Email might seem simple — but behind every message to and from Refurbit is a well-oiled system working hard to keep our inboxes clean, our data secure, and our replies sharp.
Whether we’re arranging collections, supporting customers, or dealing with CLASSIFIED, email is still at the heart of how we operate. But it’s not just about sending and receiving — it’s about staying protected in a world full of spam, phishing, and shady attempts to impersonate our brand.
Here’s how we keep everything running smoothly behind the scenes.
The Setup: Built for Nonprofits, Powered Like an Enterprise
We don’t just use Gmail (although is a reasonable alterative) — we run a full Microsoft 365 as we used office apps everyday, tailored for nonprofits. That means:
- Platform: Microsoft 365 (free nonprofit tenant — highly recommended for those who can get it)
- Domain: @refurbit.co.uk for staff, support, and department inboxes
- Access: Webmail, Outlook, and secure IMAP across devices
- Security: Multi-Factor Authentication (MFA) for admin and key staff
We’ve structured our mail system using shared inboxes, distribution groups, and delegated permissions. It keeps communication clear, even as our team scales.
Fighting the Spam & Spoofers
Email threats are getting smarter — so are we.
We used to get:
- Phishing scams pretending to be PayPal, job offers or the ubiquitous prince.
- Spoofed emails that looked like they came from us.
- Sales bots clogging our contact forms.
Now, we fight back with proper email authentication, emails 101:
| Tool | Why We Use It |
| SPF | Stops unauthorized servers sending on our behalf |
| DKIM | Makes sure emails can’t be tampered with in transit |
| DMARC | Gives mail servers clear instructions if SPF/DKIM fails |
| Custom Rules | Filters out spammy keywords, domains, and patterns |
We also check blacklists regularly and monitor DMARC reports to spot shady activity before it becomes a problem.
GDPR, Privacy & Compliance (Yes, the Boring but Important Bit)
Handling sensitive data comes with serious responsibility. That’s why we’ve baked security and compliance into the core of our email system:
- Backups: Redundant cloud backups + snapshot protection
- Retention Policies: Aligned with GDPR and ISO 27001
- Audit Logging: Every message in/out is traceable
- Encryption: Everything in transit is TLS-encrypted
It’s not just best practice — it’s peace of mind.
What’s Next?
We’re always tweaking and improving.
Final Thoughts: Email Is Your Front Door
If you run a small business, charity, or social enterprise — don’t sleep on your email setup, it doesn’t cost a fortune if done smart. It’s often the first impression people get of your organisation.
An inbox full of spam, missed messages, or dodgy delivery? It doesn’t just slow you down — it undermines trust.
At Refurbit, we’ve put in the work to make sure our email is as secure and reliable as the tech we refurbish. And we’re always happy to share what we’ve learned.
Want help setting up your own email security? Curious about Microsoft 365 for charities? Just ask — inbox peace is possible.
Thinking Bigger?
We’re planning to turn this into part of our Refurbit Tech Stack blog series — covering how we run our website, store, internal systems, and more. Want to see how it all fits together? Stay tuned.
Leave A Comment