Email Infrastructure for Sales Teams

The Only End-To-End Email Infrastructure Guide You Need

Dec 14, 2024

Automation

Calculating...
Jonty Knox's headshot

Jonty Knox

A book cover in green and gold showing a mapped path to an X entitled Email Infrastructure for Sales Teams
A book cover in green and gold showing a mapped path to an X entitled Email Infrastructure for Sales Teams
A book cover in green and gold showing a mapped path to an X entitled Email Infrastructure for Sales Teams

Introduction

Cold email is one of the most black box forms of marketing there is, considering you are choosing the delivery mechanism and owning the outreach. Today you know more about who is on your website than you do about who is even opening your emails.

For that reason, every optimization has to be taken to make sure that even if you can't observe the other side of the email, you know that you have the highest possible chances of landing in the inbox, getting read, and ultimately getting that meeting booked in.

I have compiled down every important part of cold email delivery into individual steps that you can tackle one-by-one, all at once, or just outsource it to the professionals because you have better things to be doing with your time.

To cut to the chase, the components of cold email you need to know back to front are:

  1. Primary Domain Reputation

  2. Email Volume Limits

  3. MX Records

  4. SPF & DKIM

  5. DMARC

  6. Google vs Microsoft vs Other Email Providers

  7. Email Warming

  8. Email Validation & Verification

  9. Email Content

  10. Avoiding Automated Spam Detection

  11. Replies Are King

  12. Open and Click Tracking

  13. Spam Reports & Unsubscribes

  14. Secure Email Gateways (SEG) a.ka. Email Firewalls

  15. Avoiding burning domains

This guide will cover the technical setup details to optimizing deliverability and measuring performance. We'll cover every aspect of how to build a cold outreach engine that is measurable and monitored. By following these best practices, marketers and sales professionals can maximize their email outreach efforts, boost engagement rates, and ultimately drive more conversions.

My Background

But wait, I hear you asking who am I and why do I think I'm an authority on cold email?

Well hi there, I'm Matt Brown and I've spent the past 16 years building and scaling B2B SaaS companies, with one $519m exit (Voxbone), one pre-IPO (Prove), and one implosion (Tengo).

All three businesses taught me the same brutal lesson: nailing your Go-To-Market strategy isn't just the hardest part of the journey—it's the difference between a $500M exit and losing everything.

One of the reasons it's so hard is that both your business and the market are constantly changing. What worked in my first business 16 years ago doesn't cut it today. What works at scale is the exact opposite of what you should do when you're first starting out. And even more frustrating, once you've found success at one company, it rarely carries over to the next. There simply are no shortcuts to sustainable growth.

Cold Email has been one of those exceptions. I have found consistent performance so long as I have a combination of the right person, the right problem and the right offer in my outreach.

So let's get started…

Why Cold Email Outreach?

If you are just wanting to get started, skip this section. If you are still on the fence about spinning up cold email infrastructure, this section is for you.

Cold outreach is the last underpriced attention channel in B2B

The SaaS business model is unique in that you must spend money upfront to build a product and acquire customers, and then recoup that investment over the lifetime of the customer. This is why investors focus heavily on Customer Acquisition Costs (CAC) and how long it takes to pay them back. The longer it takes for a customer to payback their CAC, the greater the risk of implosion.

This was the primary takeaway when my first company, Tengo, blew up. We sold software to businesses in emerging markets that enabled people without traditional access to financial services to do things like pay their bills, receive money from family, or get their first bank account. It was a huge problem with strong demand, but it took a lot of time and effort to educate businesses on the benefits of offering alternative financial services to the most underserved populations. This meant the cost to acquire our customers was extremely high.

That wouldn't have been so bad if the revenue generated by these customers quickly paid back the upfront investment. But that wasn't the case. We built a model that allowed us to take a percentage of every transaction we processed. At scale this would have been fantastic, but starting out, transaction volume was low. It took time for our users, the unbanked populations of Mexico and Colombia, to learn they could transact at our partner locations. And when they did, their transaction value was often so low we didn't net much. As a result, it would have taken almost 4 years for us to recoup our CAC.

