So, I just signed up for Twilio Sendgrid for a new product I am working on. Its not going to have a lot of traffic to begin with, so Sendgrids free tier of 100 emails should get me started, or so I thought.
In the middle of the first signup flow, where I was going through the process of confirming my email I started getting error messages of not beeing able to signin, and a minute later I got this in my inbox:
"Hello,
We appreciate your interest in Twilio SendGrid and your efforts in completing our account creation process. After a thorough review, we regret to inform you that we are unable to proceed with activating your account (****) at this time.
Ensuring the security and integrity of our platform is our top priority, and our vetting process is designed to detect potential risks. While we understand the importance of transparency, we are not able to provide the specifics of our vetting process.
We want to emphasize that our decision is based on stringent security measures and our commitment to the safety of all our users.
Thank you for considering Twilio SendGrid.
Sincerely,
Onboarding & Compliance Operations"
I have been in contact with them several times to try to get clarification on the reason behind this, but they will never actually explained why I should not be able to use their service. I just wanted to warn other developers on here about this practice, since an email service can be an important part of a service, a service that Twilio Sendgrid can decide to shut down at any minute without explanation.
I have since started using postmark instead which is working fine for my application.
Like many services, credit cards, banks, etc, I’m sure Twilio use anti-abuse signals in their signup flow.
Things that can affect this:
- whether you’re on a VPN, big one, often results in high risk signal
- email domain and TLD, using an older domain can help, using a disposable address will be very high risk
- selected country not matching IP country
While it is annoying, I think it’s understandable for companies providing shared compute services. A spammer on a free account could easily burn valuable sending IP addresses for example.
To be fair I appreciate your post. I'm recently starting to dive into how to send emails for registration and it turns out sending emails is oddly hard.
It's become hard after so many avenues of abuse. When I started in the web on the late 90s/early 2000s it was surprisingly easy to send emails programatically. Get yourself a SMTP server and fire away, even rolling out your own was totally fine to have your emails reaching users (though configuring postfix/smtpd was a fucking pain in the ass).
Then spammers progressively got frenzier, GMail appeared in 2004 with a good spam filter, spammers tried to beat the spam filters and the arms race brought us to this point where sending emails and having them reach an inbox is a massive headache...
Switched two years ago from Postman to Insomnia. Now Insomnia is also adding lots of logins and paid stuff and I am switching to Bruno. So far it seems great!
Why would twitter go down due to staff layoffs? The stuff I build would keep running for years without my involvement. Do you mean that other systems are hand cranked?
