You’re setting up a company (or a new division or maybe even a new brand) and you’d like to use email to communicate with your customers. In this series of posts I’m going to touch on some of the things you can do today to make email life easier for you in the future, starting with the naming of companies.
1. Like cats, a company needs three different names
A name that’s peculiar, and more dignified
The first name you need is the brand you’re mostly known by to the outside world – paypal.com, aol.com, americangreetings.com. Use this for your website, and for any mail you send to your customers. Never assign email addresses from this domain for any use other than as the From: field for communicating with your customers (including bulk email to them, transactional mail such as order confirmations and frontline customer support).
The name that the family use daily
The second name you need is one for your staff to use for their email addresses – paypal-inc.com, corp.aol.com, ag.com. Use this for all the business mail you send and receive, other than mail to your customers. As well as staff email addresses, use this for role addresses, contact addresses for domain registrations.
There’s still one name left over
The third name you need is one for purely internal email – things like reports from system monitoring software, cron alerts, all the sysadmin-y email that’s sent by machines rather than people. Mail that should never leave your firewall.
The reason for using different domains for email is so that you’ll be able to put different controls on where each email stream is sent from. Domain authentication looks as though it’ll become increasingly important, but it’s likely to remain fairly brittle and inflexible. In order to use things like DMARC effectively for your customer-facing email you’ll need tight controls on where that email is sent from. If you get that tangled up with the business email sent by you and your employees now you’ll need to expend a lot of effort (including changing everyone’s email address) to fix that in the future. Start with the customer facing domain well separated and keep it that way.
Using the separate domains for employee email addresses and internal monitoring addresses addresses isn’t anywhere near as important; you could certainly use a single domain for them both. But keeping them separate will make some things a little simpler in the future – for example, outsourcing corporate email to an external provider.
Should you use an entirely separate domain (like paypal, who use paypal-inc.com for their business email) or a subdomain of your “real” domain (like AOL do with corp.aol.com)? In most technical respects it doesn’t really matter, but using a proliferation of similar second-level domains can add to user confusion and make things like targeted phishing and social engineering attacks much easier – so it’s a better choice to use a subdomain of your main domain for your business email.