What happens when you scale this model? Yup, you die. Quickly.

But what if I could have reduced my CAC by 90%? What if, for the cost of an email address and a good outbound tool, I could figure out who is in market and ready to buy? What if I knew exactly which accounts I should be spending money on today, and which I should be nurturing for tomorrow?

Now that's a different story with a very different outcome.

Cold outreach is the last underpriced channel in B2B. It's underpriced because of the direct feedback and information it gives you. A good outreach strategy tells you:

  • If you have problem-market fit

  • Who has the problem you are attacking

  • Who inside the company cares most about solving the problem

  • Who is ready to consider potential solutions

  • Who is in market and ready to select a vendor

…and most importantly, who is worth spending money on TODAY because they're a great fit for your solution and are ready, willing, and able to buy.

Cold Outreach is the highest ROI channel

Your first 100 customers comes through targeted cold emails and warm intros.

The next 1,000 come from their referrals.

The power of cold outreach lies in its ability to:

  1. Reach a highly targeted audience with personalized messages

  2. Scale efforts efficiently, allowing for contact with a large number of prospects

  3. Provide measurable results and actionable insights

  4. Establish initial contact that can lead to meaningful business relationships

  5. Complement other marketing strategies for a well-rounded approach

However, the effectiveness of cold outreach hinges on the quality of your infrastructure and strategy. Without a solid foundation, your efforts may fall flat, leading to poor engagement rates, damaged sender reputation, and potential legal issues. This is why it's crucial to invest time and resources into setting up a robust infrastructure for your cold outbound emailing campaigns.

In the following sections, we'll delve into the key components of this infrastructure, providing you with the knowledge and tools needed to launch successful cold email campaigns that resonate with your target audience and drive tangible business results.

Cold Email: The How-To Starts Here

1. Primary Domain Reputation

Never use primary domains, register secondary domains now

1st rule of fight club: Don't use your primary domain to send marketing or cold emails

2nd rule of fight club: Don't use your primary domain to send marketing or cold emails

Don't get caught out in the trap of sending cold emails from your primary domain. All it takes is a single spam report to start the chain reaction of all your customer, supplier and partner emails to end up in spam. This problem isn't easily or quickly rectifiable in some cases, and you end up having to use costly services like ​InboxBooster​ to fix this time-wasting issue.

I recommend starting with 5-10 domains at a minimum, the reasons for which will become clear in the next steps!

Can I use domains other than .com?

No, deliverability has consistently been measured to be highest when using .com domains.

The domain name matters less than you would think. Use your brandname with a postfixed or suffixed word like getbrand.com or trybrand.com. Note that you shouldn't use numbers or dashes. Avoid resellers and cheaper registrars here, it doesn't cost much to use a leading brand and will save you headaches down the road.

If you want to see what is available, part of CustomerOS's MailStack checkout flow can generate domain names for you.

Can I use subdomains/aliases to send marketing or transactional emails?

Yes, you can use subdomains like newsletter.mydomain.com​ or mail.mydomain.com​ to send opt-in emails (like marketing newsletters or product updates) or transactional emails (like sign-in links or password resets) without doing damage to your main domain.

However, as emails you send are being treated like spam emails by email providers and firewalls when they are reported, I highly recommend not creating obvious links between your outbound email domains and your main day-to-day primary domain.

It's ~$10 a year to avoid this by using a different domain (+ mail account subscription). Don't do it just because it's easy to set up in Gmail.

2. Email Sending Volume

40/day/mailbox maximum + 2 mailboxes/domain (Nov 2024)

General consensus of the maximum number of emails you should send per email inbox is 40 per day. Others will claim more or less than this, but beyond here you are going beyond what an average person would send in a day.

The number of mailboxes per domain is also debatable, however you should aim to have <80 emails per day per domain, otherwise you will become suspicious quickly.

For these reasons I recommend 40 emails/day/mailbox with 2 mailboxes per domain.

What's stopping me from setting up 100 mailboxes per domain?

