Domain selection — TLDs, naming, and the bulk-convention risk.

The premise

A domain name is three independent signals stapled together. The second-level label is the brand-recognition signal — the string the recipient reads in the From: header and the string that determines whether the message is plausibly attributable to a known business. The top-level domain is the reputation signal — receivers maintain statistical priors on which TLDs disproportionately host outbound abuse. The registration metadata — registrant entity, WHOIS record, registrar, registration age — is the cluster-detection signal, used to identify estates sharing an operator and to apply estate-level reputation rather than per-domain reputation.

A correctly selected sending domain optimizes for all three simultaneously. The dominant operator failure is to optimize for the first (the name is clever) while ignoring the second (the TLD is compromised) and the third (the estate is registered the same week, at the same registrar, under the same WHOIS, following an obvious pattern). Early reports look acceptable; placement collapses at the 90-day mark when the cluster systems catch up.

TLD reputation differential

Major mailbox providers maintain TLD-level reputation priors as inputs to spam classification. These priors are not published; they are inferred by senders running controlled seed tests across matched-pair domains differing only in TLD, holding content, authentication, and warmup constant. The empirical results, at the 50-to-100-domain sample size, fall into a consistent ordering. The .com TLD is the baseline — placement is reported as a delta against it.

The 5-to-15% variance compounds with content quality, warmup state, and the recipient’s engagement history; the ordering is stable across major North American receivers. A 100-domain estate moved from .com to .xyz loses, in expectation, 8 to 15 of every 100 messages to spam before any other variable is touched.

The .com-default argument and when to deviate

The default position is .com on every domain, and the burden of proof sits on the operator who proposes to deviate. Three conditions justify deviation.

First, unavailability — the brand-adjacent .com patterns are exhausted, taken by squatters at $1,500-to-$8,000 premium pricing, or held by a legitimate operator. .co is the conservative fall-through, accepting the placement delta.

Second, deliberate audience-signaling — a sender whose recipients are exclusively in the developer-tooling vertical may accept the .io penalty if the recognition lift among that audience offsets it. The operator should hold this to seed-test evidence rather than received wisdom.

Third, registrant-isolation — the cold-sending estate is segregated from the corporate TLD to keep reputation events non-contagious to the corporate domain. This is the rationale for accepting .co across an entire sending estate while the corporate brand sits on .com.

Brand-adjacent naming patterns

The recipient who reads From: phillip@trybrand.com against a brand they have heard of performs a single-step inference: the message is plausibly from the brand. The recipient who reads From: phillip@random-string.xyz performs no such inference and treats the message as spam by default. Brand-adjacent naming is the mechanism that maintains the recognition signal across a multi-domain estate.

The patterns that compose into a 30-to-40-domain estate, in descending order of recognition strength:

A 30-domain estate composed of 8 to 12 distinct patterns is the operating point. The same single pattern repeated against minor brand-spelling variations is the failure mode discussed below.

The recipient-recognition signal

The discriminating question for any candidate domain: if the recipient does a five-second mental check, does the domain plausibly belong to the sender’s organization? tryskylarq.com passes. skylarq-outreach-team.com passes weakly — the “outreach-team” suffix reads as cold mail. skylarq-prospect-mail-7.com fails outright.

The recognition signal is a deliverability consideration, not a brand-protection one. The receiver’s classifier weighs domain-recipient affinity, which proxies in part on whether prior engagement with the brand on any other domain correlates with the candidate. tryskylarq.com sending to a recipient who has previously engaged with skylarq.com inherits a meaningful fraction of the corporate domain’s positive prior. skylarq-prospect-mail-7.com inherits none.

Trademark and typosquatting boundaries

Brand-adjacent naming has a hard legal boundary. The operator’s own brand is in-scope. Any third-party brand is out-of-scope, irrespective of the marketing intent.

The patterns that draw cease-and-desist letters in practice: registering get{competitor}.com or try{competitor}.com against a directly competing trademark; registering visual-typo variants of any third-party brand (g00gle.com-style); and registering brand-plus-product domains against a target customer’s trademark on a domain that is not authorized by the customer.

