How to Write Professional Emails: Security, Signatures, and Branding

Image of golf course near beach used on post about professional emails and email security.

Although I am a security student, I am not a security expert. Furthermore, this post only documents a few of the things needed to ensure your emails are secure. Please read my general disclaimer.

Domain name

yourname@customdomain.com

Custom domain names are more professional than a third-party provider like “@gmail.com.” 

Configurations

Depending on how you implement the domain, there can be security concerns. For example, if you use a nonstandard email setup (i.e., configuring Thunderbird or using custom APIs to handle mail from your domain name), you may have configured insecure protocols during startup or followed tutorials that offer convenient but irresponsible advice.

Protocols

There are three protocols commonly used for email: the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). All three use TCP. Message transfer agents—such as mail servers—use SMTP to send and receive email messages. POP and IMAP access electronic mailboxes (also known as “mail user agents” or MUA).

Simplistic diagram of how email works by The Impact of Email – Technical Aspects 

SMTP

As of 2022, SMTP is the standard protocol used for transferring mail. You probably use this daily if you connect to your email through a browser. If given the option, use TLS rather than SSL, which provides more security for SMTP. 

POP and IMAP

Some institutions disable POP and IMAP by default. However, if you are interested in using a traditional desktop client (e.g. Outlook, Thunderbird, iPhone), you will probably need to configure it. Note that IMAP has more clout than POP. IMAP stores your emails on a server, while POP downloads them to your MUA. If your device is lost, you will have copies on a server if you use IMAP. 

Too confusing?

Setting up custom email domains is difficult. If you are worried about navigating security effectively, I recommend holding off on setting up your email until you have time to seek guidance or figure it out.

Simplistic diagram of how email works. Source: Mail terminology

To learn more about how email works, I recommend reading Mail terminology: MTA, MUA, MSA, MDA, SMTP, DKIM, SPF, DMARC

If you are interested in this topic, Glenn Messersmith writes about Hacking WordPress Emails and other fun WordPress features and misconfigurations.

Formatting, grammar, and wording

Greetings

Greetings are a great way to personalize emails, so I feel like this is the sender’s choice. I use “hi” in all circumstances, but there are other options. In written letters, I may use “dear,” but that is it. 

Writing resources 

NameUsage
Cliche Finder Finds cliche phrases in writing
CopyscapePlagiarism checker. Does now work well, but it is the only free and reliable plagiarism checker I’ve found. 
Grammarly Grammar checker
Hemingway Editor Similar to Grammarly, but all of its features are free. 

Signatures

Many folks value formal and accessible email signatures. Formal email signatures match the font style, size, and color of the rest of the email. They also include a formal closing like “sincerely,” or “regards.”

Accessible signatures are compatible regardless of client. Unfortunately, many email clients can’t process signatures with icons, photos, and embedded links. As a result, text-based signatures with standard fonts, indenting, and coloring work best.

Additionally, I recommend including the email address in the footer because many email clients (i.e., Outlook) only shows the sender’s display name; it’s even more common for email clients to do this when you forward emails. By including the email in the footer, it is easier for recipients and forward-ees to start an email with you regardless of client. 

Examples

TopicConcernRemedy
Text style inconsistent with the rest of the email Looks strangeUse a default font
Custom colored font (i.e., orange or pink)Themed email clients that incorrectly process the colored text, making it unreadable. Dark mode is a common example of where this happens. Use default coloring; usually the default font color on your email client. 
Images, icons, and linksBad formatting on other email clients. This is extremely common. Avoid images and icons. Include a full link that is also embedded. 

– (bad) http://www.oliviagallucci .com 

– (bad) website 

– (good) www.oliviagallucci.com

Here, users can click your link if the client allows it. If it doesn’t, they can copy the text and paste it into their browser. 
3rd-party designers Embedding links or other information you don’t want in your emailDon’t use em!

FormatExample
Closing,

Name
Pronouns

Role 

Email Phone

Prefered socials 
Sincerely, 

Olivia A. Gallucci
(She/Her/Hers)

Double-BS Computing Security + Computer Science ’25

E: olivia@oliviagallucci.com 
P: 908 301 6852

Website: https://oliviagallucci.com/ 
LinkedIn: https://www.linkedin.com/in/olivia-gallucci 
Twitter: https://twitter.com/oliviagalluccii 

Recommended reads:
How to End a Letter (With Closing Examples) by Alison Doyle at The Balance Careers
How to Write a Great Email Signature [+ Professional Examples] by Lindsay Kolowich Cox at Hubspot
Should you include an email address in your email signature? by Gordan Banjac at Gimmio

Footers

Notices 

If your brand routinely needs to provide disclosures and notices, that is a great thing to put under the signature of your email. 

Confidentially   

Here is a standard confidentiality notice by the University of Hawaii:  

CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited.

Occupation specific 

Here is one Cyber Defense Magazine uses on its website: 

FAIR USE NOTICE: Under the “fair use” act, another author may make limited use of the original author’s work without asking permission. Under 17 U.S. Code § 107, certain uses of copyrighted material “for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.” As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner’s exclusive rights. Cyber Defense Media Group is a news reporting company, reporting job openings at no charge at our website Cyber Defense Professionals. All images and reporting of job openings are done exclusively under the Fair Use of the U.S. copyright act.

This post was written for IGME 599, an Honors FOSS Independent Study (Summer 2022).