Nothing is stopping you! ​Some services​ offer 100 inboxes per domain because they claim that spreading bounces across accounts prevent Gmail and Outlook based inboxes from blocking domains. There is a limit of 2-3 bounces per day before a user gets throttled by these services.

I don't recommend this practice as it is designed for users who expect high bounce rates (maybe they use dodgy email lists, don't clean their data, prioritize quantity over quality emails, etc.).

If you want cold outreach to work for you, you need to be optimizing for replies, which includes only sending outreach to those who you know you can help.

3. MX Records

Always have MX records configured for outbound domains

MX records are used to tell an email server where to send an email to.

For example, if you use Google Workspace your MX records would point to a number of Google Mail Servers that email should be delivered to.

If these records don't exist against your domain, it's a red flag for email providers and firewalls that this domain is only used for outbound and is much more likely to be marked as spam.

Some services don't have an inbox related to their outbound addresses, and instead ask you for a forwarding address so they can pass a Reply-To header in the emails they send rather than having to set up and manage an inbox on your behalf for every email you send. Don't do this, as it creates 2 problems:

You aren't optimising for replies to your outbound mailboxes which will hurt your sender reputation (more to come in 11. Replies are King)

You won't have MX records set and this can be used to identify spammers easily

Always set your MX records, and don't use a Reply-To headers.

4. SPF & DKIM

Prevents fraudulent use of your sending domains

DKIM & SPF are some of the first things you should set in your DNS when registering a new email domain. These values are used to identify whether or not an email has originated from an approved origin IP (SPF) or if someone has sent it without cryptographically confirming it was them that sent it (DKIM).

Again, similarly to MX records if these are not set, it looks very obvious to most email providers and firewalls that if these are not set correctly, the sender does not really care if they are impersonated - a big red flag. Thus if an email is sent with these records not matching, they will immediately be rejected or marked as spam, and your sender reputation will take a hit.

To set these, use your mail providers generic settings for SPF and then generate a unique DKIM value using their platform. Once set, use a tester like ​this one​ to confirm that they are correct.

A typical SPF record looks like this:

v=spf1 include:mailserver.com -all

v=spf1 indicates it is an SPF record

include:mailserver.com lets the receiver know that any IP address behind this domain's SPF records is allowed to send emails

-all indicates that any email that is not sent from the above related IP addresses should be treated as fraudulent (rather than ~all or +all which indicate should be treated as spam, or in even rarer cases should be accepted)

A typical DKIM record looks like this:

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCg KCAQEAq3i6b1g+FLkWNOHgaY52RZBcF5CCJzPVk8Ex51c1JtBpnQce whEcBDgCdlwMjJgkAfllj/Zt58ShMEPQPU1XAmT1wg9ujIynGeQdaV aQ63etDfMiOa0wsI/eEZFKp2Owxx97TnUqz4eXlr02RNewjDOzxLjh huVB7t4/oyrBlmQ2FFbfV7trUxqovWwc09nYOoitM3h6cExf51kOvW kSc7f4zjD/IuNm/YJJrFVA4nKdBAIdWLRA6dieykY+n+zXpIdyxZ2Y G/exG0KiGanrSRHN9leqkhC8O4bz+WI5SFk1WFDiKeNuAw3DksmcpX UiF5PvIeUdBInzNa1inBctswIDAQAB

Don't be scared! This is a public key that is used in conjunction with your sent email to cryptographically prove that the sender of the email is also the owner of the domain.

Use the generated value, and double check using a DKIM tester to make sure you're good to go.

5. DMARC

DMARC instructs email servers how to handle DKIM/SPF failures

DMARC is the set of instructions that informs email servers how to handle failures of DKIM signings and SPF IP correlations. Ultimately for outreach email domains, it doesn't matter what this is set to, just that it exists and makes sense.

If you are a user of CustomerOS - we use these reports to handle issues with your domain settings and emails proactively.

