Knowledge Base How-to Guides

Why do my emails end up in the spam folder and how to deal with it?

Cloud Migration

Cloud migration

Find out how to migrate to the cloud quickly & efficiently

Learn more

If the emails you send end up in the spam folder, you should pay attention to the following points.

Large mail services, such as Gmail, Yandex, Mail.ru, use a system for analyzing the content of a letter in order to identify signs of spam. To check this, try sending a simple text message without any links from the address that gets into spam. If it is delivered without problems, then you need to change the text of the messages sent out.

Another solution to this problem may be to add the sender to the "whitelist". You can learn how to do this in the “help” section on the email service’s website:

You can also contact the support services of the mail services, attach a sample letter and indicate that it is not spam:

If your resource sends out a large number of messages (for example, notifications of new messages from a forum), then you should take into account that major mail services have restrictions on the maximum number of delivered messages per unit of time. To prevent your mailing list from being mistaken for spam, you should take the following steps:

  • use a permanent dedicated IP address;
  • the IP address from which messages are being sent must have a valid reverse DNS entry pointing to your domain.
  • use the same address in the "From:" field in all letters;
  • sign messages with a DKIM key;
  • publish SPF records in DNS;
  • publish a DMARC policy to DNS.

If your resource does not carry out any mailings, you need to check if it has been hacked and used by attackers to send spam. First, examine the HTTP server access logs. Having too many POST requests to the same files too often is suspicious:

185.31.210.44 — — [01/Sep/2015:09:04:07 +0200] «POST /images/banners/New/view.php HTTP/1.0» 200 264 «-» «Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.7.6)»

185.31.210.44 — — [01/Sep/2015:09:04:55 +0200] «POST /images/banners/New/view.php HTTP/1.0» 200 264 «-» «Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.7.6)»

185.31.210.44 — — [01/Sep/2015:09:05:43 +0200] «POST /images/banners/New/view.php HTTP/1.0» 200 264 «-» «Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.7.6)»

Analyze this file and check whether it’s part of the site's CMS, whether it contains encrypted code and check the modification date. If there are signs of infiltration, remove it. Take measures to prevent re-infection: update CMS, change passwords, disable unnecessary modules.

Users of Web shared hosting services with a dedicated IP address, VDS and dedicated servers should also check the presence of the IP address in the DNSBL lists:

DNSBLs are databases of addresses from which spam is sent. If the address is present in one of them, you need to go to the DNSBL website, find out the reason, take measures to fix the problem and apply for deletion from the list.

Was this article helpful?

Tags:

#email

Did you like the article?

Cookie consent

By clicking «I agree», you consent to our website's use of cookies to give you the most relevant experience by remembering your preferences and repeat visits. However, you may visit «Manage сookies» to provide controlled consent. Learn more

Cookies settings

functional

Necessary cookies are crucial for the basic functions of the website and the website will not work in its intended way without them.

  Enable essential cookies These cookies do not store any personally identifiable data.
Analytics

Analytical cookies are used to understand how visitors interact with the website.

  Enable analytic cookies These cookies help provide information on metrics such as number of visitors, bounce rate, traffic source, etc.
Advertisement

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns.

  Enable advertisement cookies These cookies track visitors across websites and collect information to provide customized ads.