In the world of sending email and spam filtering, intentions matter far less than behavior. The spammers set the bar. Even if you are sending authenticated, confirmed opt-in (COI) email, if your email program does not at least meet the basics, no spam filter will understand the difference.

Legitimate mailers work hard to build brand reputation based on a real business address, a known domain, and a small, permanent, well-identified range of sending IPs.

What steps to take to ensure you look legitimate

It is critical to follow best practices to distinguish yourself from miscreants who spam. Always keep the following in mind:

  • Authentication:
    • All emails should be correctly authenticated with DKIM & SPF at a minimum.
    • The SPF record should be as narrow and specific as possible. If you designate the entire internet as “permitted sender,” this is not useful and opens the domain to abuse by spammers.
  • Whois: Do not use anonymized or unidentifiable Whois records. Legitimate businesses should have no reason to hide their online identity using WhoisGuard or other such privacy services. Since the advent of GDPR in 2018, many registrars have defaulted to publishing anonymized Whois records, but most will remove it upon request.
  • Limit domain usage. With the increased number of unique domains used to send the same emails, you increase the number of flags raised; use the primary business domain – or a subdomain of it – whenever possible.
  • Use clear and consistent naming schemes in DNS – keep it simple.
  1. The best option is delegating a subdomain of the brand’s primary domain to the email service provider (ESP): e.g.,
  2. The second best would be: “”
  3. Last resort (and to be avoided if at all possible): If this is necessary, it is crucial to use a cousin domain that clearly relates to the primary brand name.

Phishing has made people very wary of look-alikes. Having a clear brand relationship allows receivers to easily distinguish the Email Service Provider (ESP) and customer and reduces the chances of blocks or reputation damage due to unclear identification.

  • Use properly registered domains with working mail AND web addresses. There should be a website for every domain/brand email domain address used, and not having one looks shady. This is something that spammers do all the time. Link and tracking domains should have a redirect to the primary business website.
  • Every domain that sends email should have functional [email protected] & [email protected] addresses.
  • Use contiguous IPs if possible. Use the same network.
    • If not possible, do not use more IPs than needed.
    • Most brands do not need 100s of IPs scattered across multiple networks – this is the definition of snowshoeing [insert a link to snowshoe FAQ].
  • ESPs: Publish an Acceptable Use Policy (AUP)/Terms Of Service (TOS) that is easy to find, read, and enforce.

Now we’ve explained how not to appear like someone who’s sending spam we’ll be looking at what authentication and encryption are necessary to set up for marketing emails.




How does email reputation work?

15 February 2022

Best practice

Whether it’s personal, business, or email, reputation must be earned. Here's a look at why reputation matters when it comes to email and what you need to be doing to improve it.

Address acquisition – know the legalities around personally identifiable information

15 February 2022

Best practice

Here’s a quick review of the legalities involved with collecting Personally Identifiable Information (PII).

Authentication and encryption for email

15 February 2022

Best practice

One of the first steps to ensuring good domain/IP reputation and consequently successful email deliverability is authentication and encryption - it helps receivers "trust" your email. This article provides a clear overview of what's required including SPF, DKIM and DMARC.