Emails get stuck in spam.
Spamfilter
Blocking lists
Mails from my domain get stuck in spam sometimes, but it's unpredictable when so I can't really recreate the issue. I checked isnotspam.com and blacklists, but those results are positive. Please help me
Thanks in advance
Oli
Spam filters are always changing, but there are some things you can do to avoid your emails getting flagged. Since you said you've checked the blacklists already, verify your content. If your emails have spammy content, like using telemarketer-esque language, all caps, lots of exclamation points, etc., they may be getting flagged as spam.
There's more info here: https://www.emailonacid.com/blog/article/email-marketing/how-email-spam-tests-work-and-what-you-can-do-to-pass-them
You can also look into your DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF), and DMARC (Domain-based Message Authentication).
Related
I am really confused. Gmail still puts my emails into spam folder.
I have DMARC, DKIM and SPF records, all valid.this is image from gmail message
please tell me why all of email in my domain received as spam and how can i solve it
Well, as Synchro said, gmail's spam filters can be overzealous at times, but there are a few things you can do to help.
It looks like you've already done the necessary technical things (SPF, DKIM, DMARC, etc)
However, did you consider the subject and the contents of your message?
Your subject line alone says very little, and if it's a very generic email, google may see it as spam, try including the person's name, if possible
Assuming, for example, this is to request an interview with someone
Eg:
Instead of "interview", you could write
", are you interested in interviewing?"
Then in the body include the user's name as well, all of these will make your message look less like generic spam, and more like an email the person is expecting or requested, lowering the probability it'll go to spam.
Until your domain gets a reputation with google as probably not spam, they tend to lean that direction.
Also ensure all automated emails you send have an unsubscribe link etc
Some emails sent by our sever go to spam for certain recipients. E.g when sent to #outlook.com email addresses.
I have been testing our emails using https://www.mail-tester.com
SpamAssassin gives a score of -0.1 for the issue of 'HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different'
This is the only issue reported. Everything else, such as SPF and DKIM, passes. There is no documentation on their website for this issue and I don't understand what it means or how to fix it.
The email is sent using PHPMailer via AWS SES.
I solved this by completing the setup of 'MAIL FROM' in AWS SES. This set the mail from header in emails to be my domain name.
"HEADER_FROM_DIFFERENT_DOMAINS" and mail-tester.com now gives me a score of 10/10.
Note that for some email providers it took a few weeks before we were trusted and emails stopped going to spam.
It means that the envelope sender address (which is used at the SMTP level) is different to the address used in the From header. This is very common, but can be a problem if you try to implement DMARC alignment. For example, you might send a message with a from header containing user#example.com, but your envelope sender might be bouncehandler#mail.example.com. You should be able to see this in the Return path header of a received message. Whether you can change this depends on exactly how you're sending your message, but in PHPMailer the envelope sender defaults to the from address, and you can override it by setting the Sender property.
A -0.1 penalty is unlikely to be the entire cause of your mail being sent to spam.
Its outlooks rubbish filtering system. They have "AI" rules that look at the sending ip address for reputation. They score you on user reportsand lots of other bits they will not tell you about. Make sure you have SPF, DMARC, DKIM, and sign up for their JMRP and SDNS they will tell you. But it still is a game of cat and mouse. Its a slippery slope and even Microsoft trap their own mail to their own outlook users. PITA, to be honest and luckily we managed to get a mitigation to the issue. However some users in different domains still complain of email going to JUNK. Go figure. I hate having to work on issues with Outlook.com. They themselves send out spam and have the audacity to block well configured SMTP senders.
I wish you luck. You will need it.
I manage a googlegroups with many hundreds of people, and often happens that spam is sent to our mailing list even if it's for members only.
The most annoying is when the spam arrives with the address of members.
Which suggestions can I give to the people to reduce the risk of their mail being harvested by spam bots? I usually suggest to enable https on their webclient and SSL on their desktop client and to run an antivirus session regularly.
Is this a good way to avoid the problem or it doesn't change anything?
No it is not. Neither of your recommendations have anything to do with spam bots harvesting mail addresses. Those are normally scraped from a website/number of websites. The best advise you can give them is never to post their emails to a website pernamently, or use something to confuse the bots, such as [ad] instead of #.
