three layers simultaneously.
The ecommerce case shows what happens when they do: complaint signal from marketing campaigns degrades transactional delivery, which then fails customers exactly when they need their password resets and order confirmations. Industry guidance in 2026 has converged on separated infrastructure as a baseline architecture decision rather than an optimisation. Any platform sharing both streams from the same IP pool and sending domain should plan to separate them as a routine engineering priority, not a deliverability rescue.
Both the cold-outreach and ecommerce cases benefited materially from IP-recipient geography alignment. Industry data confirms the magnitude: switching from US-IP to EU-IP infrastructure for outreach to German and French corporate inboxes moved primary-tab placement from 62% to 91% without changing copy or targeting. Most senders treat IP geography as a cost variable to minimise. It is a deliverability variable to optimise, and the receiver-side weighting on it has continued to grow through 2025 and 2026.
The privacy-SaaS case documents what most operators discover only after they have already been pressured: single-jurisdiction deployments concentrate legal-process risk at a single choke point. Cross-jurisdictional architectures absorb demand letters at the legal-process layer without affecting operations. The structural cost is modest (some additional latency, some operational complexity). The structural benefit is that the operation continues running when single-jurisdiction pressure arrives.
Every "before" number is from the customer's own dashboard (Postmaster Tools, SNDS, their analytics platform) at the moment they engaged us. We don't compute them retroactively. The customer screenshots their starting baseline; we save the screenshot. Every "after" number is measured at a defined milestone (typically 30, 45 or 60 days post-engagement) using the same dashboards. During pre-sales conversations we can walk through specific case methodology and show the underlying configuration changes if the customer's NDA permits.
Most of our customers operate in verticals where being visibly associated with offshore or anonymous-friendly infrastructure would attract competitive attention or scrutiny they prefer to avoid. Anonymization is part of the operational value we provide, not a way to hide weak case studies. Customers who want to be public references for our work can be, and several are during pre-sales conversations under NDA.
The frameworks apply, but the timelines have shifted. Reputation rebuild after spam spikes, blocklisting, or high complaints now takes weeks rather than days, because AI-driven ISP systems in 2026 rely on longer historical data windows than they did two years ago. The 9-day Spamhaus delisting in the affiliate case still applies when evidence is properly prepared. The 60-day reputation rebuild that followed it is now closer to 75-90 days on equivalent infrastructure today. Preventive monitoring and consistent list hygiene have become more important defensive strategies, not less.
We have engagements in fintech, healthcare adjacent, gaming and gambling support infrastructure, podcast newsletters, B2B SaaS marketing operations, and education-sector lead generation that are not documented as public case studies because the customers declined to be referenced even anonymized. The five published cases are a representative sample of engagement types, not an exhaustive customer list. During pre-sales conversations we can discuss the closest match to a prospect's specific situation under appropriate NDA.
We decline engagements where the underlying issue is content-quality or list-quality that the customer is not willing to address. Senders in that situation will not recover on any timeline with any vendor, and taking their money would be misleading. We share the audit findings honestly, explain what would need to change, and refund the audit fee if the customer chooses not to proceed. We decline roughly 12-15% of inbound audits for this reason.
The frameworks documented here are reproducible. The exact numbers will not replicate, because every situation has its own starting conditions, infrastructure constraints, and recipient mix. Engagements typically begin with a discovery conversation on Telegram or via ticket, followed by a paid audit if the situation is plausibly within our scope, followed by a defined remediation programme with milestone-based fees. Pre-sales conversations are open-ended; the audit fee buys the diagnostic work.
For senders who hit a discrete failure event: blocklist listing, sudden inbox-placement collapse, ISP-level rejection burst. Typical structure is 48-hour forensic audit, evidence-backed delisting submission where applicable, infrastructure changes if the audit recommends them, and a 30-60 day reputation rebuild on the remediated infrastructure. The affiliate-spamhaus case below documents the full timeline; equivalent engagements typically run 45-90 days end to end depending on incident severity.
For B2B agencies and outbound teams whose domain-burnout cycle has accelerated past their warmup pipeline capacity. Structure is multi-week deployment of subdomain rotation pools, mailbox provisioning across appropriate IP geographies, pattern decorrelation across client portfolios, and operational runbooks for sustained operation. The cold-outreach case below documents the architecture and the 18-month follow-up record; equivalent engagements typically run 60-90 days for full deployment plus ongoing operational support.
For publishers leaving Mailchimp, Substack, or other managed platforms either for editorial-policy reasons or for cost reasons that have become unsustainable. Structure is target-platform provisioning, authentication and domain setup, template and automation rebuild, parallel-period subscriber migration with progressive volume shift, and operational handover. The newsletter case below documents the 45-day migration timeline and the 18-month cost-savings record; equivalent engagements typically run 30-60 days depending on automation complexity.
