Documentation

Everything you need to run email on MailDog

A complete guide to MailDog — from adding your first sending domain to receiving inbound mail via webhooks. Skim it front to back, or jump straight to the part you need.

Introduction

MailDog is a complete email platform for developers and product teams. It replaces the tangle of services most apps need for email — a transactional SMTP relay, an inbound webhook router, an isolated sandbox for testing, and a hosted webmail UI — with a single dashboard you control.

MailDog handles the infrastructure concerns that usually eat a week of engineering time: DKIM key generation and rotation, SPF/DMARC alignment, reverse DNS, bounce handling, and delivery reporting. You bring a domain, paste a handful of DNS records, and start sending in minutes.

New here? Jump to the Quickstart — you'll have your first authenticated email delivered in about five minutes.

Services

Every MailDog account includes the following services at no extra cost. Use as many or as few as you need.

Outbound SMTP

Send transactional and marketing email from your own domain. Full SPF/DKIM/DMARC signing, per-domain keys, delivery stats, bounce tracking.

Inbound Routing

Receive email at any address on your domain and forward the parsed message — headers, body, attachments — to your webhook as JSON.

Sandbox Testing

Isolated SMTP inboxes for development and staging. Point your app at a sandbox and inspect every message that gets sent — without it ever leaving MailDog.

Hosted Webmail

Full IMAP/SMTP mailboxes with a built-in web client. Create mailboxes for employees or customers under your own domain, no third-party provider required.

SMTP Tester

Interactive SMTP session tool for debugging connectivity, authentication, and TLS issues against any SMTP server (not just MailDog).

DNS & Security

Automatic DKIM keypair generation, CNAME-based verification (SES-style), rotation-ready per-domain selectors, and live DNS status checks.

Quickstart

Get from zero to your first authenticated email delivery in five minutes. This assumes you own a domain and have access to its DNS.

  1. 1

    Sign in and add a domain

    Go to Panel → Domains → Add Domain, enter the domain you want to send from (e.g. yourco.com). MailDog auto-generates a unique DKIM keypair for your domain.

  2. 2

    Add the 4 DNS records

    The popup shows exactly what to paste into your DNS provider (Cloudflare, Route53, Namecheap, etc.). You'll add one MX, one SPF (TXT), one DKIM (CNAME), and one DMARC (TXT). The DKIM is a CNAME pointing to a record MailDog publishes and owns — so we can rotate your keys without you touching DNS again.

  3. 3

    Verify the records

    Click the green Verify DNS button on your domain row. All four indicators should turn green within a couple of minutes. If something stays red, hover it for the exact query that failed.

  4. 4

    Create an SMTP account

    Panel → Mailboxes → Add Mailbox. Pick an address like noreply@yourco.com and a password. These are the credentials your app will use to authenticate.

  5. 5

    Send your first email

    Plug the credentials into your application, or use the built-in SMTP Tester to verify delivery without writing any code.

Outbound SMTP

Once your domain is verified, authenticate against mail.maildog.io with your SMTP account credentials. MailDog supports all the standard submission ports:

PortEncryptionWhen to use
587STARTTLSRecommended. Works everywhere, widely supported.
465SSL/TLS (implicit)If your client only speaks implicit TLS (legacy apps).
2525STARTTLS or plainFallback when your host blocks outbound 25/587.

Example: Node.js (nodemailer)

javascript
import nodemailer from "nodemailer";

const transporter = nodemailer.createTransport({
  host: "mail.maildog.io",
  port: 587,
  secure: false,          // STARTTLS upgrades the connection
  auth: {
    user: "noreply@yourco.com",
    pass: "your-smtp-password",
  },
});

await transporter.sendMail({
  from: '"Your Co" <noreply@yourco.com>',
  to: "customer@example.com",
  subject: "Welcome!",
  text: "Thanks for signing up.",
  html: "<p>Thanks for signing up.</p>",
});

Example: Python

python
import smtplib
from email.message import EmailMessage

msg = EmailMessage()
msg["Subject"] = "Welcome!"
msg["From"] = "Your Co <noreply@yourco.com>"
msg["To"] = "customer@example.com"
msg.set_content("Thanks for signing up.")

with smtplib.SMTP("mail.maildog.io", 587) as s:
    s.starttls()
    s.login("noreply@yourco.com", "your-smtp-password")
    s.send_message(msg)

Example: curl

bash
curl --url "smtp://mail.maildog.io:587" --ssl-reqd \
  --mail-from "noreply@yourco.com" \
  --mail-rcpt "customer@example.com" \
  --user "noreply@yourco.com:your-smtp-password" \
  --upload-file - <<EOF
From: Your Co <noreply@yourco.com>
To: customer@example.com
Subject: Welcome!

Thanks for signing up.
EOF

Reputation matters. Brand-new IPs and domains get Gmail-filtered to Spam for the first ~50 messages regardless of auth. Warm up slowly: 10–20 sends/day, to recipients who open and reply, for the first 3–5 days. Don't bulk-blast from day one.

Inbound Routing

Receive mail at any address on your domain and have it delivered to your server as a structured webhook. Perfect for reply-tracking, customer-support ingestion, and automated workflows.

How it works

  1. Point your domain's MX record to mail.maildog.io (already done if you followed the Quickstart).
  2. Create an inbound address in Panel → Inbound → Email Addresses and set its Webhook URL.
  3. Optionally, bind a whole custom domain to the address so any localpart (support@,bong@, feedback@) routes to the same webhook.
  4. When an email arrives, MailDog parses the headers and body, uploads large attachments to storage, and POSTs a JSON payload to your webhook.