The UDRP arbitration process resolves these disputes in 60 to 90 days at a cost of $1,500-to-$5,000 in fees, plus the loss of the domain and any reputation built on it. The operator who has warmed a domain for 90 days and then loses it to an arbitration ruling has lost the warmup investment in addition to the domain. For US-based sending, the USPTO TESS database is a five-minute lookup that prevents the failure mode entirely.

The bulk-naming-convention pattern-match risk

The receiver-side cluster-detection systems at major mailbox providers operate on registration metadata. When 30 domains appear that share a registrant entity, share a registration window of less than two weeks, share a registrar, share a DNS provider, share a mail-exchange provider, and share an obvious naming pattern (try{brand}1.com, try{brand}2.com, try{brand}3.com), the receiver collapses them into a single estate-level reputation entity. A reputation event on any one domain — a single recipient complaint, a single spam-trap hit — is then applied to the entire collapsed estate.

The detection signal is not subtle. The pattern {brand}-mail-{n}.com for n in 1 through 30 is detectable by a regular expression. The pattern {brand}-outreach-{n}.com is detectable by the same regular expression with a different infix. Receivers have substantial commercial incentive to detect these patterns and the tooling is trivial.

The defensive posture is to compose the estate from heterogeneous patterns — tryskylarq.com, useskylarq.com, getskylarq.com, skylarqhq.com, hiskylarq.com, meetskylarq.com, skylarq.co — distributing 30 domains across 8 to 12 distinct patterns. No single regular expression matches more than 3 to 4 domains.

The “scrambling” pattern

A stronger variant of pattern-heterogeneity is what operators call scrambling: composing the estate from thematically related but lexically distinct second-level labels. Rather than 30 variations on a single brand string, the estate is composed of 30 domains around a thematic cluster — synonyms, adjacent product concepts, internal codenames, location-prefixed entity names — each of which the recipient can plausibly attribute to the operator but none of which match the same regular expression.

The tradeoff is that scrambled estates lose some recipient-recognition signal — the recipient who reads From: phillip@skyhaven-research.com cannot immediately attribute the message without an in-message disclosure. The mitigation is to use the message body itself: the signature, the company name in the first sentence, and the linked landing page do the recognition work the domain previously did. The estate trades a small amount of cold-open recognition for a much larger reduction in estate-collapse risk.

WHOIS registrant consistency considerations

The WHOIS record is the second cluster-detection vector after the naming pattern. A 30-domain estate registered under the same registrant name, email, phone, and address is a single cluster regardless of how heterogeneous the naming patterns are.

Privacy-protection services, offered by most registrars at $0-to-$10 per domain per year, replace the public registrant fields with the registrar’s proxy contact. This breaks the public-WHOIS cluster signal but not the registrar-internal registrant record, which receivers with commercial WHOIS data access can still cross-reference. Privacy protection is necessary but not sufficient.

The defensible posture: all sending domains registered under a single legal entity (the operating company, not the founder’s personal name), with privacy protection enabled, with the registrant contact uniform across the estate. The cluster exists; the operator’s posture is to make it legitimately attributable to the operating entity rather than to attempt to hide it. Hidden estates discovered post-hoc receive worse treatment than declared estates.

TLD-by-region differential

Country-code TLDs (ccTLDs) carry distinct reputation profiles per region. The B2B reputation of .de in Germany is materially stronger than any generic TLD for an estate sending into German recipients. .co.uk occupies the same position for the UK B2B audience; .com.au for Australia. These correlate with measurable engagement differentials in the target market.

The corollary: a ccTLD sending outside its country of origin inherits no regional trust and pays the placement delta of an unfamiliar TLD. .de sending into US recipients is reputationally weaker than .com; .co.uk sending into US recipients is the same.

Multi-region sending estates segment their domain pools by recipient region — a US pool from .com, a German pool from .de, a UK pool from .co.uk. The segmentation is at the campaign-routing layer.

