In the world of electronic communication there are many systems, blacklists and filters for identifying SPAM messages. Some of those defense systems are very restrictive and sensitive. Others use artificial intelligence elements for “self-teaching” based on recipients’ actions and senders’ reputation. Despite these advanced technologies, it is very likely for legitimate messages to be sometimes also marked as SPAM.
Just an example for this is the case when multiple Gmail recipients mark a certain message as SPAM, although it does not contain malicious links to websites or files. From then on any subsequent message from this sender is automatically sent to the SPAM folder because of Gmail’s intelligent SPAM filter.
Another example is when a certain email account’s password is intercepted and numerous SPAM messages get sent without the account owner being aware of this action. The consequences of such a situation are that the domain and even the mail server’s IP address get blacklisted and gain bad reputation. Therefore, the legitimate messages sent from this domain are also automatically going to the recipient’s SPAM folder.
There are many possible reasons for a specific message to be marked as SPAM. In this article we will tell you more about the most common of them.
Email authentication through SPF, DKIM and DMARC is not enabled
Many mail servers and email services such as Gmail, Outlook, Yahoo, AOL, Hotmail, etc. check if SPF and DKIM records are available for the sender’s domain and if they are missing, such emails are directly sent to the recipient’s SPAM folder. Also, some email services look for the domain’s DMARC record and if there is no such available, messages might be directed to the SPAM folder.
You can enable the SPF and DKIM records for your domain by going to cPanel » (Email) Authentication.
SPF and DKIM are DNS records through which the sender and the message’s content are authenticated.
DMARC is a mechanism for email validation preventing third parties from using the domain for sending SPAM.
Besides serving as an indicator for mails legitimacy these email anti-SPAM systems keep the domain indirectly from being blacklisted, as they do not allow it to be used from malicious persons for sending unsolicited messages.
SPAM filters can use these databases (blacklists) containing IP addresses and domains of SPAM senders. SPAM filters connect to blacklists and inspect them for the presence of the sender’s IP address/domain.
If the domain has been blacklisted you can submit a removal request in accordance with the requirements of the respective list. Before doing this you should necessarily change all passwords of the email accounts you are using. Also, you need to scan for malicious software all devices from which you access email and hosting services. Then submit a request for your domain/IP address to be removed from the blacklist.
There is something wrong with the message’s content
Email messages consist of two parts. The first are the headers which contain information about the mail itself, the sender, the recipient and other system information.
Some headers can be viewed directly: From, To, Subject, Date and others. Which headers are visible for the recipient depends on the email client/service used.
Headers can be used to check reasons why a certain message has been marked as SPAM. SPAM filters and protections often use their own system headers in the message which points out the reason for a message to be marked as SPAM. For example, the SpamAssassin filter will specify the tests which the message has passed in the header “X-Spam-Report: SA TESTS”.
All headers in a message can be viewed through the email client/service as the respective option is used, for example View Source, Message Source or something similar.
The second part of the message is the email body which contains the source code, text and images. SPAM filters check both of the message’s parts.
Email content (body)
The email’s contents, text and images are the message’s main part which is visible for the recipient. The message’s source code can be viewed through an option in the mail client/service.
SPAM filters check the message’s contents for specific suspicious words. Currently, those are mainly English words such as buy, Viagra, online pharmacy, etc. The examples above are taken from the SpamAssassin filter tests. Your SPAM filter rules define which suspicious words the email body and the header will be checked for.
Through email filters however, each user can specify different words to filter the messages for, including words such as “unsolicited”, “commercial email”, “unsolicited commercial email”, “our database”, “purchased database” and others.
Some of the reasons for which the email might be filtered as SPAM because of its contents are:
- It contains specific words indicating SPAM such as buy, pharmacy, etc.
- The whole email body contains only one image without any text.
- There are too many or too large images in the email body.
- The message size in MB is too big.
Tips for the email’s content:
- Use a minimum number of images with small size in kB.
- Think about optimizing the email for mobile device users.
- It is not a good idea to use a background image for the whole message.
