Frequently Asked Question
My customer's emails are being blocked or marked as SPAM
Last Updated 3 days ago
In reality, email, like regular mail is never 100% guaranteed to be delivered, and email, like regular mail requires certain things to be in place, or it will not be delivered.
If the issue is that your customer's emails are being blocked, nearly 100% of the time, their email server is not set up correctly, or, their email server/account has been compromised and is marked as a spammer and blackholed.
If they are being marked as Spam, their server may not be set up correctly, their email application has problems, they sent a message whose content, or subject is similar to spam messages. Certain topics, like healthcare, investments, can increase this suspicion. Emails from free services can be penalized too. Especially if their email account name ends with numbers and is not a recent year. (webdude 0482 for an example)
The big issue, or battle, with email is fighting spam and unwanted email, but never miss an important email. If we set things too stringent, there will be too many "false positives" and your customer's emails may be blocked too frequently and incorrectly. Not stringent enough, the mail server stands a good chance to be marked as a "loose" server that doesn't care about people sending spam through it.
Understand that there are things done server wide on the email server, and things that are done per hosting account, domain, and the email account on the server.
Protections on the server side, affect every mail account on the server.
On the server side, mail servers have built in certain protections into the software. These are not easily changed.
Other protections can be, and those are;
So, if you are using the web/mail server to send emails, and someone sends an email looking like it was from you on a different server, say Gmail, then SPF would say to the recipients server, hey, that's not from us, and based on our recommendations, ignore, think about it, or reject that email. The -a says to reject it
DomainKeys Identified Mail (DKIM) is an email authentication protocol that uses digital signatures to verify that an email is authentic and has not been modified in transit. DKIM is a critical component of email security that helps to prevent phishing attacks and spam.
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email security protocol that helps to protect email addresses and domains from being misused.
DMARC works by:
You can read more on the above by visiting:
https://www.cloudflare.com/learning/email-security/dmarc-dkim-spf/#:~:text=DomainKeys%20Identified%20Mail%20(DKIM)%20enables,email%20came%20from%20the%20domain.
On the email account side, we can in Plesk Control Panel under the mail tab and the security link for the account:
If the issue is that your customer's emails are being blocked, nearly 100% of the time, their email server is not set up correctly, or, their email server/account has been compromised and is marked as a spammer and blackholed.
If they are being marked as Spam, their server may not be set up correctly, their email application has problems, they sent a message whose content, or subject is similar to spam messages. Certain topics, like healthcare, investments, can increase this suspicion. Emails from free services can be penalized too. Especially if their email account name ends with numbers and is not a recent year. (webdude 0482 for an example)
The big issue, or battle, with email is fighting spam and unwanted email, but never miss an important email. If we set things too stringent, there will be too many "false positives" and your customer's emails may be blocked too frequently and incorrectly. Not stringent enough, the mail server stands a good chance to be marked as a "loose" server that doesn't care about people sending spam through it.
Understand that there are things done server wide on the email server, and things that are done per hosting account, domain, and the email account on the server.
Protections on the server side, affect every mail account on the server.
On the server side, mail servers have built in certain protections into the software. These are not easily changed.
Other protections can be, and those are;
- Check DMARC on incoming email,
- Check DKIM on incoming email
- Enabling SPF protection on incoming email
- The checking mode
- Reject if SPF fails
- Reject if SPF fails
- Reject if SPF softfails
- Reject if SPF neutral
- Reject if SPF does not resolve to pass
- SPF checking rules (is in case SPF is not present on incoming email)
- SPF guess rules (Currently checks the A record, MX record, and the PTR record, set to -all)
- The checking mode
- Check against DNS blackhole lists (We use only time tested reliable DNSBL, zen.spamhaus.org;b.barracudacentral.org;bl.spamcop.net)
So, if you are using the web/mail server to send emails, and someone sends an email looking like it was from you on a different server, say Gmail, then SPF would say to the recipients server, hey, that's not from us, and based on our recommendations, ignore, think about it, or reject that email. The -a says to reject it
DomainKeys Identified Mail (DKIM) is an email authentication protocol that uses digital signatures to verify that an email is authentic and has not been modified in transit. DKIM is a critical component of email security that helps to prevent phishing attacks and spam.
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email security protocol that helps to protect email addresses and domains from being misused.
DMARC works by:
- Verifying email senders
DMARC uses the Domain Name System (DNS), DomainKeys Identified Mail (DKIM), and Sender Policy Framework (SPF) to verify email senders. - Instructing receiving mail servers
DMARC tells receiving mail servers what to do with messages that don't pass SPF or DKIM authentication. For example, a DMARC policy can instruct the server to move the message to the recipient's spam folder. - Providing reports
DMARC provides reports that help identify authentication issues and malicious activity. This information can help senders fine-tune their policy and establish brand trust. - Preventing domain spoofing
DMARC helps prevent attackers from using an organization's domain to impersonate its employees.
You can read more on the above by visiting:
https://www.cloudflare.com/learning/email-security/dmarc-dkim-spf/#:~:text=DomainKeys%20Identified%20Mail%20(DKIM)%20enables,email%20came%20from%20the%20domain.
On the email account side, we can in Plesk Control Panel under the mail tab and the security link for the account:
- Add to the Whitelist,
- Add to blacklist,
- Set SpamAssassin's threshold, which tells when an incoming email is to be considered as SPAM based on SpamAssassin's rules.
- How Spam messages are treated (Blocked, Marked (by prepending the SUBJECT with a message), and Move (Usually to the Spam or Trash folder, but other major folders can be chosen),
- Turn SpamAssassin on or off.