A typical DMARC record looks like this:

v=DMARC1; p=reject; rua=mailto:dmarc.monitor@mailserver.com;ruf=mailto:dmarc.monitor@mailserver.com; fo=1; sp=quarantine;

v=DMARC1 tells us it's a DMARC record.

p=reject tells the mail server to reject any emails that fail DKIM or SPF. Other values could be `none` which tells the server to ignore if it fails and accept the email or `quarantine` which tells the server to mark it as spam or similar actions.

rua=mailto:dmarc.monitor@mailserver.com tells the mail server to send reports to the specified email address when an email is sent that fails DKIM or SPF. This allows the mail server admin to monitor failures of the address.

ruf=mailto:dmarc.monitor@mailserver.com provides a redacted copy of the email as well as the RUA report - typically this is not used as these reports could contain private details that could potentially have legal ramifications.

fo=1 indicates that a report should be generated when a failure of either DKIM or SPF has happened (not default, but recommended).

sp=quarantine tells the mail server how to handle failures of subdomains. Typically this would be set to reject if you send no emails from subdomains, or none if you do (this setting has the same options as `p`).

6. Google vs Microsoft vs Other Email Providers

Use whatever works best for you

No honestly that's about it. Email fundamentally doesn't just magically have higher deliverability when done correctly - you don't see IBM's emails bouncing just because they run their own mail infrastructure rather than sending from Outlook or Gmail.

Prepare your email infrastructure for the long run, don't burn domains, deliver value with every email you send and you won't have deliverability issues, ever.

How to pick which platform?

Choosing the right email platform and service provider is a critical first step in building your cold outbound emailing infrastructure. The platform you select will serve as the foundation for your entire operation, influencing everything from email deliverability to campaign management and analytics.

When evaluating email platforms and service providers, consider the following key factors:

Deliverability Rates

Look for providers with high deliverability rates. This ensures your emails have the best chance of reaching your recipients' inboxes.

Scalability

Choose a platform that can grow with your business, handling increasing email volumes without compromising performance or requiring frequent migrations.

Underlying Platform

Platforms are either built on Google Workspace or Outlook accounts, or run on bespoke email servers.

Analytics and Reporting

Comprehensive analytics tools are essential for tracking campaign performance, identifying areas for improvement, and demonstrating ROI.

In the short-term you can potentially increase your chances for a couple of weeks at a higher cost while you continue to improve your sender reputation. There have been anecdotal reports of sending Gmail <> Gmail and Outlook <> Outlook increases deliverability. And in the early stages of domain warming, it makes sense that they would not block services run on their own platform for new paying users. However over time, if you have misconfigurations, send higher volumes or adopt spam-like practices, it's likely your deliverability will still suffer irrespective of which platform you are running.

At the end of the day, if you adopt good emailing practices, your deliverability will tend towards 100%. You may just bypass some issues with deliverability early on utilising the above trick.

Is it important to use my own IPs?

No, as email comes from all kinds of above-board servers and services. What you want to avoid is sharing IPs with known spammers who will ruin your sender reputation.

Services like Sendgrid, Mailgun, Postmark and AWS SES are all used for marketing emails and notifications/application transactional emails. Because deliverability of these services has to remain high for them to function, they use a set of IPs that are shared and known, but in exchange for not getting blocked by email providers and firewalls, they aggressively crack down on anyone seen to be using their IPs for spam.

This means any high unsubscribes will almost immediately get you blocked from using these platforms.

Dedicated IPs

Many services advertise using 'dedicated' IP addresses. This in itself is great as it automatically solves the above problem of using the same IPs as spammers. I recommend using services that offer this if you have the choice.

Non-US IPs

If you use a service like Gmail or Outlook you don't need to worry about dedicated IPs. However you should check which country your Gmail/Outlook servers are in, there have been correlations between non-US IPs and decreased deliverability. Usually these non-US IPs are only with cheaper/less legitimate services so you shouldn't come across them.

7. Email Warming

Warming services are anti-patterns

While warming services seem like a good idea at first sight - set and forget sending automated emails that look like regular users that get replies and are moved from folders/spam into the inbox automatically to increase sender representation - they can cause long-term damage to your deliverability.

