Sending SPAM or unsolicited email is one of the practices most heavily pursued by ISPs today.
Providers like Gmail, Hotmail or Yahoo have very strict filters, and that is why perfectly legitimate emails can end up flagged as SPAM.
Below is a series of measures to prevent your emails from arriving as SPAM.
This article covers emails flagged as SPAM by the recipient. If your emails are being blocked by the GINERNET relay, see Emails flagged as SPAM by the RELAY.
Most important: prevent people from clicking "SPAM"
To identify SPAM, the method used by the big providers such as Gmail and Hotmail is the percentage of "complaints" from their users: that is, when the person receiving an email manually marks it as SPAM.
If you send emails to Gmail or Hotmail users and the recipients mark your email as SPAM, your next emails (even to other recipients) will also land in the SPAM folder.
If you have already been penalised, we explain below how to improve your reputation, but remember: the one who decides whether an email is SPAM is the recipient, not you.
Email content matters
- Do not write the subject ALL IN CAPITALS and use coherent sentences: antispam systems understand linguistic syntax better every day.
- If it is a reply or a forward, remove all content that is not relevant. Long reply chains often produce HTML errors that add antispam points.
- Avoid extremely long signatures. The typical disclaimer "This email is intended for its recipient..." is a myth and only causes trouble: if you need legal wording, link to your website instead (for example, to your GDPR clauses).
- Avoid "strange" font colours: many antispam systems treat them as an attempt to hide content.
- Images are best sent as attachments. If you embed them in HTML, keep the text-to-image ratio above 90% text.
- Send emails in plain text. If you use HTML, also include a "plain text" version and make sure the HTML is properly formatted. If you are having SPAM issues, send plain text only, at least at first, to debug the problem.
- Avoid shortened links (bit.ly, tinyurl.com, t.co, fb.me...): they are heavily used by hackers and spammers to hide the real URL of malware or phishing.
- Avoid contact forms on your website: it is better to publish your email address. When a user writes to you directly, your address enters their whitelist and your replies will be delivered correctly.
Configure your server properly
- Set the VPS hostname: you can do this from your control panel. Make sure the hostname responds to ping: there must be an entry on your DNS server pointing to the hostname.
- Set the reverse DNS (PTR): with the hostname configured, declare the reverse record from your VPS panel. It is very important so the legitimacy of an IP can be verified: you are telling providers that the IP is yours, that you are responsible for it and that there is someone behind those emails. Spammers usually do not declare reverse DNS to avoid getting a whole domain blacklisted; if you do not send SPAM, you have nothing to fear.
- Set the SPF record in your domain's DNS zone: this verifies the legitimacy of your outgoing mail server and prevents someone else from sending emails pretending to be you.
- Use SMTP and a real sender: send with SMTP authentication and use as sender the same account you authenticate with. That way the receiver can verify that the sender account really exists. Do not authenticate with an account on your domain and then set a Gmail address as sender; if you want replies to go elsewhere, use the
reply-toparameter. - Do not use sendmail or PHP's mail() function: emails sent with
mail()carry no authentication, the recipient cannot verify the sender's identity, and they are very likely to be treated as SPAM. More details in PHP mail() function vs SMTP authentication. - Publish a landing page on the sending IP: create a page showing your company information and an abuse contact. For example, if you send from IP
5.134.112.0, opening that IP in a browser should show who you are and how to contact you. You can see an example here with our own sending server. - Check fail-delivery messages: review your sending logs (
/var/log) for delivery errors. Spammers sweep the Internet looking for addresses to send to, and many no longer exist. Gmail, Hotmail and Yahoo detect whether you try to send to non-existent addresses: if you do it often, they will consider you a spammer and your emails will stop reaching inboxes.
IP and/or domain reputation
You can check your IP reputation at senderscore.org (registration required for full details) and at talosintelligence.com.
As mentioned at the beginning, email providers analyse the number of complaints from recipients ("clicking the SPAM button"). That action not only sends your email to that user's SPAM folder: it gives the ISP a signal to lower the reputation of the sending IP and domain.
If you send mass mailings and many recipients click "SPAM", the reputation of your IP and domain will drop quickly. Do not send emails to recipients who are not interested in receiving them.
How to build reputation for your IP and/or domain
The key is to receive emails: if Gmail, Hotmail or Yahoo users write to your email accounts, those ISPs consider the recipients legitimate and increase your IP/domain reputation. In addition:
- If one of your emails landed in SPAM and the user marks it as "Not SPAM", you gain reputation.
- The more emails you send without anyone clicking "SPAM", the more your reputation with that provider grows over time.
If you need a professional service for sending your emails, contact us: we have extensive experience sending large volumes of email daily. That said, we can only help you if you really do not send SPAM.
Everything configured and your emails still arrive as SPAM?
- Sign up for Microsoft's JMRP to receive reports about your emails landing in Junk: here.
- Sign up for Hotmail SNDS to check which of your emails were flagged as SPAM (include your server's IP): here.
- Contact Office365 using this form.
- Read how to send email to Gmail accounts: here.
- Check the Yahoo sender documentation: here.