Engineering Blog

When bypassing traditional SMTP limits, relying strictly on standard API endpoints often leads to aggressive rate-limiting. To solve this, our v2.0 routing engine leverages headless browser automation to simulate legitimate webmail interface sessions.

Initially, we deployed Puppeteer for our Node.js automation nodes. However, as our queues scaled past 1 million daily requests, memory leaks in Chromium instances caused worker node crashes. We recently migrated our core engine to Playwright. Playwright's persistent context management and native support for modifying HTTP headers on the fly allowed us to drastically reduce CPU overhead while easily injecting custom user-agent strings.

By pairing Playwright with our automated OAuth token refresh cycles, we achieved a 99.9% success rate in programmatic routing without triggering security flags.

A crucial component of secure routing is origin obfuscation. If 10,000 API calls originate from a single datacenter IP, connection throttling is imminent. We needed a robust way to ingest, format, and rotate residential proxies dynamically.

We built a dedicated Python microservice to handle proxy rotation. Using lists sourced from pyproxy.io, our Python scripts validate latency and format the IP:PORT:USER:PASS strings into an internal Redis database. The C++ workers then pull these clean proxies instantly before establishing an OAuth connection.

Formatting the raw data correctly was half the battle, but separating the proxy rotation logic into a standalone Python service decoupled our network layer from our core routing engine perfectly.

While our clients interact with NexusSend via our web dashboard or API, our core infrastructure engineers need real-time, low-latency visibility into the C++ worker nodes. Web-based dashboards simply couldn't render the telemetry fast enough without significant lag.

To solve this, we built our internal "NexusControl" application using C++ and the Qt6 framework. Qt6 allowed us to build a lightning-fast, cross-platform GUI that hooks directly into our memory management layer. We use Qt WebSockets to stream live OAuth consent statuses and queue backlogs natively into a highly customized, dark-mode desktop application.

Integrating the Gmail API using restricted scopes requires strict compliance and secure token management. When a user authenticates, our system captures the authorization code and exchanges it for access and refresh tokens via a secure server-to-server POST request.

However, simply routing standard payloads through the API isn't enough for advanced use cases. We developed an EML obfuscation engine that dynamically modifies email subjects and bodies using zero-font techniques and smart spintax before encoding the final raw base64url string. This ensures maximum deliverability and dynamic payload uniqueness across massive broadcast queues.