Delivery and Security FAQs
Delivery
Does branding increase the size, and storage costs of my email?
You control the branding payload size; Branded Emails recommends keeping the branding below 40K bytes.
What are the bandwidth implications of using Branded Emails?
Branded Emails sits downstream of your outbound mail server, so ordinarily there is no cost increment for bandwidth – you send to us, and we forward to your recipients.
Does branding cause delivery delays of my email?
For the vast majority of emails traversing our platform, the branding delay is measured in milliseconds. If you send a large attachment to a huge number of recipients at once, this may incur a small delay as our service processes it for you.
In certain circumstances, we limit the attachment size of each message to ensure that no one customer can disrupt delivery for others.
Are mails from certain senders prioritised?
No, all emails are processed synchronously as they arrive from Office 365 before being relayed.
How do you handle spikes in load on shared servers?
We use Amazon Web Services (AWS) to host our platform. Our branding application and SMTP service have been designed from the ground up to be automatically scaled up and down. We always retain a significant amount of headroom over and above normal levels of traffic to handle sudden spikes.
Does Branded Emails cause mail to appear in the recipient’s Junk folder?
No. Branded Emails actually enhances deliverability as long as you follow our guidelines.
We show you how to create a DNS record (“tracker domain”) to ensure safe delivery.
We employ SPF and TLS to securely deliver identifiable messages
We monitor blacklists
We maintain alternate delivery IP addresses
We monitor time spent in the delivery queue
We offer a simple free service to compute the spam score of any branded email you compose.
What happens if your relay becomes blacklisted?
For most of our customers, we relay back to Office 365 through a secure connector. This means that Office 365 will do final delivery from one of its normal IP pools, so for all intents and purposes, the receiving email server will see the email as having come to it, direct from Office 365.
For those customers using our SMTP relay service, we closely monitor its IP reputation and have alternate IPs pre configured in our SPF stack to be used.
How many mails a minute can your relay handle?
Our scalable architecture has no fixed upper limit on throughput.
How do we know our branded mails reached the recipient’s inbox?
We relay emails back to Office 365 and allow it to conduct the final delivery. You will be able to see the normal mail delivery reports within the Exchange Control Panel. In the rare case of us encountering an error in our processing engine, we will respond to Office 365 to let it know there was an issue, so it will retry automatically a few moments later.
Security
Can Branded Emails staff read our emails?
No, the content of your emails are not seen by any Branded Email staff. Connections from and to Office 365 are conducted over SSL encrypted connections and no email body content is stored.
Will our mails be regarded as phishing attempts?
Tracking links can use a subdomain of your main domain in order to show legitimacy / avoid being flagged as a phishing attempt.
You provide reporting. Do you store sensitive client data to achieve this?
Reporting data consists of sender and receiver email addresses, the time a message was processed and the subject line of each message we process. If you have link tracking enabled, we also have a record of the destination URL of the link (and which banner it was from). These records are stored in secured databases with restricted access but are available to your Account Managers with permission to access the management interface.
Can our email security be compromised when forwarding emails to your servers outside our firewall?
Your emails are sent to us direct from Office 365 using SSL encrypted transmission; your firewall is irrelevant in this context.
What front-end security is in place?
The User Interface of the platform is secured with Email address & Password authentication, with Two Factor authentication available for System administrators and support staff.
Technical Concerns
Do I need to purchase additional hardware to use Branded Emails?
No, it is a fully hosted and managed solution for our customers’ use.
How can our IT staff troubleshoot, what tools are available?
Your IT staff can use the tools within the Exchange Control Panel to diagnose issues, that they would normally use before using our service.
What are your failover and disaster recovery procedures?
We have point in time restore capabilities of our database, with daily full snapshot backups. Our application itself is hosted on a fault tolerant platform within AWS. Should we lose our database, it would be restored to the most recent point in time, and our application is entirely decoupled from its underlying infrastructure, meaning we could bring online brand new hosting capacity to run it on. We spread our platform across all 3 AWS availability zones within the London region.
Can our administrators check if a mail was successfully delivered?
Yes. Users with sufficiently powerful administrative rights have this capability, through both our interface and their usual tools within the Exchange Control Panel.
We deliver emails via multiple gateways. Can your server load balance delivery between gateways?
We return the emails to Office 365 so providing your Mail Flow rules are configured correctly and we are the first ‘hop’ to receive the email, this wont be an issue.
How can we trust your software to not affect our Exchange server?
Your Office 365 routes the email to us, we brand it and give it back over a return connector at which point it continues with further rules and final delivery.
How secure is the SMTP connection?
Our SMTP connector configurations within Office 365 validate our certificate on smtp.brandingserver.net, so that Office 365 knows that they are genuinely connecting to our service. Likewise, the inbound connector configured within Office 365 again validates our presenting hostname via the SSL Certificate ensuring it knows that it is genuinely us connecting to it.
