If you’re running cold email outreach, email infrastructure is extremely important.

After all, no matter how good your targeting, copy, or offer is, none of it matters if your emails aren’t landing in your prospect’s main inbox.

Email Gatekeepers

The 3 main email gatekeepers I’ve seen are:

• Proofpoint

• Barracuda

• Mimecast

Think of them as literal gatekeepers. They sit between your cold email and your prospect, scan the email, cross-reference your domain and copy against a huge database of blocked domains and known cold email patterns, and decide whether or not your email should be delivered.

If not, your email gets blocked.

You’d typically see these email security softwares deployed in:

• Larger enterprise companies / FT 1000 companies

• Govt organizations

• Legal organizations

How do you even know if a prospect is behind one of these? You can do a quick MX record lookup on tools like MXToolbox, or you can enrich it through Clay. Worth doing before you send if you’re going after enterprise prospects.

Mimecast (Backstory + What’s Happening)

Lately I’ve been seeing more and more of my prospects using Mimecast. And out of the 3 main gatekeepers, this one has been the trickiest to crack.

I ran a small controlled test using my company’s main domain to do high-touch 1:1 outreach to a batch of Mimecast-protected prospects. All of them got blocked. Meanwhile, the same kind of outreach was landing fine with Proofpoint and Barracuda prospects.

A couple of hypotheses I had in mind:

• My company’s main domain (along with other established aged domains) has probably been fingerprinted by Mimecast. This isn’t unique to us as any established business running a real PLG or SLG motion is sending millions of emails monthly across product, marketing, sales, and transactional flows. At that scale, every major email security provider will eventually have enough signal on your domain to fingerprint it. It’s not about spamming, it’s just the reality of operating at volume.

• Copy issue. The email copy might be considered too promotional for Mimecast’s liking.

The interesting thing is that the same copy from the same domain was getting delivered fine to Proofpoint and Barracuda prospects.

Which tells me Mimecast is doing something different. Most likely stricter content scanning, heavier weighting on sender reputation history, and more conservative defaults compared to the other two.

What Worked for Mimecast Delivery?

#1: Non Promotional, Short Copy

I tested emailing the same Mimecast prospect using my company’s main domain with extremely short copy (under 7 words).

The email was delivered successfully and I got a reply.

My theory on why this works: Mimecast’s content scanning likely flags promotional language patterns, CTAs, links, and structural signals like multi-paragraph format and signatures. Ultra-short copy bypasses most of these triggers as there’s just nothing for the scanner to flag against.

#2: Secondary New Domains

Using newer secondary domains (not your company’s main domain) to do cold outreach seems to help too. Even with the promotional cold outreach copy.

All the Mimecast prospects got delivered successfully.

My guess is that the email security providers don’t have much sending history on these newer secondary domains yet, so there’s nothing to fingerprint against.

Main Takeaways

Contrary to the general consensus, emailing prospects from your company’s main domain might not necessarily see an uplift, especially with prospects using email security gateways.

For Mimecast specifically, consider using:

• Extremely short email copy (< 7 words)

• Secondary newer domains that don’t have much sending history

A few open questions I’m still testing:

• Does the short copy trick still work at scale?

• How long before secondary domains accumulate enough history to get fingerprinted too?

• Is there a copy structure that gets the best of both worlds. Preferably long enough to actually pitch something, short enough to dodge Mimecast’s scanner?

Will share more as I run more tests.