FireEye mailbox provider

According to Live Direct Marketing's daily Tranco top-1M scan (July 13, 2026), FireEye is the mailbox provider for 312 domains — 0.05% of 658,711 domains with MX records. Detection method: primary MX record (lowest preference).

Key facts

FireEye, now operating under the Trellix brand (owned by Broadcom), provides email security gateways and threat detection solutions that organisations deploy to filter messages, detect threats, and enforce email security policies. Rather than a native mailbox provider, FireEye acts as an intermediary between senders and recipients.

FireEye's presence in primary MX records skews toward mid-market and smaller organisations rather than the largest global brands, with international distribution led by .com domains and a predominantly US-global regional pattern. For email operations teams and senders, this means FireEye gateways are encountered regularly but not as a dominant provider, making them a secondary but material factor in deliverability troubleshooting and bounce investigation.

Where FireEye sits in the Tranco ranking

Tranco rank bandDomainsShare of its base
Top 1,00010.3%
Top 10,00072.2%
Top 100,0006119.6%
Top 1,000,00022471.8%
Unranked196.1%

Top-level domain split

TLDDomainsShare
.com11938.1%
.com.br216.7%
.ca144.5%
.co.jp123.8%
.pl113.5%
.de82.6%
.jp82.6%
.gov72.2%
.br61.9%
.com.ph61.9%

What FireEye users also use

Cross-tabulated from the same daily snapshot — the other email services seen on the same 312 domains.

TypeServiceDomainsShare of FireEye users
ESPFireEye / Trellix11135.6%
ESPAmazon SES309.6%
ESPSalesforce247.7%
ESPSendGrid (Twilio)175.4%
ESPZendesk144.5%
ESPMailgun103.2%
ESPMailchimp82.6%
ESPMandrill72.2%
ESPSparkPost72.2%
ESPHubSpot61.9%

Email authentication and gateway-layer filtering through FireEye

Because FireEye operates as an email security gateway rather than a native mailbox provider, authentication signals (SPF, DKIM, DMARC) and sender reputation are evaluated at the gateway layer before messages reach recipients. Organisations using FireEye often enforce strict authentication requirements or apply content scanning that can introduce delivery delays or rejections; configuration varies significantly by tenant, so senders should monitor bounce patterns and delivery latency when targeting organisations known to use FireEye gateways.

See the full FireEye data page (KPI cards, trend, sample domains) →

Are your emails landing in spam?
Run a free inbox-placement test across Gmail, Outlook, Yahoo and more — see exactly where your mail lands and why.
Test inbox placement →

Frequently asked questions

Should I test deliverability against FireEye gateways?

If your recipient base includes mid-market and smaller organisations—particularly in regulated sectors like finance or healthcare—testing against FireEye is worthwhile to understand gateway filtering behaviour. However, FireEye configuration is tenant-specific, so results won't predict delivery across all FireEye deployments; focus instead on ensuring strong authentication credentials and identifying unexpected delays in delivery paths.

How many domains use FireEye?

312 domains in the Tranco top-1M use FireEye as their mailbox provider as of July 13, 2026 (0.05% of domains with MX records), according to Live Direct Marketing's daily DNS scan.

Is FireEye common enough to affect email deliverability testing?

FireEye accounts for 0.05% of domains with MX records in the top 1M. Whether you should seed a test mailbox there depends on how much of your audience it represents — the co-usage table above shows the services it appears alongside most.

Which countries or TLDs use FireEye most?

FireEye's largest TLD is .com (38.1% of its domains); it appears across 70 TLDs in total.

Other mailbox providers

Self-Hosted (22.44%)Google Workspace (21.79%)Microsoft 365 (16.74%)Unknown / Other (7.54%)Generic / unmatched (mx*.*) (2.57%)Proofpoint (1.90%)Generic / unmatched (mail.*) (1.75%)Yandex 360 (1.64%)Cloudflare Email Routing (1.60%)Mimecast (1.52%)