Also as you can spoof the address of the sender, you pretty much can't avoid spam sent with sender address of the members, once they have those addresses (e.g. I get even spam from my own address).
There is hope!, as Cyber-Guard Design proposed ask your users to not write down their mail addresses normally. For example normally you would write ur mail adress like
myname#somedomain.com insted do => myname[a_t]somedomain[d_o_t]com
That should do the trick, for most bots at least
I am trying to create a newsletter for our business.
The last few days have been spent testing, and one of things I have noticed is that MSN seemingly randomly filters out some of my test messages.
This is super-frustrating.
I like the PEAR Mail MIME-package, and have been using that. I may send one email from one of our servers, resulting in the message getting through, and in the next minute, the same message sent from our other server ends up in the junk folder. Then if I add an attachment to the email, and the same message passes though the filter from the server that was previously blocked. I think. What the ####? Is this like throwing a dice, without me having any control over what is trash, and what isn't?
I have sent email from several servers, all of which are shared. But I am unsure this is the problem. The problem is that it is seemingly random how MSN filters email. Some emails get through, and some other don't for seemingly irrational reasons.
I am running out of ideas, but I am not giving up. Therefore I am writing to you for HARDCORE technical info on how MSN filters spam.
First of all, this is probably better suited for ServerFault. The problem is more infrastructure related than application related.
This is a common problem and isn't completely solvable especially if you are using shared mail servers. But there are things you can do to increase the likelihood that your mail will be accepted by mail services.
Run your own mail server, do not use a shared server. This way you will have better control over the mail server's reputation. Mail server reputation is important, as others using the server can cause its reputation to drop, which makes your mail to be less likely to be accepted. The important thing is to have your own dedicated IP number.
Make sure you have reverse DNS set up for your mail server. Not having reverse DNS properly configured is a great way to have your mail rejected.
Use SPF, SenderId, DomainKeys, and DKIM. I believe MSN uses SenderId. These provide you with a way to tell the other mail server that the sending mail server is an approved server for sending mail from your domain name. If these pass, then the mail is much less likely to be spam. Here is an article on these things:
http://www.digitalsanctuary.com/tech-blog/debian/setting-up-spf-senderid-domain-keys-and-dkim.html
Don't send spam! If you do all these things and still send spam, you'll still have troubles.
Monitor for bounces, possibly using VERP.
Make sure to provide a means to opt-out of your list.
Additional advice can be found here:
https://serverfault.com/questions/48428/how-to-send-emails-and-avoid-them-being-classified-as-spam
Here's an example of the SPF configuration I use:
https://serverfault.com/questions/122121/dns-zone-file-spf-configuration-to-support-sending-mail-from-multiple-servers-and
Newsletters especially can easily look like spam. You might consider using a service like MailChimp or similar that specializes in email marketing and mass emailing. They will make sure to tend to all the technical details, remove their servers from blocklists if they get blocked, and so forth. They also provide you with opt-out features, CAN-SPAM compliance, and more.
I've found the Spamtacular blog to have good information as well (it looks like they are having some technical issue right now - hopefully it will be online when you view this).
I was thinking about creating a service similar to posterous where users can post to a fixed address like post#domain.com and then authentication of the posts would be based on some combination of the from address and header signature. Posterous seems to be doing something clever so that they can detect if a message is being spoofed or sent from an unknown source.
Anyone know what they might be doing?
There are some basic heuristics you could use, to try to detect it.
The most basic thing would be to look at the originating host and headers of the previous emails and see if they match previous ones. If the poster's email domain uses SPF you can verify the IP address has permission to send on behalf of that domain. It's easy to spoof an email - it's harder to spoof an email and actually have it originate from a subnet that matches where your previous mail has come from. But that can be subverted, as well.
First off, the email you post to should be random and unrelated to any display name. This keeps random strangers on the net from knowing where to post in the first place.
You could also go far more sophisticated and implement some sorts of machine-learning-ish things (or even more straightforward heuristics) to pick up on style, but that would be much tougher to get right.
Or just be lame, and upon receipt of a post, fire back an email to the poster with a link to verify and/or a special token to send back as a subject (if they're posting from a phone, etc. with no browser).