Connect with us

Hi, what are you looking for?


Email Security

SaaS and the Email Delivery Conundrum

How You Can Avoid Email Deliverability Problems due to Shared Email Infrastructure When Outsourcing CRM functions to a SaaS Provider

CRM and Email

How You Can Avoid Email Deliverability Problems due to Shared Email Infrastructure When Outsourcing CRM functions to a SaaS Provider

CRM and Email

Software-as-a-Service (SaaS) has become the dominant solution for new deployments of Customer Relationship Management (CRM). The driver for choosing SaaS as a deployment model is typically cost. The firm gets access to a more feature-rich solution at a lower cost in fixed infrastructure and on-going software maintenance. But SaaS as a model for CRM can have a downside when it comes to email—the potential for deliverability problems.

Improving Email DeliverabilityEmail is an integral function of CRM. Email is inexpensive for the sender, and is an asynchronous medium. Unlike a phone call, where the receiver must be there to receive the call, an email message will be waiting for them in their inbox. Email is used as a customer notification tool as well as a tool for new customer acquisition. The CRM system is an excellent place to manage customer communication because records of all communication are consolidated under the customer account or contact record in the CRM system. Also, tools for one-to-one and mass communication are provided for standardizing email communication and managing responses. But the vary nature of Software-as-a-Service, being multi-tenant and a shared application infrastructure, means that conflicts can occur between companies using the SaaS provider.

Spam and Ham

Since the creation of .com and the commercialization of the Internet, spam (unsolicited bulk email) has been an ever-increasing problem. One of the most effective ways of combating spam is the use of IP reputation. Internet email is sent using a protocol called SMTP. The server sending the email is the SMTP client and the server receiving the email is the SMTP server. The SMTP client and the SMTP server each have IP addresses that identify the particular machine on the Internet. IP reputation is a scheme whereby an SMTP server is able to decide what kind of a network citizen the STMP client is. Is that SMTP client a sender of spam? Is that SMTP client a known abuser of the email system? Is that STMP client a high-volume sender of email or a low-volume sender of email? Generally speaking, IP reputation is a way of blocking around 80% of inbound spam while never having to actually look at the email content. Every enterprise-grade anti-spam solution today relies on some form of IP reputation to eliminate spam.

IP reputation is not much of a concern for an enterprise with an on-premises CRM system, because the hosts sending mail have IP addresses that are under their own administrative domain and control. But when a company chooses to outsource the CRM function to a SaaS provider, it is generally less likely that the servers sending email will be under their own administrative domain. More than one firm will be sharing the same hosts acting as SMTP clients, sending email. Thus one company that uses the SaaS provider that sends spam can poison the IP reputation of the SaaS provider’s hosts and affect the delivery of email for another firm using the CRM service.

Three Solutions

There are three solutions to the deliverability problem: (1) purchase private IP space from the SaaS provider, (2) use a third-party SaaS provider for email that integrates with the CRM provider’s system, (3) route email from the SaaS provider’s system through an on-premises email infrastructure.

Advertisement. Scroll to continue reading.

Purchase private IP space from the SaaS provider

The SaaS CRM provider may have an additional option that allows the company to send email off a fixed set of IP addresses that are not shared with other firms. This is always an additional charge item, because IP address space on the Internet is finite and there are not enough to go around.

Use a third-party provider for email that integrates with the CRM system

Many SaaS providers have a vibrant ecosystem of partners that extend the capabilities of the CRM system. If the CRM provider does not offer the ability to acquire private IP space for sending email, there may be the option of using a partner plug-in service for doing the email communications, and that partner may offer private IP address space.

Route email through an on-premises email infrastructure

Most CRM providers have the ability to configure into the system a default email gateway that will allow all the outbound mail from the company to be routed to their on-premises Internet email gateways. This allows maximum control over the IP address space for the SMTP client. Additionally, the company gets more flexibility with respect sender authentication technology and content policy enforcement.

Any of the above solutions will help avoid email deliverability problems due to shared email infrastructure when outsourcing CRM functions to a SaaS provider.

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...