Webhook payload

json
{
  "id": 12345,
  "sender": "customer@example.com",
  "recipient": "support@yourco.com",
  "subject": "Issue with invoice",
  "message_id": "<abc123@example.com>",
  "headers": {
    "From": "Customer <customer@example.com>",
    "To": "support@yourco.com",
    "Subject": "Issue with invoice",
    "Date": "Wed, 15 Apr 2026 09:00:00 +0000",
    "_envelope": {
      "helo_domain": "mail.example.com",
      "remote_ip": "203.0.113.45",
      "tls": true
    }
  },
  "plain_body": "Hi team, my invoice shows the wrong amount...",
  "html_body": "<p>Hi team, my invoice shows the wrong amount...</p>",
  "attachments": [
    {
      "filename": "invoice.pdf",
      "content_type": "application/pdf",
      "size": 48392,
      "url": "https://maildog-attachments.s3.amazonaws.com/..."
    }
  ]
}

Retries and replay

MailDog retries failed webhook deliveries with exponential backoff for up to 24 hours. Every message is stored in your inbound log so you can replay failed deliveries manually from the panel at any time.

Sandbox Testing

Sandbox inboxes are isolated SMTP endpoints for development. Point your app at a sandbox and every message is captured but never delivered to the outside world — perfect for CI, staging, and local dev.

What you get

  • • Unique SMTP credentials per sandbox
  • • Full MIME parsing (HTML, plain, attachments)
  • • Per-message inspection in the panel
  • • No outbound delivery — safe by default

Connection

  • • Host: mail.maildog.io
  • • Port: 2525 (STARTTLS) or 587
  • • Username/password: shown on the sandbox page
  • • Send to any address — all captured

Create a sandbox

Go to Panel → SMTP Sandboxes → New, give it a name, and you're done. Credentials are generated for you.

Hosted Webmail

Create full IMAP mailboxes for your domain and access them through a built-in web client. Good for team inboxes (support@, sales@) without paying Google Workspace per seat.

Mailboxes live at Panel → Webmail. Each account supports IMAP, POP3, and SMTP on the same credentials, so you can also plug them into native clients like Apple Mail, Outlook, or Thunderbird.

SMTP Tester

The built-in SMTP Tester is a diagnostic tool for debugging any SMTP server — MailDog or otherwise. It shows the full SMTP conversation in a live terminal: banner, EHLO capabilities, STARTTLS handshake, AUTH, MAIL FROM, RCPT TO, DATA, and the final queued response.

Use it when your application's email sends are failing and you need to know which step is broken — connectivity, TLS, auth, sender policy, or relay restrictions.

DNS & Security

Every domain you add to MailDog gets the same email-authentication stack the big senders use:

SPF — Sender Policy Framework

Tells receivers which servers are allowed to send mail for your domain. We give you a include:spf.maildog.io so you never have to edit your SPF record when our sending IPs change.

DKIM — Cryptographic signing

A unique 2048-bit RSA keypair per domain, with a deterministic per-domain selector. You add one short CNAME pointing at a record we own and publish — the real DKIM TXT lives on our side, so key rotation never requires a DNS change from you.

DMARC — Policy & reporting

Published automatically at _dmarc.yourdomain with a p=none monitoring policy by default. Graduate to p=quarantine or p=reject once your sending is stable.

Reverse DNS (PTR) & FCrDNS

Our sending IPs have matching forward and reverse DNS (mail.maildog.io), which major receivers require for inbox placement.

API Reference

Everything you can do in the panel is also available via the REST API. Authenticate with your API token in the Authorization header.

bash
curl https://api.maildog.io/v1/domains \
  -H "Authorization: Bearer YOUR_API_TOKEN"

Common endpoints

MethodEndpointDescription
GET/v1/domainsList all domains
POST/v1/domainsAdd a new domain
GET/v1/smtp-accountsList SMTP accounts
POST/v1/smtp-accountsCreate a new SMTP account
GET/v1/inbound/addressesList inbound addresses
GET/v1/messagesList sent messages (with filters)

Full API reference with schemas and examples is available on request — get in touch.

FAQ

Why is my first email landing in Spam even with SPF/DKIM/DMARC passing?

Sender reputation. New IPs and domains have none, so receivers filter them aggressively for the first 50–200 messages. Warm up slowly — send to recipients who open and reply, avoid bulk blasts, and graduate volume over 1–2 weeks.

Do I need to rotate DKIM keys myself?

No. Because we use CNAME-based DKIM, the real key lives on MailDog's DNS zone. We rotate keys on our side and your CNAME keeps pointing at the right thing — zero DNS changes on your end.

Can I use MailDog for receiving mail only?

Yes. Skip the SPF/DKIM/DMARC step and just point your MX to mail.maildog.io. Inbound routing, webhooks, and webmail all work without outbound configuration.

Is there a way to test sends without actually delivering?

Yes — use a Sandbox inbox. Every message sent to sandbox credentials is captured and visible in the panel but never leaves MailDog.

What happens if my webhook is down?

MailDog retries with exponential backoff for up to 24 hours and stores the message in your inbound log. You can replay failed deliveries from the panel at any time.

Something missing from the docs?

We're happy to help. Open a support ticket and we'll walk you through it.

Contact Support