Technology Strategy February 26, 2026 8 min read

The Email Tax

The business system nobody chose and nobody’s managing.

When was the last time anyone evaluated whether your email setup actually serves the business?

Not whether it’s running. Whether it’s working.

For most companies, email is like the office coffee pot; nobody thinks about it until it stops. But contracts get approved via email. Client decisions happen in email. Recruiting, invoicing, compliance, it all runs through a system most business owners picked once and never revisited.

If you have between 50 and 250 email accounts, you’re in a tough spot. You may have outgrown the default setup, but you don’t have anyone managing email infrastructure.

The system you chose at 20 users is still running at 100. And it’s costing you more than you think — not in outages, but in the small things nobody’s tracking.

How email decisions are usually made.

How did someone pick your email system in the first place? When I ask clients, it’s almost always one of three stories:

  • Your “IT Guru” picked one. Maybe they knew Microsoft from a past job. Maybe they just liked Gmail. The decision was quick, low-stakes, and ended up permanent by accident.
  • Your MSP recommended one, probably the one they sell. They may have had a partnership, a discount, or more experience with one platform than another. The recommendation was as much about their convenience as your needs. Not malicious, but what I see in practice.
  • You inherited it. The company grew by acquisition, or a new office came with its own setup. Now you’re running on whatever was already there.

I’ve worked with a Florida-based radio station for over fifteen years. The number one reason we have tickets? Email. The legacy system was never designed to support over 100 accounts sharing large documents, multiple group email lists, and mobile access. Spam is a constant issue, and we use a third-party upstream filter. None of these were bad decisions at the time.

The added complexity, costs, and support tickets — that’s what I call the email tax.

Security is not a spam filter.

Most business owners I talk to believe their email is secure.

When I ask what that means specifically, the answers get vague fast.

“Our IT guy handles it.” “We have spam filtering.” “We use two-factor.”

Those are good starts. They’re not the whole picture. Every platform has spam filtering, but is anyone tuning it or reviewing the quarantine?

Phishing gets through spam filters — malicious links and attachments that look legitimate. Both Microsoft 365 and Google Workspace have built-in protections, but built-in doesn’t mean they are configured.

The Guardz 2025 SMB Cybersecurity Report found that 43% of SMBs experienced a cyberattack in 2025, with phishing remaining the primary vector.

Outbound filtering isn’t just about catching spam. It’s about protecting your business data. Sensitive documents that should never leave your organization — client files, financial records, proprietary information — can be stopped at the door. Even if it’s an employee forwarding something to their personal email, properly configured outbound rules won’t let it through.

Five years ago, I was brought in to rescue a collapsing email systems for a sports training company. For weeks, compromised accounts had been churning out spam undetected, causing a total reputation collapse. Major providers—Gmail, Microsoft, and Yahoo—blacklisted their entire domain.

The technical fix was straightforward, but the business damage was costly. More than 50% of their customer base suddenly stopped receiving invoices, schedule updates, and training packets, the operation ground to a halt. We didn’t just see ‘missed emails’; we saw missed appointments and a wave of refund demands. By the time we stabilized the infrastructure and accounted for the lost revenue and labor-heavy fallout, the company took a $15,500 hit in a single week. This is the email tax penalty.

The worse part — their email software had the tools to detect this. Nobody enabled them.

You sent it. Did they get it?

Your email platform is running. Messages are being sent. But are they arriving?

Email authentication protocols — DMARC, SPF, and DKIM — let your recipients verify that an email actually came from you. These aren’t optional anymore. Major providers like Gmail and Yahoo now require them. Without proper authentication, your emails end up in spam or are rejected entirely. Your team won’t get a bounce notification. The emails disappear.

The Red Sift Email Deliverability Guide found that domains failing SPF, DKIM, and DMARC authentication see 20-30% of their email land in spam at Google and Microsoft.

I worked with a Chicago-based personal injury law firm — about 75 users on Office 365. Spam and antivirus were working fine. They still had delivery issues. The features were there. The setup wasn’t. Nobody was checking because everyone assumed someone else already had.