At CustomerOS we started with warming - and found out the hard way some of the gotchas.

  1. Sharing with Spammers

You will share the warming pools with spammers. This is unavoidable. You will have a paper trail of interacting with spammers domains that could be used to blacklist your domain.

  1. You Can't Leave

There is nothing to stop the warmers from consistently sending your accounts emails. While you can remove credentials to their automations, they will keep sending emails unsolicited forever.

  1. Balancing Warming and Outreach is Hard

As you want to ramp up your campaigns and slow down warming, you will find your traffic profile will change completely anyway.

  1. Yet Another Expense

With every other tool you need to spend on monthly, it would be great to not spend money on what is essentially a glorified automation.

So what can you do about these downsides to warming pools?

Well, ultimately with good email copy for high-value offers, you can ramp up your outbound campaigns little by little every day after sending a few friendly emails that you get responses to and have the same effect as warming domains. This has been done by a few of the high-end outbound agencies to great effect.

8. Email Validation, Verification and Bounces

Clean your email lists using email validation tools to avoid sender reputation damage from bounces

Bounces are a marketers worst nightmare.

Not only are you missing the inbox of the intended prospect that you've hunted down, but you also are broadcasting for every email provider and SEG that you are just shooting from the hip when it comes to outbound email.

You know who else shoots from the hip? Spammers.

So how do we stop bounces from happening? Is it worth our while to invest time into solving this problem?

Well, as someone who sells Email Validation and Verification tooling - yes. But also as a marketer who hasn't burnt a domain in years, email validation should be one of the processes you follow for every cold email campaign, no matter how small.

For every email you intend to send an email to cold, before the campaign starts you should verify that all the emails are deliverable before starting. If your verified email list is older than 1 month you should reverify (as this is about the amount of time it will take for IT to shut down email accounts after an employee leaves).

Use tools like MailSherpa​ (which is built into CustomerOS​), ​NeverBounce​ or others. Note that some tools will provide some successes, some failures and something called catch-all emails. Discard the failures, and then decide what to do next with the catch-alls before you send.

Catch-Alls - what are they?

Let's quickly break down what the term catch-all email means. Email servers can choose to reject emails sent to non-existent email addresses, or they can use a catch-all setting that takes all emails sent to non-existent email addresses and sends them to a single inbox. This was originally used so email server admins could triage when emails were going to the wrong places, however in the battle against spam it is used to prevent letting a marketeer know that their emails aren't actually ending up in the inbox of their intended recipient.

Another thing to note is that all email servers have the ability to confirm back to an email sender whether or not an address can be delivered to or not. Some allow this to be done via a ping without an email being sent, some disable that setting and only respond to actual emails, and worst some give no responses at all.

So what's the big deal? If you miss hitting your intended recipient it's not that important?

You will be wasting time, resources and money personalizing copy for the prospects who will never read your emails

Some of these email servers will bounce your emails, which will impact your sender reputation

You will reduce the engagement of your campaign, and ultimately as you target replies you don't want to send emails that can never be responded to

Ultimately some tools can use the above behaviors to go behind the scenes to work out if the email is catch all, some have databases of known good emails that are behind catch-all domains, and some tools send real emails to see if they get the correct response codes (sacrificial tests).

Email Validation Tooling

There is an easy solution to this problem - use email validation tooling on every email list you send. Typically you do this by downloading a csv of contacts from your favourite prospecting tool, and then run that list through a validation tool.

For those who want this done automatically - ​CustomerOS​ has this built into it's core so you never send an email to a catch-all again.

9. Email Content

Focus on honing offers that are too good for your prospects to say no to.

This could be a whole presentation in itself - if you're interested in improving your email copy reach out to me after this presentation and let's talk to your specific situation.

(The main issue with most underperforming copy is it does not have a good offer that the prospect can engage with - they are being spammed with 10-100 people a day asking for 15 mins of their time, don't join them, you need to do 10x better than them to rise above the noise.)

