Reliable Email: Your Reputation is Everything

If you have followed along on this blog or heard me talk about the risks of using email in your business processes, you are aware that I often strongly advise against relying on email for critical business processes. After over 30 years of building and support email systems and the applications that rely on them, I can tell you emphatically that email is unreliable. If you don’t believe that, ask yourself how many times you have said or heard these words, “Didn’t you get my email?” If email was reliable, the answer would be “very few” or “never”.

Why do most business rely so heavily on email?

The primary reason most businesses rely on email is because it’s familiar, prolific, and cheap to implement. Notice I said “cheap to implement”. I can tell you that at CMHWorks, a large part of our support work is focused on fixing issues with email delivery for both users and applications. And most often in these cases, there is a better way to deliver the information. The decision to use email is usually made by someone that hasn’t the foggiest notion what it takes to configure and support a reliable email service on today’s internet. It’s the old adage, “Good, Fast, Cheap. Pick one”. And they picked cheap.

There is also the reality for many small businesses that there is simply no other place to manage the information. Most start-ups and very small businesses begin with a website and email, and very little else. Collecting contact requests (a.k.a. Contact Us Forms) is a basic function of collecting information in email, and using the inbox as the repository for all things.

What happened to good ole’ email?

15-20 years ago, email used to be cheap to use and easy to self-support. Today, due to increasing cybersecurity risks, those days are long gone if you desire a reliable email service for your users and applications. To combat the increasing risks, email service providers have made securing email more and more complex. Which is why having reliable email is so elusive for the average business owner because we are applying old paradigms in a new world.

Yeah, but how can we make our email more reliable?

Let’s assume your business is in the most unfortunate position where it absolutely must rely on email to run day-to-day. In order to tackle the reliability question, let’s first define the objective and what we mean by “reliable”. In simple terms reliability is the measure of the desired result – that emails sent from our business are delivered to the inbox (not spam or junk folders) of our desired recipients every time (even ourselves). Any result short of this is a risk to our business if we rely on email.

It’s also important to understand that you can only affect the reliability of emails sent by your business. If you are reliant on emails sent from other businesses or customers, the reliability of the emails sent to you are dependent on how the sending company’s email is set up, thereby entirely out of your control.

In order the take control and make your email delivery more reliable, it fundamentally boils down to your email Domain Reputation, a.k.a. Sender Reputation. Your email Sender Reputation is a measure service providers use to determine the trustworthiness of email sent from your branded business email domain. Your email domain is everything to the right of the “@” in the email address of the sender.

In short, the key to reliability for business email is to effectively manage your Domain/Sender Reputation. So the challenge, if you choses to accept it, is to configure your email services to ensure the best domain reputation possible. The remainder of this article will outline what is required to make it a reality.

The TL;DR; How can we ensure our Domain Reputation is good?

If you insist. Mind you, there are much more efficient solutions deliver transaction data that using email to do it. But, if you are a die-hard email fan, here we go.

The guidance in how to ensure the reliability of your email services is a complex subject, especially if you are not a technical professional. But there are some guidelines you should understand whether you are doing it yourself, or enlisting a tech professional to do it for you. The implementation of these guidelines are the basis of delivering highly reliable email:

1. Understand the sources and purpose of emails sent from your domain. The following are the most common uses of email. Most all email your business will ever send likely falls into one these use cases:
   • Traditional User Email – User to User email which are the most common and susceptible to exposure to hacking if not secured.
   • Transactional Email – Application to User or Application to Application which pose the highest risk to your business operations if they are not delivered reliably.
   • Marketing Email – Marketing service emails like newsletters, social links, etc. which are the the most likely cause in the degradation of your Domain Reputation if not managed correctly as badly formatted marketing email is the definition of “spam”.
2. Separate your email services by your use cases. The primary approach that can help you improve your Domain reputation is to separate your email service into subdomains and services which effectively creates individual reputations for each use case. This approach essentially insulates the reliability of the critical emails like user to user and transaction emails from marketing emails which are the most susceptible to have a bad reputation by their very nature. Using the use cases above, the approach below could look something like this:
   • Primary email domain – yourcompany.com
     • existing/default email domain for your company
     • existing email domain used for user to user email only user@yourcompany.com
   • Transactional email domain – notifications.yourcompany.com
     • new email service used for application transaction emails only
     • new email subdomain used for sending transactional or application email
   • Marketing email domain – deals.yourcompany.com
     • new email service used for marketing emails only
     • new email subdomain used for sending campaign related and marketing email
3. Implement Email Security on all email services. This cannot be overstated as you domain reputation is most negatively affected when your email services are compromised. The more critical the email service is to your business operations, the more important the security on the sending accounts (users) is.
   • Email Domains and Service Security – applies to all email services and domains to implement
     • never allow anonymous use of your email servers
     • Implement best practices including SPIF, DKIM, DMARC to prevent spoofing
   • User Accounts –
     • implement strong passwords, MFA, etc.
     • provide ongoing End User Training to mitigate risks of user accounts being compromised.
   • Application Accounts – used for both Transactional and Marketing email senders:
     • implement strong passwords or keys
     • automate password resets or key rotation regularly.
4. Monitor Your Domain Reputations. You can’t improve what you don’t measure. So after all the preceding work, you will want to monitor the impact on your domain reputations.

Summary

The above guidelines merely layout the approach to ensuring reliable email deliverable. The expertise and tools required to do it effectively are an entirely different matter. But at least now you know what you are getting into. Of course, CMHWorks provides Email Security and Solution Design Services to help your company achieve it’s operating nirvana. See our Technology Assessments to learn more about how we can help.

Additional Information

• Email Domain Reputation: All You Need to Know [2024]
• What is Domain Email Reputation? Steps to Check & Improve
• How to Check and Manage Your Email Domain Reputation – Growth List
• How to improve domain reputation for better email deliverability