Summary
Security teams may permit cousin domains for email marketing because they believe marketing will not adhere to security protocols and it keeps issues separate from their core responsibilities; however, experts view this as problematic as it leads to abuse by phishers/spammers. The consensus leans towards subdomains for email marketing as IT can maintain control, enhancing brand protection, enabling reputation isolation, and improving deliverability. Building sender reputation and following email authentication standards such as SPF, DKIM, and DMARC is also critical for preventing spoofing and improving deliverability. Monitoring domain reputation and addressing deliverability issues promptly helps maintain a positive sender reputation.
Key findings
- Marketing Security Adherence: Security teams assume marketing won't adhere to security policies, leading to cousin domain usage.
- Subdomain Control: IT can exercise better control over subdomains, ensuring security and brand continuity.
- Brand Protection: Subdomains offer enhanced brand protection and mitigate phishing risks.
- Reputation Isolation: Subdomains isolate reputation damage, preventing marketing email issues from affecting transactional emails.
- Email Authentication: SPF, DKIM, and DMARC are crucial for preventing spoofing and improving deliverability for both domains and subdomains.
- Spammer/Phisher Exploitation: Cousin domains are frequently abused by spammers and phishers.
Key considerations
- Good List Hygiene: Good list hygiene and communication between IT and marketing is essential when using subdomains.
- Authentication Implementation: Properly authenticate subdomains using SPF, DKIM, and DMARC.
- Long Term Investment: Investing in proper subdomain setup and authentication is beneficial for long-term email deliverability and brand protection.
- Reputation Monitoring: Regular monitoring of domain/subdomain reputation is critical.
- Spoofing Prevention: Implement SPF records for all sending domains/subdomains to avoid spoofing issues.
- Compliance Adherence: Marketing teams should be encouraged to adhere to security policies rather than relying on cousin domains
What email marketers say
7 marketer opinions
Security teams generally prefer subdomains over cousin domains for email marketing due to increased control, enhanced brand protection, and the ability to isolate reputation damage. Subdomains allow for consistent security policies, prevent phishing attacks, and maintain a positive sender reputation. Marketing teams can leverage subdomains for better tracking, management of different email types, and to ensure deliverability by separating marketing and transactional email streams.
Key opinions
- Control: IT/Security can maintain stricter control over subdomains ensuring consistent security policies.
- Brand Protection: Subdomains provide better long-term brand protection compared to cousin domains.
- Reputation Isolation: Using subdomains allows for isolating reputation damage, preventing marketing email issues from affecting transactional emails.
- Deliverability: Authenticating emails and building a strong sender reputation with subdomains are crucial for email deliverability.
- Phishing Prevention: Security teams prefer subdomains to prevent phishing attacks by having stricter control.
Key considerations
- List Hygiene: Good list hygiene is essential when using subdomains for email marketing to maintain a positive reputation.
- Communication: Good communication and collaboration between IT/security and marketing teams are necessary for effective subdomain management.
- Authentication: Properly authenticate subdomains using SPF, DKIM, and DMARC to establish trust with mailbox providers.
- Long-Term Investment: Investing in proper subdomain setup and authentication is beneficial for long-term email deliverability and brand protection.
- Tracking and Management: Separate email streams with subdomains for better tracking and management of different email types (e.g., marketing vs. transactional).
Marketer view
Email marketer from Email Geeks shares that IT should exercise control on setting up subdomains to maintain security control while allowing marketing brand continuity, assuming good list hygiene and communication between departments.
27 Jan 2025 - Email Geeks
Marketer view
Email marketer from Mailgun Blog recommends separating marketing and transactional email streams using subdomains. This practice helps isolate reputation damage and allows for better tracking and management of different email types.
30 Oct 2021 - Mailgun Blog
What the experts say
3 expert opinions
Security teams sometimes allow cousin domains for email marketing because they believe marketing teams will not adhere to security protocols. This approach is seen as a way to keep potential security issues separate from the core security responsibilities. However, this practice is problematic and leads to abuse by phishers and spammers who exploit the similarity to legitimate brand names to deceive recipients.