The pricing dimension

Retail pricing curves for sending-relevant TLDs, per domain per year:

At 30 domains, the differential between an all-.com estate at $15 per renewal and an all-.io estate at $65 per renewal is $1,500 in annual standing cost. At 100 domains it is $5,000. These are not trivial sums against an infrastructure budget already paying for mailbox provisioning, DNS hosting, and sending-platform seats.

Renewal-pricing curves

The retail TLD market runs on a near-uniform pricing pattern: a heavily discounted first-year promo (.co at $9, .xyz at $1, .shop at $1), followed by a renewal price 2x to 30x the introductory rate. The operator who budgets renewal at the promo number understates the recurring cost by a factor of 2 to 4.

The defensive posture is to compute the cost model at the renewal rate, not the promo rate. The registrar’s published renewal price — not the cart price at registration — is the relevant figure. The operator who uses the first-year discount as the budget input discovers, twelve months in, that the standing cost has doubled without the volume changing.

Common operator failures

• Optimizing for cleverness over recognition. The operator selects names that read as witty internally but fail the five-second recognition check against a cold recipient. Open rates look acceptable; reply rates collapse because recipients flag the messages before opening.
• Bulk-registering 30 domains on a single naming convention. The estate matches a regular expression. The receiver collapses it into a single reputation entity. A reputation event on any one domain propagates to all 30.
• Using the corporate brand verbatim with a numeric suffix. skylarq1.com, skylarq2.com, skylarq3.com is the canonical pattern-match signal and is detected by every major receiver within the first 60 days.
• Selecting .io or new gTLDs on a price-sensitivity argument. The placement delta against .com exceeds the cost differential by an order of magnitude. A 5% placement loss on 100,000 monthly sends is 5,000 missed inboxes per month; the $50-per-year TLD savings is not the relevant lever.
• Budgeting at the first-year promo rate. The operator models the estate at $9 per domain per year, then renews at $35. The standing cost quadruples without the volume changing.
• Registering brand-adjacent domains against a third-party trademark. UDRP arbitration takes the domain and the 90-day warmup investment. The operator learns the lesson once.
• Mixing ccTLDs across recipient regions. The .de domain sends into US recipients at .com-minus reputation; the .com domain sends into UK recipients at .com-minus reputation. The estate underperforms in both directions.
• Skipping the WHOIS-cluster consideration. The estate is registered under the founder’s personal name and email across all 30 domains; privacy protection is omitted on cost grounds. The cluster operates as a single visible reputation entity from week one.

Pre-procurement checklist

• Brand-adjacent .com patterns enumerated; 8 to 12 distinct patterns identified for a 30-to-40-domain estate
• USPTO TESS (or jurisdictional equivalent) checked for trademark conflicts on every candidate domain
• Recipient regions identified; ccTLD posture decided per region (US-only: all .com; multi-region: segmented pools)
• TLD distribution decided: default .com; .co as the conservative fallback; .io and new gTLDs explicitly defensible
• Renewal pricing modeled, not first-year promo; 24-to-36-month total cost computed at the renewal rate
• Registrant entity selected: the operating company, not the founder’s personal name
• Privacy protection verified per registrar; estate-wide consistency confirmed
• Scrambling-versus-recognition tradeoff resolved deliberately; the signal is preserved in the domain or in the message body
• No regular expression matches more than 4 domains in the estate

Where this fits

Domain selection is the input to registrar selection (Chapter 3) — the registrar choice is constrained by which TLDs the operator has decided to register. It is the input to DNS hosting (Chapter 5), since DNS provider selection inherits estate-level posture from the domain set. And it is the precondition for the entire authentication-record layer in the cold email infrastructure reference — SPF, DKIM, DMARC, MTA-STS, and BIMI are all configured per domain.

The domain set is the load-bearing artifact of the sending estate. An estate of 30 well-selected domains tolerates operator error in every downstream layer. An estate of 30 obviously-clustered domains on a depressed TLD tolerates none, because it is already operating from a negative reputation prior before the first message is sent.