What are inbound vs outbound filters in ESPs?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
You hit send. Your ESP receives the message and starts processing it. But here's something most senders don't realize: your email passes through your ESP's own filters before it ever reaches a recipient's mail server. Those are outbound filters, and they're not the same as anything you configure inside your account.
There are two directions at play here, and they serve completely different purposes.
Outbound filters are what most senders bump into. These run on every email leaving the ESP's infrastructure, and you don't control them. Your ESP is protecting its own sending reputation by making sure nothing harmful or abusive goes out under its roof. Think of it as the ESP being accountable for every message it relays.
What outbound filters check for:
- Content patterns that look like spam, phishing, or malware (certain link structures, attachment types, aggressive sales language at scale)
- Send rate anomalies that suggest an account has been compromised or is blasting unsolicited mail
- Sender reputation signals that are trending in the wrong direction
- Policy violations like prohibited content categories or banned file types in attachments
If your email trips one of these filters, it can be delayed, quarantined, or blocked entirely, before it ever touches a recipient inbox. Repeated triggers can lead to account-level action. That's not a mailbox provider decision. That's your ESP making a call about what leaves its network.
Here's the part that's actually useful to know: outbound filters protect you too. If your account gets compromised and someone starts blasting phishing emails through it, the ESP's outbound filtering can catch that before it destroys your sender reputation. (Of course, you'd rather it never happened in the first place.)
Inbound filters are a different beast. These protect the ESP's own systems from threats coming in from the outside. Most senders never think about this side, and honestly, you don't need to manage it. But it helps to know it exists.
What inbound filters protect:
- Reply handling addresses and feedback loop endpoints that process complaint data
- APIs and administrative interfaces that could be targeted by bad actors
- Webhooks and integrations that accept incoming data
- ESP infrastructure against direct attacks or abuse attempts
So to put it plainly: outbound filters are about what goes out, inbound filters are about what comes in. As a sender, outbound is the one you'll actually interact with (even if you never see it directly). Understanding it helps explain why certain content patterns or send behaviors cause problems even when your authentication is clean and your list is healthy.
If you're troubleshooting a message that got delayed or blocked at the ESP level before delivery, our Email Header Analyzer can help you read exactly where in the chain things stopped. Or if something feels urgent, the SOS hotline is free.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.