For products whose own claims require anonymous-compatible infrastructure across the entire stack: no-KYC hosting, crypto payment chains, multi-jurisdiction redundancy, Tor mirror access, separated transactional email infrastructure. The privacy-SaaS case below documents the architecture, jurisdiction selection matrix, and 18-month operational record; equivalent engagements run 8-12 weeks for initial deployment plus ongoing credential and operational support.
For senders who want to know what is wrong before committing to remediation. Two-week forensic audit covering authentication, bounce-pattern analysis, content-fingerprint comparison against reference corpora, list-hygiene evaluation, infrastructure assessment. Deliverable is a written audit report with prioritised recommendations and a remediation cost estimate if the customer decides to proceed. Standalone audits convert to remediation engagements roughly 70% of the time; the rest either remediate in-house with our findings, or decline to remediate because the required changes are not aligned with their operational priorities.
Open-rate measurement from email tracking pixels has become increasingly unreliable due to Apple Mail Privacy Protection, Gmail proxy fetching, and enterprise gateway pre-fetching. The cases below mention open rates where customers tracked them before and after with the same tooling, so the comparison is valid even if the absolute number is approximate. We do not present open-rate deltas as primary success metrics because the underlying measurement is too noisy in 2026 to carry that weight.
Email is one input to a customer funnel; revenue depends on conversion rate, pricing, sales cycle, and a dozen other variables outside our scope. The newsletter case below documents cost savings (which we can measure cleanly) rather than revenue uplift (which we cannot). Where the affiliate and ecommerce cases mention revenue impact, the figures are customer-disclosed estimates of lost revenue during incidents, not claims that our work generated revenue that would not otherwise have existed.
Some senders we audit and decline because the underlying issue is content-quality or list-quality the customer is not willing to address. Those senders do not recover at any timeline with any vendor. Including them in our delist-time averages would either misrepresent our work (if we counted the cases we did not accept) or misrepresent the recovery landscape (if we counted only accepted cases without acknowledging the decline rate). The 9-day Spamhaus delisting in the affiliate case is from a case we accepted because the underlying cause was identifiable and addressable.
We do not guarantee specific delisting timelines, specific inbox-placement targets, or specific outcomes on engagements we accept. We commit to the diagnostic and remediation work documented in the engagement scope, and we are explicit about what is and is not within our control. Receiver behaviour is not within our control. Customer cooperation on remediation recommendations is not within our control. We are responsible for the framework and the expertise; the outcome is a collaboration that depends on both sides.
The case studies collection follows specific editorial considerations that distinguish operational documentation from marketing material. Case studies positioned as marketing typically overstate outcomes, omit failures, present compressed narratives, and obscure the time investment required for the documented outcomes. Our case studies deliberately avoid these patterns.
Each case study documents specific operational decisions, the reasoning behind them, the time and effort required, the outcomes including any setbacks during the work. The narrative structure follows the actual operational sequence rather than editorial reorganization that produces cleaner stories at the cost of operational accuracy.
Customer identification follows customer preferences. Most case studies are anonymized at customer request because the operational situations involve sensitive business context. Customer-identified case studies are available when customers explicitly authorize attribution; the authorization is rare because most customers prefer keeping their operational details confidential.
Every "before" number in these case studies is from the customer's own dashboard (Postmaster Tools, SNDS, their analytics platform) at the moment they engaged us. We don't compute them retroactively from our side. The customer screenshots their starting baseline; we save the screenshot.
Every "after" number is measured at a defined milestone, typically 30, 45 or 60 days post-engagement, depending on the engagement type. The same dashboards measure the after number. We don't switch metrics or move goalposts mid-engagement.
Open rates from email-tracking pixels. These are increasingly unreliable due to Apple Mail Privacy Protection, Gmail proxy fetching, and enterprise gateway pre-fetching. We mention them where customers tracked them before and after with the same tooling, so the comparison is valid even if the absolute number is.
"Revenue attribution" claims. We don't claim our work caused a specific revenue uplift. Email is one input to a customer's funnel; we improve the email input, but attributing dollars to that improvement requires assumptions we can't validate. The newsletter migration case shows cost savings, not revenue uplift.
Spamhaus delisting time on cases we declined. Some senders we audit and decline because the underlying issue is content-quality or list-quality that the customer isn't willing to address. Those don't recover at any timeline, with anyone. We don't include them in our delist time averages.
During a pre-sales conversation we share specific case details (with the customer's permission) and walk through the methodology. Customers can ask to see the actual screenshots, configuration changes, and Postmaster Tools history that produced the numbers. We're explicit about which engagements we can share more detail on and which require permissions we can't grant without checking.
The first conversation is on Telegram. Tell us what you send, what you measure, and what's going wrong. We tell you honestly whether we can help and what the engagement would look like.