Transactional email is the category of message a system sends in response to a user-initiated action: a receipt, a password reset, a magic link, a verification email. The traffic is unpredictable, the latency expectations are low, and a missed delivery is a product failure. This guide covers the definitions that actually matter, the trade-offs across provider categories, and the operational practices that decide whether your transactional stream stays in the inbox.
last updated 2026-05-078 sections
section 01
What counts as transactional
Transactional email is one-to-one and triggered by an action the user took. Receipts, password resets, magic links, account verification, billing changes, security alerts, item-shipped notifications. Marketing email is one-to-many and you-triggered: newsletters, product updates, lifecycle nurture. The line matters because deliverability rules, suppression behavior, and consent requirements differ. Many providers (Postmark, Resend, Loops) separate streams explicitly. Sending broadcast traffic from your transactional sender is the most common cause of deliverability collapse for early-stage products.
section 02
Latency and reliability expectations
A magic-link email that arrives in 90 seconds is a broken auth flow. The de facto bar for transactional email is "in the inbox in under 10 seconds for the median user, under 30 seconds at p95." Postmark publishes median delivery times under 10 seconds; AWS SES is competitive when warm; Resend depends on region. If your latency budget is tighter than 10 seconds, you need a provider with that as a published metric, not a marketing claim.
section 03
API versus SMTP
HTTP APIs return structured errors, support idempotency keys, and play well with serverless runtimes. SMTP is universal and works with anything that can speak it (including ActionMailer, Nodemailer, Django mail, etc.). For new code, prefer the HTTP API. For legacy migrations, SMTP relay is the path of least resistance. AWS SES, Postmark, Mailgun, MailerSend, and SMTP2GO all expose both. Resend and Loops are HTTP-only.
section 04
Idempotency keys
A network retry without idempotency is a duplicate password-reset email. Idempotency keys are a header (typically `Idempotency-Key`) that the server caches and uses to deduplicate retries. Postmark does not offer them. Resend recently added them. Knock and Inbound have them. For high-stakes transactional flows (auth, payments), an idempotency key on the client is the difference between a clean retry and a security incident.
section 05
Suppressions and bounce handling
Every provider maintains a suppression list of addresses that hard-bounced or complained. Most refuse to send to suppressed addresses automatically. Some let you import or export the list, which matters when you switch providers. AWS SES requires you to set up SNS topics and write your own bounce handling; the others handle it transparently. Treat suppressions as authoritative; ignoring complaints is the fastest way to wreck sender reputation.
section 06
Authentication is non-negotiable
Google and Yahoos February 2024 bulk-sender requirements made SPF, DKIM, and DMARC mandatory for any sender pushing more than 5,000 messages a day to either provider. Below that threshold you can technically still send, but expect spam-folder placement. Publish SPF as a DNS TXT record listing the providers servers. Enable DKIM signing in the provider dashboard and add the public key as a TXT record. Publish DMARC at p=none with an rua report address you actually check; tighten to p=quarantine or p=reject after a few weeks of clean reports.
section 07
Choosing a provider
For deliverability-critical transactional only, Postmark and SMTP2GO lead independent inbox-placement tests. For developer experience and modern stacks, Loops (unified) or MailerSend cover the modern API plus visual editor combo, while Resend pairs with React Email at a price that climbs steeply at volume. For lowest unit cost at scale, AWS SES is unbeatable but requires the most setup. For SMTP relay with routing rules, Mailgun is still the default. Cloudflare Email Service, brand-new in April 2026, is interesting but unproven on deliverability.
startup shape
shortlist
why
Auth, billing, and receipts must land reliably
Postmark, SMTP2GO
Strong transactional focus and clearer debugging.
AWS-native system with high volume
AWS SES
Lowest unit cost once sandbox and bounce plumbing are handled.
SaaS wants transactional plus lifecycle in one product
Loops, Customer.io
One contact model across product events and email.
Legacy app needs SMTP relay and routes
Mailgun, SMTP2GO
SMTP support and routing controls reduce migration friction.
React Email stack at modest volume
Resend, Loops
Modern templates and TypeScript-friendly APIs. Watch cost at scale.
section 08
Operational practices
Pre-send: SPF, DKIM, DMARC, suppression import. At send: idempotency keys for auth and payments, retries with exponential backoff, structured logging of message IDs. Post-send: webhook handling for bounces and complaints, suppression sync to your CRM, daily delivery-rate dashboards. The boring stuff is what decides whether your transactional stream stays clean.