Write an email someone would pay to receive

- Jordan Crawford

10. Avoiding Automated Spam Detection

Avoid spam keywords and use spintax.

As emails are typically unencrypted, they can all be scanned by email service providers to check if an email is obviously spam (mail order bitcoin? nigerian mail order brides? deceased related prince?). What this means for us is that we need to keep our emails free of the same terminology of these common spam emails.

An easy way to do this is to either use a tool, or just use the latest that OpenAI/Anthropic/etc have been cooking up to check and rewrite your copy for you.

The other thing to avoid is sending the same email too much. When someone notices that you're sending 100 of exactly the same email every day some alarm bells will go off.

To get around this, you use something called spintax. Every good automated sending tool will have the ability to use spintax - it looks something like this:

{spin} Hey there | Hello | Hi {endspin}

or

{{RANDOM | Hi | Hello | Hey | Hey there | Hi there}}

What the above will do, is for every email that is sent, it will pick a random combination in between the | as a delimiter. Using this spintax throughout your email copy will create exponential variations of the same email, preventing a lot of scanning techniques from being able to detect similarity easily.

Again, ChatGPT and Claude are great at generating emails filled with spintax with the right prompt.

11. Replies are King

Forget opens and clicks, focus replies.

Every email you send should have one call to action (CTA) that involves them replying to your email.

This is so you can both get an opt-in from the prospect to allow you to take the conversation further, but more importantly (in regards to email deliverability) you are increasing your sender reputation

Side note: By getting a prospect to choose between two different actions, you are hurting your chances of conversion.

Keep conversations going with your outbound emails as long as possible

A lot of email campaigns miss out on some of the best sender reputation improvements they can get by trying to move prospect conversations off of their outbound emails and onto their main domain as fast as possible.

Not only are you giving your prospect a jilted experience (why am I emailing matt@trycustomeros.com and now matthew.brown@customeros.ai?), you are also throwing away high-value replies to one of your outbound domains that some people pay for email replies to make them seem more real to email providers.

Send the meeting booking link at least before switching emails to your main account.

12. Open & Click Tracking

Just to reinforce the point - get replies.

Open tracking is pointless for cold outreach - if you want to test subject lines, use others research and go in either direction, vague or massively personalised.

2 words that are loosely related to the problem you solve (the shorter and more curiosity inducing the better)

"X + Y + Z" that only that particular prospect would understand (for instance "Email + Inbox Everytime + Gophers" for someone who had a pet gopher who was a potential prospect for an inbox deliverability product)

The reason that open tracking doesn't work anymore is that it used hidden unique 1×1 pixels embedded in each email that when requested to download to display would let a server know that the email had been opened. This tech has since been blocked by Apple, Google prevents and warns users that images are being loaded from contacts that haven't been seen by that user before and some email firewalls and providers will load these images the moment the email is received by the server to check for viruses, etc.

Ultimately because this has been cracked down on and increases chances of being marked by spam, I don't recommend having open tracking on for cold outreach (however keep it on for marketing emails as these are opt-in and typically have images anyway).

And clicks?

Click tracking used to be useful - it could be used to work out whether people engaged with your copy enough to be intrigued and not send you straight to spam.

However since this used hidden pixels

13. Spam Reports and Unsubscribes

Improve your chances with better copy, but expect reports

Unfortunately with cold outreach you are always going to have people who click 'Report Spam' for every single unsolicited email they receive. But you can make them think twice before doing so through good targeting, considered copy and irresistible offerings. Not selling on the first contact helps, providing actual value is better, and taking the time to individualise that value will mean you almost never get hit by the spam report button.

To Be or Not To Be…

The current debate on whether or not to include an unsubscribe link in direct reach outs is ongoing.

The upside to including the link, is you give users an easy way to unsubscribe which hopefully helps you avoid getting reported as spam for the users who don't resonate with your copy. It also helps keep you legally compliant with the CAN-SPAM act.

The downside however, is you make it clear that the email you are sending is indeed a marketing or sales email, and people will immediately treat the email with suspicion of being automated/AI generated/not actually for them specifically. In this case your offer needs to resonate absolutely with them and their problems rather than just make them feel personally targeted by your outreach.

