Security Experts:

SaaS and the Email Delivery Conundrum

How You Can Avoid Email Deliverability Problems due to Shared Email Infrastructure When Outsourcing CRM functions to a SaaS Provider

CRM and Email

Software-as-a-Service (SaaS) has become the dominant solution for new deployments of Customer Relationship Management (CRM). The driver for choosing SaaS as a deployment model is typically cost. The firm gets access to a more feature-rich solution at a lower cost in fixed infrastructure and on-going software maintenance. But SaaS as a model for CRM can have a downside when it comes to email—the potential for deliverability problems.

Improving Email DeliverabilityEmail is an integral function of CRM. Email is inexpensive for the sender, and is an asynchronous medium. Unlike a phone call, where the receiver must be there to receive the call, an email message will be waiting for them in their inbox. Email is used as a customer notification tool as well as a tool for new customer acquisition. The CRM system is an excellent place to manage customer communication because records of all communication are consolidated under the customer account or contact record in the CRM system. Also, tools for one-to-one and mass communication are provided for standardizing email communication and managing responses. But the vary nature of Software-as-a-Service, being multi-tenant and a shared application infrastructure, means that conflicts can occur between companies using the SaaS provider.

Spam and Ham

Since the creation of .com and the commercialization of the Internet, spam (unsolicited bulk email) has been an ever-increasing problem. One of the most effective ways of combating spam is the use of IP reputation. Internet email is sent using a protocol called SMTP. The server sending the email is the SMTP client and the server receiving the email is the SMTP server. The SMTP client and the SMTP server each have IP addresses that identify the particular machine on the Internet. IP reputation is a scheme whereby an SMTP server is able to decide what kind of a network citizen the STMP client is. Is that SMTP client a sender of spam? Is that SMTP client a known abuser of the email system? Is that STMP client a high-volume sender of email or a low-volume sender of email? Generally speaking, IP reputation is a way of blocking around 80% of inbound spam while never having to actually look at the email content. Every enterprise-grade anti-spam solution today relies on some form of IP reputation to eliminate spam.

IP reputation is not much of a concern for an enterprise with an on-premises CRM system, because the hosts sending mail have IP addresses that are under their own administrative domain and control. But when a company chooses to outsource the CRM function to a SaaS provider, it is generally less likely that the servers sending email will be under their own administrative domain. More than one firm will be sharing the same hosts acting as SMTP clients, sending email. Thus one company that uses the SaaS provider that sends spam can poison the IP reputation of the SaaS provider’s hosts and affect the delivery of email for another firm using the CRM service.

Three Solutions

There are three solutions to the deliverability problem: (1) purchase private IP space from the SaaS provider, (2) use a third-party SaaS provider for email that integrates with the CRM provider’s system, (3) route email from the SaaS provider’s system through an on-premises email infrastructure.

Purchase private IP space from the SaaS provider

The SaaS CRM provider may have an additional option that allows the company to send email off a fixed set of IP addresses that are not shared with other firms. This is always an additional charge item, because IP address space on the Internet is finite and there are not enough to go around.

Use a third-party provider for email that integrates with the CRM system

Many SaaS providers have a vibrant ecosystem of partners that extend the capabilities of the CRM system. If the CRM provider does not offer the ability to acquire private IP space for sending email, there may be the option of using a partner plug-in service for doing the email communications, and that partner may offer private IP address space.

Route email through an on-premises email infrastructure

Most CRM providers have the ability to configure into the system a default email gateway that will allow all the outbound mail from the company to be routed to their on-premises Internet email gateways. This allows maximum control over the IP address space for the SMTP client. Additionally, the company gets more flexibility with respect sender authentication technology and content policy enforcement.

Any of the above solutions will help avoid email deliverability problems due to shared email infrastructure when outsourcing CRM functions to a SaaS provider.

Subscribe to the SecurityWeek Email Briefing
view counter
Greg Olsen is Director of Business Development at Sendmail, Inc. Greg has more than 20 years of experience as an IT professional. He has been designing, deploying, and managing SMTP email infrastructures for 17 years. He has broad industry experience across high technology, higher education, government, and financial services industries. In his current role at Sendmail, Inc., he manages the third-party technology partnerships, including VMWare, and the open source initiatives of Sendmail.
view counter