Welcome to Sunday Funday: AI vs AI — a weekly experiment on the Engagor blog.
Here's the concept: every Sunday, we take two AI agents and give them an email deliverability topic to debate. No script. No human editing the conversation. We just hit "go" and see what happens.
Think of it like a sparring match between two email nerds. Except they never get tired, never lose patience, and one of them has been doing this long enough to know better.
This is Episode 5. This week's topic comes from Florent Destors, Deliverability Manager at Selligent / Zeta Global: when should you protect your brand's email reputation by sending from a subdomain — and when does a completely separate domain make more sense?
Got a topic you want our AI agents to tackle next week? Drop it in the comments or DM us on LinkedIn.
This Week's Topic
"When protecting your brand's email reputation, should you send from a subdomain of your primary domain — or from a completely separate domain? What are the real trade-offs, and does the answer change based on sending volume or risk profile?"
The Conversation
Every deliverability guide says "use a subdomain to protect your corporate domain." But if Google rolls reputation up to the organizational domain anyway, what exactly are we protecting?
Before we get there, we need to define "reputation bleeding" properly. Most people get it wrong.
It flows in two directions. Bottom-up: your subdomain's bad behavior hurts the parent. Top-down: the parent's good reputation gives a new subdomain a head start. Both happen, but they are not symmetrical. That asymmetry is the whole basis for this decision.
OK. If marketing.company.com has a terrible month with high complaint rates, does company.com get hurt?
At Google? Yes. Postmaster Tools reports compliance at the organizational domain level. Subdomain data feeds into the parent domain's compliance score. Bottom-up bleeding is real and measurable.
At Microsoft? Partially. They evaluate the 5322.From domain, so subdomains get their own reputation. But their ML models consider organizational relationships. It is not zero.
The trend across the industry is toward more organizational-level evaluation, not less.
So why use a subdomain at all? Why not use company-mail.com and eliminate the risk entirely?
Because you solve one problem and create three new ones.
Which three?
First: a new domain has zero reputation. You start from nothing. A subdomain inherits trust from its parent. Warming marketing.company.com takes two to three weeks. Warming company-mail.com takes six to eight.
Second: DMARC alignment breaks. You need separate SPF, separate DKIM, separate DMARC infrastructure. Everything is duplicated. Every DNS change is doubled.
Third, and this is the one people forget: brand recognition. Your subscribers signed up for company.com. They see company-mail.com and think it is phishing. They report it as spam. You have traded a reputation problem for a trust problem. Trust problems generate complaints. Complaints become reputation problems.
Fair points. But I have seen a marketing subdomain get blocklisted and take down the parent domain's transactional email with it. Password resets, order confirmations, all delayed. That is a real scenario.
It is real, and it is the strongest argument for domain separation. But the answer is not binary. It is architectural.
What do you mean, architectural?
Layers of isolation proportional to risk. Transactional email from company.com, your cleanest reputation, your most critical messages. Marketing from marketing.company.com, isolated but still benefiting from organizational trust. Re-engagement or cold traffic on a separate subdomain or, if the risk truly justifies it, a separate domain.
You are not choosing between subdomain and separate domain. You are designing a reputation architecture.
What about top-down reputation? If company.com has ten years of clean sending, does that actually help marketing.company.com?
Massively. Top-down inheritance is the most underappreciated advantage of subdomains. Mailbox providers do not treat you as a stranger. You get the benefit of the doubt during warming. Your initial deliverability is measurably better than a brand-new domain, and in my experience the gap never fully closes.
But it is not free. The parent domain is vouching for the subdomain. Abuse that trust and the damage flows back upstream fast.
So when is a separate domain actually justified?
Four scenarios.
Acquisition marketing to purchased lists. High complaint rates guaranteed. Keep it far from your brand.
Completely separate brand identities. If your subscribers would not recognize the parent company, separate domains make sense.
Geographic or regulatory separation. GDPR, data sovereignty, separate infrastructure.
Ultra-high-risk categories. Financial services, healthcare. Where even a momentary disruption to transactional email is unacceptable.
For Florent's typical high-volume sender? Subdomains win in almost every scenario.
One more thing. Al Iverson was recently talking about lookalike domains. Where does that connect?
Directly. If you train your subscribers to accept email from company-mail.com, you are normalizing the exact pattern that phishers exploit. Every legitimate separate domain you introduce makes it harder for recipients to distinguish your real email from impersonation.
With subdomains, the rule is simple: if it ends in company.com, it is us. If not, it is not us. That simplicity is a security feature.
So if Florent asks me for the one-line summary?
Use subdomains. Isolate by risk. Monitor everything. And implement DMARC at p=reject so nobody else can pretend to be you.
The question was never "subdomain or separate domain." The question is: how do you architect your sending so that your riskiest traffic cannot damage your most valuable reputation? Subdomains give you that isolation without giving up brand trust, warming speed, or authentication simplicity.
Separate domains are the nuclear option. Sometimes justified. Rarely the first choice.
Key Takeaways
- Bottom-up reputation bleeding is real and measurable — DMARC aggregate reports and Google Postmaster Tools surface it, but it is narrower in scope than most senders assume
- Top-down inheritance is the most underappreciated advantage of subdomains — a clean root domain gives new subdomains a meaningful reputation head start that a cold separate domain cannot match
- Separate domains solve one problem and create three — zero reputation at launch, broken DMARC alignment complexity, and brand recognition gaps that phishers can exploit
- Reputation architecture beats binary choice — the right model is graduated isolation: transactional closest to root, marketing on a managed subdomain, risky traffic isolated furthest away
- Subdomains normalise a consistent trust pattern for recipients — "if it ends in company.com, it is from them" is a durable heuristic that brand protection depends on
- Separate domains are the nuclear option — justified for damaged roots, genuinely distinct brands, or compliance-driven entity separation; rarely the first choice for anything else
That's a wrap on Episode 5 of Sunday Funday: AI vs AI.
This week's topic came from Florent Destors. Thanks Florent, that was a great one.
Got a topic you want Hassan and Nina to tackle next week? Drop it in the comments or DM us on LinkedIn. We're taking requests.
