In order to protect against spam and other malicious emails, security and email companies use complex algorithms to automatically check emails and decide whether they go into an email account's Inbox or Junk/Spam folder. While it's rarely an issue, if email is vital to your business then there's a number of good rules to follow:
1 - Be Compliant with the CAN-SPAM Act
Although it's an American law, most technology companies use the 7 requirements specified in the CAN-SPAM Act as an important part of their anti-spam algorithms. You can click here to read the full guide. These rules are mainly important for marketing emails, however, even if your emails aren't marketing related it's a good idea to have your emails roughly follow them. It's basics state the following:
- Don’t use false or misleading header information - Make sure you use a valid email address in the to/from/reply to, etc fields
- Don’t use deceptive subject lines - Make sure the subject clearly and simply states what the email is about
- Identify the message as an ad - Make sure that a marketing/advertisement email is clearly noted as such
- Tell recipients where you’re located - This is commonly included in the signature
- Tell recipients how to opt-out of receiving future email from you - You can ask your developer how to add an "unsubscribe" link to your marketing emails
- Honour opt-out requests promptly
- Monitor what others are doing on your behalf - Check what emails other people in your organisation are sending from your domain
2 - Avoid Spam and Phishing related trigger words and phrases
One of the first things a good spam filter does is look for words that relate to subjects often used in spam or phishing emails. While there isn't a specific list of these words (it changes regularly and the specific words are hidden to make things harder for spammers), words that easily relate to these subjects are likely to trigger a spam filter. Sometimes the use of these words is unavoidable due to business reasons. In this case, you should be extra careful in following the other tips listed here. A list of subjects who's related words you should avoid/minimise are:
- Any Adult/R18/XXX related words
- Money/banking/finance-related words. Bank/Paypal phishing emails are some of the most common.
- Pharmaceutical/drug related words, especially common drug names
- Names of fashion brands, especially popular one. Spammers commonly try to sell counterfeit goods
3 - Sent emails as Text rather than HTML
As plain text emails have far fewer ways of being manipulated, they are generally safer and more likely to get through a spam filter than HTML emails. Off course for Marketing this likely isn't possible, but wherever else you should try to minimise the use of HTML.
4 - Use a Spam Checker
Before sending an important email, you might want to run it through a spam checking tool. There's a number of these tools available online. They won't ever be 100% correct however they can give you a good idea of how likely your email is to reach its intended recipient:
isnotspam.com - this site gives you an email address to send your email too so it can be analysed. Great for marketing emails but not so much for confidential work.
mail-tester.com - provides a similar service to isnotspam.com
mxtoolbox.com/blacklist - This checks your domain/server IP against common blacklists, if your domain or a domain/website link in your email is blacklisted it's very likely to trigger a spam filter. Note that with Business, Shared and Reseller hosting, we use a separate group of IP's for sending email so adding your server IP here won't likely be relevant
melon.com.au/melon-stork - This site lets you copy>paste all the contents of your email so they can be checked against a spam filter
Please note that the above are 3rd party services, so while we suggest them, we aren't able to provide any direct support or assistance for them. You should also be very careful when using these for confidential emails, and if possible replace important information with dummy data.
5 - Get your server/website of Blacklist
There are a number of websites that will check your domain or server IP to see if it's on a blacklist. These include:
On Personal, Business and Reseller plans, emails go through a separate mail cluster which greatly lessens the effect of having your domain or server IP on a blacklist. However on a VPS/Dedicated server, having your IP listed becomes much more important. If this happens, lodge a ticket to support and we'll look into this further for you.
6 - Maintain a Good Text to Image Ratio and Good GrammarThis is one of the secret tricks spam filters use to detectweather or not an email is Spam. Try to follow the following rules:
- Maintain good spelling and grammar, use a spell checker. Spammers are commonly from non-English backgrounds, so broken English can trip a spam filter. They also try to get around trigger words by slightly misspelling words, for example using N1ke Sh0es instead of Nike Shoes.
- Try to send at least 2-3 lines of text for every image. If it's an HTML email make sure to the email has at least a 500 character total.
- Optimise your images. Try to keep individual pictures under 100KB. This can be as simple as opening the image in Paint (Windows) or iPhoto (Mac), resizing the image and saving it as a jpeg/jpg or a png file.
- If you're sending an HTML email, make sure it's cleanly formatted.
7 - Don't use emails purchased through Email Lists
There's a number of sites which sell lists of email addresses that marketing emails can be sent to. How useful those lists are really depends on your business needs. Some email security companies are known to "infiltrate" these lists by having email addresses known as spam traps included in the list. The spam trap emails are kept secret, so if an email is sent to it the security company knows to mark the sender as a spammer. A better idea is to build an email list through client's who have visited your website and provided their email willingly.
8 - Avoid Large Attachments and Certain File Types
Spam filters will always check an attachment and image and may reject things on file types alone. Images should be sent in .jpg, .gif and .png formats. Documents should be sent in .pdf when possible. Formats like .doc and .docx (or other Word/Spreadsheet formats) can have viruses injected into them so they're more heavily scrutinised, however, they're normally fine provided you follow the other tips lists. Executable file types like .exe, .swf and .zip are high risk and should never be included in an email. If you do need to send a sensitive file type it's better to upload it to your website or a storage service (Google Drive, Dropbox, etc) and link to the folder. Make sure to add password protection if it's a private/confidential file.
You should also use your website or a storage service for sending large files rather than attaching them. There are 2 main reasons for this: Different email servers/services will have different max email size and max file size limits. Gmail's is 25MB for the total email size,
- Different email servers/services will have different max email size and max file size limits. Gmail's is 25MB for the total email size, however, that is subject to change. Other email services may also change theirs without notice. Emails which exceed a certain size can be rejected
- An email receiver's device may be on a slow/unstable internet connection, so larger emails may time out and not reach the device
9 -Check Your domain's DKIM, SPF and DMARC records
DKIM, SPF and DMARC are all TXT type DNS records which a spam filter will check against when it receives your email. While DKIM and DMAR are very useful, SPF is now vital and your email almost certainly won't be received if you exclude it.