Key opinions
- Marketing Non-Compliance: Security teams perceive that marketing teams are unlikely to comply with security policies.
- Separation of Responsibility: Allowing cousin domains is viewed as a way to isolate potential security risks from core security operations.
- Abuse Potential: Cousin domains are frequently exploited by phishers and spammers to mimic legitimate brands.
- Deceptive Practices: Phishers and spammers use cousin domains to trick recipients into believing they are interacting with the real brand.
Key considerations
- Security Risks: Cousin domains can pose significant security risks due to their potential for abuse.
- Brand Reputation: Using cousin domains can damage brand reputation as they are often associated with phishing and spam.
- Compliance: Marketing teams should be encouraged to adhere to security policies rather than relying on cousin domains.
- Monitoring: Organizations should monitor for and actively combat the use of cousin domains to protect their brand.
Expert view
Expert from Word to the Wise responds that she has seen a lot of abuse of domains that are close, but not quite the same as the brand name. This is often done by phishers and spammers, who are trying to trick people into thinking that they are dealing with the real brand.
1 Jun 2025 - Word to the Wise
Expert view
Expert from Email Geeks explains security people know that marketing people are not going to listen to them. But they can at least keep the pain out of security’s area of responsibility. She agrees it’s a problem and has been yelling about the cousin domain problem for years
13 Nov 2022 - Email Geeks
What the documentation says
5 technical articles
Email authentication standards such as SPF, DKIM, and DMARC are critical for preventing spoofing, improving email deliverability, and protecting against phishing. Correctly configuring these records for all sending domains and subdomains is essential. Monitoring domain reputation and addressing deliverability issues promptly are also important for maintaining a positive sender reputation and trust with mailbox providers.
Key findings
- SPF: Sender Policy Framework (SPF) records help prevent email spoofing and improve deliverability.
- DMARC: Domain-based Message Authentication, Reporting & Conformance (DMARC) policies protect against phishing and spoofing by aligning SPF and DKIM records.
- DKIM: DomainKeys Identified Mail (DKIM) uses cryptographic signatures to verify the sender of an email and ensure message integrity.
- Authentication Importance: Implementing SPF, DKIM, and DMARC improves email deliverability and establishes trust.
- Reputation Monitoring: Monitoring domain reputation and promptly addressing deliverability issues are crucial for maintaining a positive sender reputation.
Key considerations
- Configuration: Correctly configure SPF records for all sending domains and subdomains.
- Alignment: Ensure SPF and DKIM records are aligned for DMARC compliance.
- Regular Monitoring: Regularly monitor domain reputation and address any deliverability issues promptly.
- Technical Guidelines: Refer to official RFC specifications for SPF implementation.
- Tool Utilization: Utilize domain reputation monitoring tools to track deliverability metrics.
Technical article
Documentation from DMARC.org details how Domain-based Message Authentication, Reporting & Conformance (DMARC) policies help protect against email phishing and spoofing. It emphasizes the need to align SPF and DKIM records to ensure proper email authentication.
20 Oct 2021 - DMARC.org
Technical article
Documentation from ReturnPath explains how to monitor domain reputation using their tools. It highlights the importance of tracking deliverability metrics and addressing any issues promptly to maintain a positive sender reputation.
28 Dec 2021 - ReturnPath
Are custom sending domains worth the money and effort?
Are SPF, DKIM, and DMARC as important in B2B as in B2C email marketing?
How do DMARC records on subdomains override root domain DMARC policies?
How do I ensure email deliverability with different return-path addresses and subdomains?
How do subdomains affect root domain reputation and how can I fix Microsoft O365 Outlook SCL:5 spam filtering issues?
Should I set up a subdomain for SPF records for email marketing?
