How to prevent your email being tagged as SPAM
Introduction and Overview
Everyone uses email. Some of us use free email services like Gmail, Yahoo, Hotmail etc. Some of us have either a VPS or VM to host our own email server with our own domain. Some of us have shared webhosting plan and use a shared email server, with our own domain.Some of us have a dedicated server, with our own domain.
You must have seen emails from free email service providers are not tagged as spam but when our emails are tagged as spam by such service provides.
You must have also noticed that your business email i.e email from your domain is getting tagged as SPAM every now and then and your domain/business reputation is at stake.
Mail servers use a wide array of anti-spam checks to keep out spam.
This includes IP reputation check, message composition, RFC compliant SMTP handshake, mail user feedback, and more. All these checks together produce a spam score that determines whether a mail is a spam or not.
Spammers around the world are constantly trying to adapt to anti-spam measures taken by email providers. So it is recommended we have to continually modify server configurations to help reduce spam.
As a result, there is no single thing you can do to ensure that all of your outgoing messages are delivered successfully.
I have seen that some emails, while legitimate, produce a low spam score because of the poor reputation of the server encoding, IP network, message headers message and many other factors.
In this article, I will explain how to prevent your email being tagged as SPAM.
Below are some of the important reasons for your email being tagged and solution for the same
IP reputation / Domain reputation
Always check the reputation of IP and/or domain. There are many factore on which IP reputation is calcualted. It can be the content of the messages, bounced messages, messages sent to not-existing email boxes, messages hitting spam traps. Based on the IP reputation scoer mail servers decide where they will deliver the email message.
To avoid being blacklisted follow below methods :
Check whether your domain is blacklisted by visiting
Enter your domain name or IP address to check the blacklists.
It will check the domain name or IP against most popular blacklist databases for reputation check.
Other sites : SenderBase.
Prevent IP blacklisting :
Implement a web application firewall to prevent website infection and malware upload. It will stop spam scripts from reaching the server through vulnerable websites.
Setup malware scanning that’s triggered every time a new file is uploaded. This will remove spam scripts uploaded through FTP and cPanel.
Allow only Exim and Mailman to send outgoing emails, to prevent spam scripts from sending spam.
Limit the emails sent per hour per user, so that if an email account is hijacked by a spammer, only a limited amount of spam will leave the server
This will avoiding IP blacklist traps.
Reverse DNS record – PTR record
The reverse lookup is a simple verification check which can help your email server quickly differentiate between valid email senders and potentially
compromised machines hijacked for the purpose of sending spam.
The mail servers must use a reverse DNS (Domain Name System).
PTR records are used for the reverse DNS lookup. An A record should exist for every PTR record.
Check whether the PTR record is setup by entering your server IP in the reverse lookup tool :
Apache SpamAssassin is a very popular open source email filter that examines incoming email and tests for spam characteristics. It uses Bayesian spam filtering and network tests to screen incoming email. The scores can be positive or negative. The higher the positive score is in your email, the higher the probability that the message is spam. This results in an overall score that Apache SpamAssassin uses to determine whether it should discard a message.
You can enable SpamAssassin on your cPanel server by following the below steps
Home >> Email >> Apache SpamAssassin >> Enable Apache SpamAssassin
Prevent malware infection
Most of the major mail service providers keep historical records of IP reputation. It is important to keep your server out of IP blacklists.
Mass mailing and mail bounces can casue email services provdier being considered as spammer. That is why we should provide bulk mailers a dedicated IP.
Your own email server
The first one is to get your own cloud server where you will have your own IP for sending emails. On shared hosting servers all mails go out from one IP address. It is very likely for the IP to have lower reputation or to get blacklisted in an RBL. The cheapest way is to get a business email hosting service with a dedicated IP. With such a service you will still have your emails sent from your dedicated IP and others users will not be able to affect your inbox delivery.
SPF, TXT, DKIM, DMARC DNS records
We must have a practice to authenticate emails with SPF, DKIM, and DMARC
The following methods authenticate your email and prove to the inbox providers that your email is worthy of the inbox and not the spam folder:
Sender Policy Framework (SPF) – ensures you are who you say you are by comparing the sender’s IP (found in the domain’s DNS record) with a list of IPs authorized to send from that domain.
Domain Keys Identified Mail (DKIM) – meeting this standard ensures that the email was not tampered with during transmission.
Domain-Based Message Authentication Reporting and Conformance (DMARC) – leveraging the power of both SPF and DKIM, DMARC requires both to pass in order to send and deliver email.
SPF And DKIM
Sender Policy Framework (SPF) is a DNS text entry which shows a list of servers that are allowed to send mail for a specific domain.
It is used as an email authentication method that allows emails to be sent only from an authorized source.
DomainKeys Identified Mail (DKIM) is also an email authentication method to verify that the emails are trustworthy. It ensures that the email contents weren’t changed from the moment it left the initial mail server.
Make sure that your email authentication is enabled.The email authentication is a verification method used to stop spam coming from your email address even if you are not sending any. If your emails are not authenticated properly spammers can easily spoof emails coming from your domain. This causes your domain to get blacklisted even though you are not sending mails.
The email authentication can be enabled on your cPanel by following the below steps.
cPanel Home >> Email >> Authentication
Stop spam mails
Enable DKIM and SPF by clicking on enable button. Your emails will be authenticated after enabling both DKIM and SPF records.
Stop spam mails
If you donot have cpanel and have configured your email srever from scratch use below methods to add spf, txt and dkim records in your DNS.
A very basic SPF record looks like the following:
example.com TXT v=spf1 a ~all
A typical DKIM record looks like the following:
selector1._domainkey.example.com TXT k=rsa;p=J8eTBu224i086iK
A very basic DMARC record looks like the following:
_dmarc.example.com TXT v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:firstname.lastname@example.org
Do not in violate CAN-SPAM Act of 2003
Check the official website here https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003.
You can verify your emails are following the rules as instructed and earn good grades.
Content Of Your Emails
There are billion active user accounts worldwide, so always check the content of your emails.The words and phrases are usually in the subject line or body of the email and can trigger the spam filtering system.
Below are 15 common spam phrases to avoid:
1) Cell phone cancer scam
2) Message contains disclaimer
3) Take action now
4) Multi-level marketing
If you have tried all the steps and still your business emails are going to recipient’s spam box, you may need to consider a paid Linux consultant or email service or a large email host for sending business mails. The paid email services offer auto responses which can be set up based on other actions taken by users.