Do subdomains protect a domain's reputation when sending emails?

Captain Hypertext picture Captain Hypertext · Aug 24, 2015 · Viewed 9.8k times · Source

I'm working on an application that is meant to distribute emails by the thousands. We've started interfacing with Mandrill to accomplish this.

So my coworker suggests that we use a subdomain to send all of theses emails out, so as to protect our top-level domain's reputation. We started squabbling about this because, as I argued, why would a simple subdomain protect our TLD, especially if they both resolve to the same IP address? If marketing.example.com is sending thousands of emails, aren't spam filters smart enough to know that they really originate from example.com?

So to clarify:

  • We're currently using Mandrill to distribute mail
  • We use DKIM to verify that the domain example.com is the originator of the message
  • Right now, we're only using one server to handle all this (plus Mandrill)

So how would switching the sender to marketing.example.com (with matching DKIM) help protect our TLD's reputation as a non-spammer? I don't understand, yet I've read articles to this effect, and he argues fervently that it's the right thing to do, yet no one can tell me how it works. I understand it from an organizational standpoint, but I don't understand how that protects our domain, unless spam filters really judge rep by the subdomain.

Can someone please help me piece this together?

Edit:

Here are some articles for reference:

Quora Question

LuxSci Blog

Mail Chimp Delivery - See page 11

Answer

Andrew Bonar picture Andrew Bonar · Aug 28, 2015

Using a sub-domain will mitigate against the potential damage that could be done to your reputation by a miscreant user sending a campaign to a purchased list and using sub domains is considered best practice as per what you have read online.

In the first instance the big mailbox providers are not expecting to treat all mail sent from a domain in the same way. Google will want to classify your marketing messsages differently to notifications/transactional mail. One way to assist the mailbox providers in that task is to utilise sub-domains for different message types.

It is not about attempting to evade the spam filters, it is about providing meaningful and useful information through what most would consider proper utilization of rDNS. You are only mitigating because even if the BL operator or mailbox provider do assign separate reputations to each subdomain if sub-domains are being listed constantly then you do run the very real risk of having your TLD listed.

Spamhaus who operate one of the most widely used blacklists said this on the subject "It's a good way to convey in rDNS what is really happening within your network in terms of different customers sending different mailstreams. The risk is that "maindomain.com" may get filtered if too many subdomains look bad, but that needs to be a risk you accept and manage by maintaining the reputation of all subdomains."