- Stick to placing more text than images in the email body.
- Use a plain font with a normal size and color.
- If you need to attach a large file, upload it on your website or on a file sharing service and place a link in the email body.
- If the email’s purpose is an online advertising campaign, increase the content’s quality so that it can stimulate recipients to act – to open the message and click on the link.
- You must add an “Unsubscribe” option at the end of your email.
This is the first thing users see. That’s why it should contain a short, exact and clear description of the email contents so that the user can immediately grasp the email subject. The same tips and best practices as with the email body are applicable for the subject of your message.
Some of the reasons for which the email might be filtered as SPAM because of its subject are:
- The subject is typed only in capital letters.
- It contains numerous exclamation marks!!!
- It contains words such as buy, pharmacy, etc.
You can place a link to a website or an image in your email signature. This is part of the email body so the SPAM filters treat it the same way as the other parts of the email. Check the reputation of the domains to which you have placed links and make sure they are not blacklisted. Check the size of embedded images.
Some email clients and services prevent email images from being displayed by default. This means that even if there is nothing wrong with the image, it cannot be viewed by the recipient.
For the images to be displayed, the recipient should either change their settings or explicitly confirm their desire to view the image by clicking a button in the mail client/service. Most email clients/services will keep displaying the image contents after it has been once allowed.
If the recipient trusts the sender and likes the emails’ contents they would wish to view all images in that sender’s messages.
To increase your emails’ quality you can stick to:
- Optimized images with not too large of a size and not too big of a number. Also, avoid placing an image in the email’s body without typing any text. Some filters treat this as an indicator for SPAM.
- Add alternative text to your images to describe them. It can explain in short what the image depicts when it is not loaded because it has been blocked by the email client. The alternative text for images is most often placed in settings for the image itself or directly into the source code (alt-text=”very-short-image-description”). When there is such description and the image does not load, the recipient knows what it is about and can get the message content better. The recipient can also allow images to be displayed.
- Most importantly, if you wish users to allow images to be displayed, make sure your email offers quality content.
Malicious attachments and embedded objects
There are certain types of files which are considered malicious and almost any SPAM filter would mark the email as SPAM. Those files can be executed on the recipient’s device and inflict damages. If your message contains an attached file of the exe, bat, cmd, jar, msi type, it would most surely be filtered as SPAM.
In your emails avoid using:
- Links redirecting to websites that require providing personal or sensitive user data.
- Links to websites whose domains have been blacklisted (URIBL).
- URL shortening that can be treated as an attempt to hide the website’s URL.
Email source code
Your email source code and headers can be viewed through the email client/service by using View Source, Message Source or a similar option, available in your settings.
If the message’s HTML code is invalid and contains incorrect tags or parameters, the message can be marked as SPAM.
To avoid your emails being marked as SPAM, make sure that:
- The HTML code is valid. Test the code with a tool such as: http://validator.w3.org/
- Besides the HTML code, the email should also have a plain text version. If you are using an email client/service, you should not worry about these two factors. If you are using an application through your website which generates the email, you need to make sure the app adds also a plain text version.
- There are no hidden objects such as text, images or others in the source code. Hidden means that those objects cannot be viewed directly from the recipient, but are visible when the email source code is inspected. For SPAM filters this is a sure sign that something is wrong with this email and there is a big possibility for your email to be blocked.
If you are sending emails through your WordPress website
When you send emails through your WordPress website, you need to check how they are being sent – through Sendmail or SMTP. If a plugin is used, check its settings and set SMTP to be used with a real email account.
Important: To prevent emails sent from your WordPress website from being marked as SPAM, we recommend sending them through SMTP with a real email account. For the purpose you can use an additional plugin such as WP Mail SMTP.
If none of the listed above is a reason for your emails to be marked as SPAM, there might be another factor, referring to only a specific email provider. Different email services such as Gmail, ABV mail or others use different SPAM filters and methods to sort emails as SPAM. If your emails are marked as SPAM upon one email service provider, but this does not happen with another, you need to check the SPAM filter settings of the email service. For example: