7 Effective Tips to Stop Your Emails Being Marked as Spam
In previous articles, we discussed how you can easily set up your own email server with iRedMail or Modoboa, or you can set up your email server from scratch. However, many folks can’t get their emails into the inbox of Gmail, Hotmail, or Yahoo mail, despite having a 10/10 score on mail-tester.com. In this article, I’m going to show you all the tips I have that can get your email out of the recipients’ spam folder.
Note: This article is written for legitimate email senders and isn’t for spammers. If you send spam, your email will eventually be placed in the spam folder, no matter how hard you try.
6 Types of Email Messages
First, you need to understand which type of email you are sending. For the purpose of this article, I will divide email messages into 6 categories:
- personal email
- transactional email
- marketing email/newsletter
- group discussion email
- cold email
- spam
Personal emails are usually sent from a person to his/her friends, family members, co-workers and so on. There is often only one recipient.
Transactional emails are sent from websites or web applications to their users. For example, a visitor receives an email after creating an account at a website, or requests resetting the password. There is only one recipient per email.
Marketing email/newsletter is sent by website owners to their subscribers to inform them about new blog posts, webinars, or promote products and services. There are many recipients per email. A subscriber can only reply to the list owner, but can not send emails to other subscribers.
Group discussion emails are commonly seen in open-source software development using the Mailmain mailing list software. For instance, the Linux kernel mailing list allows its subscribers to discuss Linux kernel development. A subscriber can send an email to all other subscribers in the mailing list.
Cold email and spam are both unsolicited emails. The difference is that cold emails are often targeted at a specific group of people to sell a service and the sender will provide real service if the recipient responds. Spam are sent to random people and they are often scams.
Spammers always refuse to admit they are sending spam. The technical definition of spam is Unsolicited Bulk Emails. If you are sending bulk emails to people who have never given you permission to send emails, then you are a spammer in the eyes of mailbox providers. Some people use several domains to send bulk emails. It’s very likely they are spammers, because legitimate email senders don’t need to use several domains.
The Big Four Mailbox Providers
Mailbox providers are also known as inbox service providers. Sometimes people call them ISP (Internet Service Provider). Actually, broadband providers and hosting providers can also be called ISP. The most used mailbox providers are:
- Gmail
- Yahoo Mail
- Microsoft Mail (Hotmail, Outlook, Live)
- AOL Mail
3 Email Deliverability Factors
There are mainly 3 factors mailbox providers look into when they decide if your email is spam or not.
- Email standard compliance
- IP address reputation
- Domain name reputation
I will give you tips for getting out of the spam folder, in accordance with these 3 factors. Note that it takes time to improve your IP reputation and domain reputation, so please be patient.
Tip #1: Set Up Email Authentication and Get 10/10 score
This relates to email standard compliance. You have probably already done this, but for the purpose of being thorough on this subject, I still need to talk about it. Spammers often don’t conform to email standards. Setting Up email authentication (correct PTR, SPF, DKIM, DMARC Records) for your email server and getting a 10/10 score on mail-tester.com will significantly increase the chance of your email landing into inbox.
If your SPF, DKIM, and DMARC records are broken, then mailbox providers could not verify that the email actually came from your domain. It’s very likely your email will be placed in the spam folder. Even if it’s placed in the inbox folder, it’s common for mailbox providers to show a warning to the recipients like below, so it’s very important to pass SPF, DKIM, and DMARC verification.
Tip #2: Use SMTP Relay Service
If your mail server has never sent emails before, then your IP address doesn’t have a reputation (good or bad), and major mailbox providers are more likely to place your email into spam folder. Not being on a blacklist doesn’t mean your IP address carries a good reputation, and if a block of IP address has really bad spammers on it, it can affect other people in the neighborhood of that IP block.
SMTP relay services maintain good IP reputation. They stop the bad senders and grow the good ones, so using SMTP relay service will increase the chance of hitting into the inbox.
- How to Set Up SMTP Relay on Ubuntu with Sendinblue
- How to Set Up SMTP Relay on Debian with Sendinblue
- How to Set Up SMTP Relay on CentOS/Rocky Linux with Sendinblue
Tip #3: Use Managed VPS Hosting
If you want to use your own server rather than SMTP relay services to send emails, then it’s very important to have clean IP addresses for sending legitimate bulk email. Unfortunately, big well-known VPS providers like DigitalOcean and Vultr are abused by spammers, and they will abuse every VPS provider they can find. Be aware that there are two types of VPS:
- self-managed VPS: The hosting company only ensure your VPS is online and provides no extra technical help. You are responsible for software installation, setup, optimization, updates, backup, uptime monitoring, and malware scanning.
- managed VPS: The hosting company ensures your VPS is online and takes care of server management for you. You don’t need to worry about software installation, setup, optimization, updates, backup, uptime monitoring, and malware scanning.
Instead of using a self-managed VPS, it better to use a managed VPS to run your mail server. This is because managed VPS is configured by the technical support staff of the hosting company and if the customer sends spam, it will be stopped very quickly, so the IP address of managed VPS won’t get blacklisted.
Managed VPS is slightly more expensive than self-managed VPS, but it’s still super cheap compared to SMTP relay services and it really pays off if you care about sending legitimate bulk email.
I run my mail server on ScalaHosting. As you can see from the screenshot below, my mail server’s IP address (130.51.180.110) isn’t on any blacklist.
And Gmail thinks my IP reputation is high.
Tip #4: Add Your IP to a Whitelist
dnswl.org is the most well-known public email whitelist. You can go to the self service
page and register an account on the website, then add your mail server information. If you are lucky, your mail server’s IP address might be added to the whitelist.
After creating an account at DNSWL, you should click the DNSWL IDS
tab to create an ID. Enter your domain name and verify the domain ownership. Then add your mail server IP address to your DNSWL ID.
Your IP address will not be added immediately to your DNSWL ID. Your change requests must be approved by DNSWL admins. Once approved, your IP address will appear in your DNSWL ID, which means your mail server IP address is added to the whitelist.
Note: You should follow email-sending best practices and never send spam, or your IP address will be removed from the dnswl.org whitelist.
dnswl.org has 4 scores/trustworthiness for an IP address. Higher score is better.
0 / none
: only avoid outright blocking (-0.1
)1 / low
: reduce the chance of false positives (-1.0
)2 / medium
– make sure to avoid false positives but allow override for clear cases (-10.0
)3 / high
– avoid override (-100.0
).
The scores in parentheses are SpamAssassin scores that will be applied to your emails. In SpamAssassin, lower score is better.
By default, your IP address will have a 0
score/none
trustworthiness. If you use ScalaHosting and strictly follow email-sending best practices as described in this article, over time your IP address will have higher scores/trustworthiness at dnswl.org.
You can check your current score using the following command, where 78.56.34.12 is the reverse notation of your IP address.
host 78.56.34.12.list.dnswl.org
For example, my mail server’s IP address is 130.51.180.110, so I run the following command to check the current score.
host 110.180.51.130.list.dnswl.org
The last digit of the returned address is the dnswl score. As you can see, my dnswl score is 1
.
It’s not easy to get a 2 or 3 score at dnswl.org. You will need years of track record to achieve that.
Tip #5: Set Up A Website and Create Positive Engagement Signals
Domain name reputation is the ultimate factor that influences mailbox providers’ decisions. If your domain name has high reputation among mailbox providers, then your emails will land into the recipient’s inbox, even if you don’t strictly comply with email standards or your IP address is in a bad reputation.
- high domain reputation, low IP reputation ==> can still reach inbox
- low domain reputation, high IP reputation ==> can still be marked as spam
Note: I’m not suggesting you should ignore building a high IP reputation. It’s still important.
Gmail postmaster tools shows my domain name has high domain reputation.
If you have a new domain name, or you have never sent emails from your domain name, then big mailbox providers don’t know about you. Your domain name doesn’t have any reputation (good or bad). So how do you go about improving your domain name reputation?
There are mainly two things that are related to your domain name reputation: website quality and email recipient engagement.
Website Quality
First, your website can affect your domain name reputation. The following will reduce your reputation score.
- There’s no website associated with your domain name.
- Your website has only a blank page.
- Your website is used to spreading virus.
And the following items will increase your reputation score.
- There’s a website associated with your domain name.
- Your website uses HTTPS.
- Your website has unique, good-quality content.
If you don’t have a website yet, you can set up a WordPress blog by following one of the tutorials below.
- Install WordPress on Ubuntu 20.04 with Apache, MariaDB, PHP7.4 (LAMP)
- Install WordPress on Ubuntu 20.04 with Nginx, MariaDB, PHP7.4 (LEMP)
- Install WordPress on Ubuntu 18.04 with Nginx, MariaDB, PHP7.2 (LEMP)
Email Recipient Engagement
The other more important factor that can affect your domain reputation is recipients’ engagement with your emails. The more positive engagement, the higher your domain name reputation will be. Positive engagement includes:
- Opening your email.
- Clicking links in your email.
- Replying to your email.
- Adding your email address to contact list (very positive engagement signal)
- Moving your email from spam folder into inbox (very positive engagement signal)
Negative engagement includes:
- Deleting your email without opening it.
- Clicking the unsubscribe link in your email.
- Reporting your email as spam (very negative engagement signal )
But you may ask: If my email can’t get into inbox in the first place, how can I create positive engagement? Well, there are different ways for different email senders. I divide email senders into two groups.
- Those who send transactional emails
- Those who don’t send transactional emails
If You Send Transactional Email
If you send transactional email, it’s very easy to have positive engagement with the recipient, because the recipient expects you to send email to him/her. On your website, you can tell the recipient to check the spam folder and mark your email as not spam. They are much more likely to open your email and click links in the email. Over time, your email will automatically land into inbox.
Note that mailing list sign-up confirmation email is transactional email, so if you have a newsletter sign-up form on your website, you can also tell the recipient to check spam folder and add your email address to contact list. Recipients are very likely to click the confirmation link in the email.
If You Don’t Send Transactional Email
If you run a self-hosted mail server for personal use only, it’s more difficult for you to create the initial positive engagement, but you can:
- Use your original email address to send an email to your contact list, tell them that you are going to use a new email address, and ask them to add it to their contact lists.
- Create an auto-reply message at your original email address, telling the sender to add your new email address to contact list and send email to the new email address.
- Ask your family members, friends, and co-workers for help. Send fictitious emails to them and ask them to move your email from the spam folder to inbox. You probably need to send several fictitious emails to each person.
- You can also hire a group of people to read your emails and move your email from the spam folder to inbox.
Update: You can use an email warm-up service to improve your reputation automatically!
If you send cold email, you need to be extra careful about how you approach your recipients. They didn’t ask for your email and if you send email to them again and again, they are very likely to report your email as spam. Don’t be pushy. If the recipient doesn’t respond after 2 or 3 emails, stop emailing them.
Tip #6: Don’t change your mail server’s hostname or the From: domain name.
If you change just one letter in the subdomain, email filters of mailbox providers will treat you differently and you will lose the domain reputation you have built. Subdomains inherit some of the reputation from your apex domain (a domain that doesn’t contain a subdomain) but not all of it. Each subdomain has its own reputation. Note that each email address from the same domain name also has its own individual reputation.
Tip #7: Never Send Spam
Last but not least, you should never send spam. If you send spam, your email will eventually be placed in the spam folder and even rejected outright, no matter how hard you try. And your server IP address will be blacklisted. Your domain reputation will also be damaged. Some folks don’t know they are sending spam when they actually are.
Spam is also known as unsolicited bulk emails. They are two conditions for spam.
- Unsolicited email: If a person doesn’t explicitly give you permission to send emails, and you send an email to this person, that’s an unsolicited email.
- Bulk email: If you send an unsolicited email to just one person, it’s not spam. When you send unsolicited email to lots of people, it becomes spam.
An example of legitimate bulk email is when you use a double opt-in form on your website to create an email list. The visitor will have to click the confirmation link in order to subscribe to your email list.
Tips for Newsletter/Marketing Email Senders
Besides the above general tips, here are some specific tips for newsletter/marketing email senders.
- Make sure the recipient gave you permission to send email. Use double opt-in to verify the subscriber’s email address. If you don’t, there’s a high chance that you will have email delivery issue. You should not buy email list from a third party.
- A high bounce rate (> 5%) can damage your sender reputation. You can use a bulk email address verification tool like Truemail or Abstract API to remove undeliverable email addresses from your list.
- If you change your mail server IP address, or you use a new subdomain, you need to warm up your IP address/subdomain. For example, send 100 emails on day 1, then send 500 emails on day 2, send 1000 emails on day 3. Don’t send emails to thousands of people immediately.
- Send emails that recipients actually want.
- Include your contact information and your mailing address at the bottom of the email message.
- Personalize the email message as much as possible. For example, include the recipient’s first name in the email body and segment your list based on the subscriber’s gender, age, interest, country, etc.
- Conform to CAN-SPAM Act
- Avoid large attachments.
- Clean your email list. For example, delete email subscribers that haven’t opened your email in the last 60 days. This is usually called email sunset policy. Unengaged subscribers won’t make you money and they are detrimental to your domain reputation.
- Test your email placement with GlockApps before you send.
- Be consistent in your sending frequency. If you send emails to your subscribers in the first month, but stops sending emails in the following 6 months, then your subscribers don’t remember you and mailbox providers are likely to put your email into spam folder.
- Keep your open rate above 20% and spam rate below 1%. You can check spam rate at Gmail Postmaster Tools.
- If you send newsletters/marketing emails, then your emails are likely to land in the promotions tab in Gmail. One way to get into the primary tab is by using only plain-text in your email.
- Don’t strip the
List-Unsubscribe
header from your email. The List-Unsubscribe header is required if you send newsletters. It enables the user to easily unsubscribe from your mailing list. When a person wants to unsubscribe, you should not prevent him/her to do so. - Sometimes mailbox providers would temporarily stop accepting your newsletter email. Don’t panic. They just want to find out if you are sending spam, by looking at users’ behavior with your already sent emails. If they decide that you are not a spammer, the rest of your email will be accepted. This delay can be up to 24 hours.
- Your emails won’t be placed in all recipients’ inboxes. Some of them will probably be placed in the spam folder. It depends on how the specific recipient interacts with your previous emails. So it’s important that you maintain a good relationship with every subscriber in the email list.
- Be careful with email curse words like weight loss, make money, etc. Generally, you should not use them in your email unless you have established a good domain reputation and has good engagement with your recipients before.
- Don’t overuse capital letters, bold letters, and highlighting in your email. These are common techniques used by spammers to attract the recipient’s attention.
- Don’t send bulk emails too fast. Sending 10k emails at once sets off alarms all over the place. In my opinion, the default Postfix SMTP server delivery speed is too fast if you send an email to 10K subscribers. Add
default_destination_rate_delay = 2s
anddefault_destination_recipient_limit = 50
in your Postfix configuration file to slow it down a little bit. Also consider deploying multiple SMTP servers when you have over 10K email subscribers, so a bulk email campaign can be spread across the SMTP servers. - It can be time-consuming to repair a damaged domain reputation, but it’s easy to improve the reputation of a new domain or sub-domain that has never sent emails. If you have high reputation on the main domain, you don’t need to use sub-domains. If you have a damaged domain reputation, you can try using a new sub-domain as the
From:
address to send emails.
SMTP Rate Limiting
We can use a Postfix policy daemon called policyd-rate-limit
.
sudo apt install policyd-rate-limit
Edit the configuration file.
sudo nano /etc/policyd-rate-limit.yaml
Find the following lines.
limits: - [10, 60] # limit to 10 mails by minutes - [150, 86400] # limits to 150 mails by days
The default limits are too restrictive. I use the following setting, so my Postfix SMTP server can send up to 20,000 emails per hour.
limits: - [333, 60] # limit to 333 mails per minute
Also, find the following two lines.
limit_by_sender: False limit_by_ip: False
And change the value to True.
limit_by_sender: True limit_by_ip: True
Save and close the file. Next, edit the utils.py
file.
sudo nano /usr/lib/python3/dist-packages/policyd_rate_limit/utils.py
Find the following line. (Line 88)
self._config = yaml.load(f)
In Python 3, calling the yaml.load()
fucntion without Loader=...
is deprecated, so we need to replace it with:
self._config = yaml.load(f, Loader=yaml.SafeLoader)
Save and close the file. Then edit Postfix main configuration file.
sudo nano /etc/postfix/main.cf
Tell Postfix to use the rate-limiting service with the following setting. The check_policy_service
should be the first restriction.
smtpd_recipient_restrictions = check_policy_service { unix:ratelimit/policy, default_action=DUNNO }, permit_mynetworks, permit_sasl_authenticated, ... ...
Save and close the file. Then edit the Postfix master.cf file.
sudo nano /etc/postfix/master.cf
Find the submission
and smtps
section. Change
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
to
-o smtpd_sender_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
Save and close the file. Then restart Postfix and the policy server.
sudo systemctl restart postfix policyd-rate-limit
Now send a test email from your email client, and check the log of policy daemon.
sudo journalctl -eu policyd-rate-limit
If everything is working, you should see that policd-rate-limit found the sasl_username
and insert an id for the sasl_username
.
Gmail Spam Rate vs Spam Folder Placement Rate
The Gmail spam rate is the percentage of emails marked as spam by users vs emails sent to the inbox for active users.
- Gmail spam rate = the number of emails marked as spam by users / the number of emails that land in the Inbox folder
- Spam folder placement rate = the number of emails that land in the spam folder / the total number of emails sent to users
Gmail spam rate is the better tool to gauge user engagement. If the Gmail spam rate is low (under 1%), your domain reputation will grow automatically. If it’s high like 4%, your domain reputation will go down. Spammers have horrible spam rates (6% ~ 20%), as shown in the following screenshot.
If you are a spammer, please stop. You will never achieve good results.
Wrapping Up
I hope these tips can help you get out of spam folder. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂
Thank you.
Excellent tutorial really cleared up a lot for me. I am wondering how to handle bounce and inbox full, unopened mail etc, you talked about sunset policy. What would you recommend as a means to monitor that? Cheers
Bounced emails will almost always tell you why it’s bounced. And you simply need to follow the instructions.
If the recipient’s inbox is full or over quota, you can’t do anything about it, unless you have other means to contact the recipient and tell him/her to free up space in the mailbox.
Sunset policy is very simple. Find subscribers that haven’t opened any emails for 60 days and delete their email addresses from your email list.
Thanks for the reply, how would I monitor it any particular software open source. How do I know which emails have bounced or the quota is full, can I check a log somewhere? Or is there an easy way.
You can use the pflogsumm tool to automatically analyze and generate a Postfix log summary every day and send it to your email address.
After following Steps1-6 and getting good score, everything working, is it possible to install Roundcube on top?
Just search for Roundcube on my website.
Excellent chapter. Please could you expand on the setting of the “List-unsubscribe” header? Thanks.
You can read the RFC.
If you use Mailtrain or Mautic to manage your mailing list, the List-unsubscribe header will be automatically added in the emails.
This series of tutorials helped me out to make a working email server. I should add that if you want even more trust, there is now a thing called BIMI (Brand Indicators for Message Identification), which you configure at your domain dns and, after give the email provider trusts you, can make your logo show up in the email (according to bimigroup dot org, Currently only gmail and yahoo have implemented that).
Obs: even after getting 10/10 from mail-tester and using a relay service, all e-mails keep landing at spam box.
Improve your domain reputation and your emails will go to inbox.
Hi Xiao,
Thanks for this awesome tutorial.
I’m using sendinblue as a relay because Mailjet rejected my application without explanation. I skipped steps 4 and 5 because I thought Sendinblue does that on their end. I was getting 10/10 on mail-tester.com but my mail wasn’t being delivered. Then I came back and did steps 4 and 5, now I get 4/10 on mail-tester.com and it says that the Sendinblue IP address is a spammer. Is this a Sendinblue issue?
Regards,
I received confirmation from Sendinblue that the problem is on their side because I’m sharing an IP address with hundreds of other users. Their best solution is to upgrade to a more expensive plan with a dedicated IP address.
How can I improve domain and ip reputation I only sent mail for personal use i once had a working mail server but it got blacklisted because a friend misused it
wow! it worked. Xiao Guoan is Magician. follow the tutorial to the last step and have patience…1-2 months
I try to test my mail server on https://www.mail-tester.com
I got blacklist message:
How to fix this blacklist? Thank you
Follow this guide: How to bypass email blacklists
Thank you for this helpful article. – I have one question, in case you have any advice.
I have not been able to submit my URL in combination with its IP address to dnswl.org. I was able to register the domain name, but when I wanted to add the IP address, it did not accept it, as, despite the IP address is mine (I am the only user), it is, besides all of my own domains, associated with a domain I do not control (a subdomain of a domain of my cloud space provider, i.e. subdomain.cloudprovidersdomain.tld).
I contancted dnswl but was told I could delete my entry, as my provider controls that IP address. That is I have no way of getting my address into the whitelist. Perhaps I have mistunderstood something: But will not almost always the provider control an IP address? Any advice for the constellation I have described? If not, still thank you for the interesting article.
I think they are talking about the PTR record of your mail server IP address. Some hosting provider may have default PTR record using their domain name.
If your mail server hostname is
mail.domain.tld
, then you should contact your hosting provider to change the PTR record tomail.domain.tld
.Then dnswl.org can accept your IP address.
Thank you very much!
That was amazing!!!
Thank you LinuxBabe!
Thx Xiao Guoan, You saved my life.
We had a problem with our server with SPAM and got blocked in Gmail.
This solved our problem. Thx
self._config = yaml.load(f, Loader=yaml.SafeLoader) is not working.
I changed the SafeLoader to FullLoader which is working.
self._config = yaml.load(f, Loader=yaml.FullLoader)
awesome! thank you.
It’s remarkable designed for me to have a web site, which is useful in favor of my know-how.
thanks admin
In my server mail log it appears like that, why Xiao Guoan? Can you help me. Thank you.
I presume “Mailmain” should be GNU Mailman?