So what do I do?

As I went through in 11. Replies are King one trick you can use is by asking for the user to reply with a word like STOP in order for you to process the unsubscribe manually, all the while building your sender reputation with that hard-to-get reply.

If you want to include unsubscribe links, I'd recommend using language that doesn't use the term 'Unsubscribe' - such as:

Let me know if I've missed the mark here​.

And finally you can just not include the link. Some decision makers I speak to have automatic rules to remove emails from their inbox that include unsubscribe links, meaning leaving them out for Founders/execs/VPs could be a good idea. Ultimately you should leave out unsubscribe links if you are personalizing your outreach strategy from your target list to your offers.

However if you choose to send thousands of undifferentiated emails, you should probably just include the unsubscribe link.

List-Unsubscribe headers

With the increase in spam and unwanted email subscriptions, providers like Google and Yahoo have implemented and mandated the use of one-click unsubscribes using List-Unsubscribe headers for high volume senders.

Should I implement List-Unsubscribe headers?

Probably not, List-Unsubscribe headers are for massive volume senders (2,000+ emails per day) from single emails. As you spread your emails across multiple mailboxes and domains and limit yourself to under 40 emails per day you don't need to implement this header as you will never be flagged by any provider.

Though it is possible that using a List-Unsubscribe headers instead of Unsubscribe links could help you, as users could still unsubscribe from your emails and avoid a spam report, though I don't recommend this approach.

14. Secure Email Gateways (SEG) a.ka. Email Firewalls

This is where your emails go to die (silently)

What is a SEG?

Think of it like a firewall for emails. While your email provider may have sufficiently good detection of spam and phishing emails, you might want to up your security by installing something in the middle that is purpose built for detecting those dangerous emails.

Common high-security SEGs to watch out for include:

  1. Mimecast

  2. Proofpoint

  3. Barracuda

These devices aren't infallible though as legitimate emails still need to pass through them from new sources all the time for these companies to do business effectively, but they certainly make cold outreach much, much harder.

The main way that SEGs detect spam is through detecting the age of a domain and how long it has been sending email. As emails are unencrypted and sent over public channels, these companies are constantly scanning the internet and logging who are sending emails so they can be proactive with who they block. This means that they are aware that domains are 'actively' sending email from the first email that you send from it.

SEGs do have one interesting design bug/feature: they are designed to consistently let companies partner emails through. What do I mean by this? It means that if mark@acmecorp.com sends an email to a SEG protected mailbox amy@ibm.com and gets a reply, the SEG will let emails through for all inboxes with @acmecorp.com addresses to any IBM email address. So now our friend mark@acmecorp.com can email every single employee behind that SEG.

So what can we do with this information tactically?

Aim to get a single reply for that company.

Once we have that reply, we open that domain up to sending to that entire list of contacts at that company, as the SEG now believes it has approval from a user as an approved sender/domain.

For this reason, you should identify which companies use a SEG, then identify the easiest way to get a response from them. Then all your cold outreach should come from that domain, as it will consistently bypass the SEG (until someone marks your emails as spam).

There is a good thing about SEGs though - if you have sufficiently high sender reputation you can pass through SEGs with ease. And you can use this to your advantage - you beat those who don't know how they work to these highly protected and valuable inboxes every time.

How do I know which domains are using a SEG?

This information can be found using a tool like ​MailSherpa​. It will do a lookup against the domain against a list of known SEG IPs and discern whether or not each email address is utilising a SEG to prevent spam coming through.

With this information - to get tactical again - you can then use high sender reputation mailboxes that have been used for a minimum of 1-3 months to target effectively to get a first email response that then allows you to send a full campaign to all your targets.

Handling SEGs automatically

The above behavior isn't straightfoward to track and run yourself. However CustomerOS​ has been built specifically to run email campaigns with this as the default behavior.

It tracks all your inboxes against domains, and if one has had success against a domain's SEG it will route all campaigns through that inbox.

