A winery owner told me recently that their wine club members kept missing the email asking them to choose their pack. The members never saw it, the charge went through anyway, and every cycle left them with confused and unhappy customers. There was no one looking after this side of the business, and they said it wasn't something they knew much about.
What was happening was simple. The email was authenticating badly enough to land in spam, so the one message the whole club depends on was quietly failing. Nothing bounced, nobody was told and it happened, every pack run.
So I scanned the public email configuration of 124 wineries across five Australian wine regions to see how common this was. Thirteen are sending from a domain whose authentication has already broken, so that same email is failing for a share of their members right now. Two-thirds publish nothing that would stop someone forging mail in their name on top of it.
Most of these are small, family-run operations. There is no IT department and no one whose job it is to manage the DNS. The website was set up by one person and the club platform bolted on later by another, and nobody made sure the two agreed on who was allowed to send mail.
The fix is straightforward for anyone who works with these records. The difficulty was never making the change. It is knowing the mail was failing at all since nothing announced it, and knowing what correct looked like well enough to trust it afterwards.
Email authentication is the rare fundamental that fails silently. For a winery that runs a club, the thing failing silently is the one email standing between a happy member and a billing dispute.
The owner I spoke to had no way of knowing. The information was sitting in public DNS the whole time. Nobody had looked.
I later ran the same scan across 252 Australian law firms, where the silently failing email is a conveyancing settlement notice.