To be fair, the new IT manager, Mark, inherited a mess and was trying to clean it up. HR was outsourced, DocuSign sent the legal documents, and payroll sent the pay stubs, but none of them reached their intended recipients. With proper DMARC monitoring, we identified all legitimate email sources, and Mark saw his email ticket volume drop by 75%.

For a law firm, a missed email isn’t an inconvenience. It’s a missed deadline, a lost client, a compliance problem. But most firms have no idea whether their authentication records are configured correctly — or whether they’re even in place at all.

I used to provide email blacklist removal services. I stopped because getting off a blocklist is increasingly difficult and time-consuming — time better spent making sure you don’t end up on one.

Lost productivity

Most companies don’t think they have an email problem: no major outages, no obvious failures. But what gets missed are the small things that erode productivity and undermine client trust.

Your team can’t find emails from 6 months ago because no one set up archiving. Onboarding a new employee takes 3 days because no one documented the email setup process. Business emails land in spam folders because your authentication isn’t working.

The Microsoft 2025 Work Trend Index found that employees spend roughly 2.6 to 3 hours per day on email — about 28% of the workweek. For a company with 100 people, that’s over 13,000 hours a year spent in inboxes. A missed email here, a wasted hour there. Not a disaster. Just a steady, invisible tax on your bottom line.

Dana in accounting isn’t tracking this. There’s no line item for “email taxes.”

Migrate with a purpose.

Email migration is when the real cost of “set it and forget it” finally hits.

I worked with a medical nonprofit that started with GoDaddy email services. As they grew, they moved from a VPS with Plesk to Gmail, then to Office 365, and back to Gmail. Each migration was a major disruption — and none of them started with the right questions. What tools does the team actually depend on? What are the reporting and archiving requirements? How do we handle large files?

You may have a new IT Manager who favors Microsoft, but you’re running Google. Before you migrate, make sure you’re solving a real business problem — not just switching to someone’s preferred platform.

Years of accumulated setup — forwarding rules, shared mailboxes, calendar integrations, third-party apps, compliance settings, custom domains, alias structures — all of it has to be mapped, documented, and rebuilt.

Email migration should be strategic, not reactionary.

What’s lacking now? What do we need tomorrow?

By asking these questions, you avoid migrating email three times in ten years.

Don’t ignore AI

Microsoft and Google are both adding AI assistants to their email and productivity platforms. Copilot and Gemini can draft replies, summarize threads, find documents, and automate workflows. The Google Workspace 2025 Business Value Analysis found that organizations using integrated AI features report a 40% reduction in email overload and a 35% boost in team productivity.

But these tools work with what they find. If your email is a mess — no naming conventions, no folder structure, years of unarchived threads, permissions that don’t match your org chart — the AI gives you messy results. Garbage in, garbage out. Now the garbage is auto-generated and looks like productivity, but it is just another tax.

The companies that get value from these tools are the ones with well-organized email systems. The gap between companies that manage email thoughtfully and those that don’t is about to get wider.

At rackAID, it’s a small team — but I use a custom-built AI agent to surface emails from three different business accounts. It tells me what needs a reply and what’s just a notice. That saves time every day.

Questions Worth Asking

I’m not here to tell you to switch platforms, hire a consultant, or buy a product. But there are questions worth asking.

  • Who actually owns email at your company — not who pays the bill, but who’s responsible for making sure it works the way you need it to?
  • When was the last time anyone reviewed your email security beyond “is the spam filter on”?
  • Could you document your entire email setup in the next few hours — every shared mailbox, every forwarding rule, every integration?
  • Does your email platform actually fit how your team works today, or does it fit how they worked five years ago?
  • What would a full day without email cost you — not a guess, but traced through deals, deadlines, and decisions?

Email is the most essential business application and the most ignored. With AI promising real productivity gains and modern platforms offering deeper integrations, now is a good time to take a hard look at that boring old tool everyone depends on. Otherwise, the email tax keeps going up.

Jeff Huckaby 25 Years of IT Experience, Founder of rackAID.

Jeff Huckaby · Founder, RackAID

25 years advising businesses on technology decisions. Quoted in Forbes, Inc., and Entrepreneur. Connecting technical activity to business outcomes.