Honeypot email addresses

Unfortunately another tactic that SEGs use is to create honey-pot email addresses that are seeded into many email databases. They use emails sent to these fake inboxes to know when unwanted emails are being sent, as continuously sending to non-existent email addresses is indicative of spamming behavior.

Right now there is no easy way to reduce this without doing a lot of account research or utilising AI agents to judge whether or not an email actually has a real person behind it. As many people don't have large digital footprints, the results from this research will result in many false negatives so I don't suggest trying to negate this and just try to keep your email targeting as tight as you can to very specific personas.

15. Avoiding burning domains

This is what it's all been leading up to

Ultimately your goal is to avoid burning domains, and treating your sender reputation as a first-class citizen. If you consistently send high volumes of low quality outreach (both the quality of what you send, and where you send it), you will never make it into the inbox of the decision makers and buyers that you would pay $1,000s just to have a 15 min meeting with.

Landing in the inbox isn't easy, and for this reason every email you land in the inbox puts you ahead of 97% of your competition (1 in every 40 cold emails actually avoids spam based on our reports).

If you apply all of the lessons you've seen here today, you will be ahead of almost everyone who sends cold outreach. The reason you see so many agencies looking to sell you 'outcome-based' meeting bookings with your ICP is because they have spent a lot more time than you have to

Cheat Sheet: Optimizing Email Deliverability

  1. Authenticate Your Domain

Implement SPF, DKIM, and DMARC records to verify your domain and improve your sender reputation. This step is crucial in proving to email providers that your emails are legitimate.

  1. Maintain a Clean IP Reputation

Use a dedicated IP address for your cold email campaigns and gradually warm it up by slowly increasing your sending volume over time. Monitor your IP reputation regularly.

  1. Optimize Email Content

Avoid spam trigger words, use spintax, avoid sending links and images, and if you use HTML, ensure it is clean and properly formatted. Include both plain text and HTML versions of your email.

  1. Manage Engagement Metrics

Monitor and focus on improving your reply and spam complaint rates. Segment your lists and send targeted, relevant content. Monitor your sender reputation with tools like Google's Postmater Tools

  1. Validate Your Email Lists

Regularly clean your email list to remove invalid or inactive addresses. Avoid sending to unverified catch-alls to stay out of SEG honeypots.

  1. Avoid SEGs Intially

Use SEGs to your advantage. Avoid sending to them for 1-3 months then aim for a single reply to bypass them.

Remember, deliverability is an ongoing process. Continuously monitor your performance metrics and adjust your strategies as needed to maintain high inbox placement rates.

Pro Tip: Use plain-text emails to maximise deliverability. Don't include links or images until you get a reply, as this will cause some of your emails to end up landing outside of the inbox.

Bonus #1: Building a Targeted Email List: Best Practices and Legal Considerations

Your list is what drives your message, make it so specific the value prop of the message is obvious for each person

Think of list building as a series of filters. Each filter should strategically remove companies and personas until you remain with a list that your message should speak to personally.

Your offer doesn't apply to companies smaller than 100 employees? Set your limit to 200+ employees. Your offer resonates with companies that are looking to reduce costs pre-IPO? Filter for CFOs that have M&A experience from PE or bulge bracket banks.

  1. Your TAM

Start with your known ICP

  1. Filter for exclusions

Anyone you don't know for certain will have the problem you solve, be overly picky

  1. Filter for specifics

Filter down for very specific info about the people and companies you are targeting

Bonus #2: Subject Lines are Simple

Pick one, depending on if you personalise or not

2 words that are loosely related to the problem you solve (the shorter and more curiosity inducing the better)

"X + Y + Z" that only that particular prospect would understand (for instance "Email + Inbox Everytime + Gophers" for someone who had a pet gopher who was a potential prospect for an inbox deliverability product)

Content Marketing

GTM

Marketing Attribution

Sales Enablement Automation

Technographic Data

Firmographic Data

Contact Enrichment

B2B Intent Data

Build Vs. Buy

Identify Anonymous Website Visitors

Lead Intelligence Platform