ITPC – Email

To ensure that mail delivered from campus is timely, reliable, and not erroneously classified as spam, the sender must adhere to the specifics in these resources: 

This especially true for mail handled by third-party vendors.

Mail Volume

The mail delivery method will be determined largely by the anticipated mail volume. 

Mail volume (emails per day) Delivery method
< 2,000 or < 2,000 unique recipients

Google-enforced limit from a single account.
or the gmail web interface
> 2,000 but < 10,000 (required)
> 10,000 Third-party mailing service 

  • SendGrid (fee-based) for transactional mailings
  • Bronto (fee-based) for marketing emails.
    Recommended by OIT

Preserving NC State’s reputation as a trusted sender

Mail sent from an address will be trusted if the sending application can support authenticated SMTP. That is, the application can accept a username and app-specific password in its SMTP configuration.

If you send mail on behalf of NC State without authenticated SMTP (such as using a third-party vendor instead of Google’s or, then you may need additional configuration, which usually involves: 

  • Placing a vendor-provided DKIM record in the DNS records for the zone. 
  • Ensuring that the DKIM record is specific to NC State, not shared among all of the vendor’s customers.

Only specific trusted senders can be Included in the SPF record, so we will seldom add a third-party mail vendor to it. This helps preserve NC State’s reputation with mail handlers such as Google and Microsoft and ensures high deliverability for users in our domain.

Avoiding spam classification and spoofing

Google spam filters are a particular challenge. Google will never reveal exactly why mail is flagged as spam, but they do publish guidance, as noted in the links above.

Sending address

An email’s sending address is just as important as its content. 

DO NOT send from an address unless:

  • You can perform authenticated SMTP and 
  • You have an NC State-specific DKIM record in place at the zone. 

If you lack those items, then your email will contain a yellow banner warning users against trusting you. 

Sending account name

  • Even when you send through authenticated SMTP, make sure the name attached to your email matches the sending account
  • If you use an application-specific name, it MUST NOT match any account.
    For example “Chancellor Randy Woodson <>” would be marked as phishing.

Spam marking by users

Google places a great deal of trust in its users. When a user marks an email as spam, Google is notified. In certain cases, such marking will result in late-spam classification of large amounts of email already in users’ inboxes. 

If an email you send is being marked as spam, ask your recipients to deliberately mark it as “not spam.” This helps build trust with Google and prevents future email you send from receiving the same poor marks. 

NC State OIT works hard to train users to appropriately mark email as spam or phishing, and it trusts when users decide to do so.

Consider email frequency

Be respectful of your recipients by considering how frequently you email them. If you aren’t giving them a way to opt out of receiving your email, it’s even more important to refrain from repeatedly sending.