- No SSL on Local Mail Client or Web Mail
- HTML email signatures
- Message Content
- Your domain reputation
- Recipient Settings
- DKIM Records Reduce Spam
- Sender Policy Framework Reduces Spam
- DMARC Reduces Spam
Recently, a new client asked “Why is my email going to spam and ending up in people’s junk folders?”
Is this happening to you? We’ll tell you the common reasons your email goes to junk, how to fix it yourself, and dive in to the technical stuff behind the scenes too.
First, imagine for a moment, your client calls to tell you that they did not receive the important email you sent and they were expecting. On a call with your client, you find your email landed in their junk mail. No harm. It happens.
Then, more clients complain. Your emails are in spam or lost in cyber space. When you check on your end, your emails are clearly in your sent items folder, but they are nowhere to be found in the clients’ inbox. What’s going on?
In this post we talk about 5 factors that affect your spam score – or how trusted your outgoing emails are by receiving domains.
We also talk about domain and email security solutions every business should have, including DKIM records, DMARC, and Sender Policy Frameworks. All of these can be setup and configured by your local IT company in about an hour or two.
5 Factors That Affect Your Spam Score
Various things contribute to the spam risk rating or spam score of each email sent.
A spam score is assigned on a scale of 1-10, with lower being better. By lowering one or all of your risks which escalate your spam score, you can safely end up back in people’s inbox.
Here are some things that incrementally contribute to your email ending up in spam. Each contributing factor may have a different weight to it.
Overall, if you keep ending up in spam folders, you will have to figure out your own magical combination of things to use or eliminate to get your spam score low enough to get past the spam filters.
1. Desktop Mail Clients, Cheap Web Hosting & Email Going To Spam
Using a desktop email client like Microsoft Outlook without SSL authentication increases your chance of ending up in spam folders. This is also true if you are using a “value priced” web hosting company and just routing your email through a desktop client like Outlook.
Why? Because your individual computer, where your individual version of Microsoft Outlook (or other email client) resides, has a higher risk of being hacked over say, Google’s G Suite service. Giant companies like Google and Microsoft with their Office 365 products work hard to ensure security and as a result, Internet Service Providers lower the spam rating of emails being sent from one of those email services.
But you, with your home computer, or small office computer with neglected network security…well, your email is viewed as more of a risk.
Solution: Switch to Google Workspace or move to Microsoft 365.
2. HTML code in your email signature can increase the chances of your email ending up in a spam folder.
Why? Because HTML can be used to obfuscate links to malicious sources.
Of course, you are not a malicious hacker or sending out spam, but the bots and filters don’t know you personally. They just work on set parameters. And HTML in your signature is another check box on the “this email looks suspicious” list.
Solution: Remove HTML from your email signature.
3. Message Content; Language In Email Can Affect Your Spam Score
Content is the most heavily weighted scoring mechanism of the lot. If an email message looks like spam, walks like spam and talks like spam, it is marked as spam.
Using sales-y language, advertising, prices, poor punctuation and grammar and certain keywords related to off colour industries (you know the ones we mean) will also increase your spam score. Here is a great list by SpamAssassin of subject lines or body content that are flagged as spam.
Solution: Use professional language in your email body and when conducting business with clients, forward your pricing and ads as PDF attachments.
4. Your Domain Reputation
Has your domain been on a blacklist in the past? Or is it on one presently? If so, your emails will be marked as spam.
Has the domain been registered only recently, or has it been around long time? New domains receive a higher spam score.
Does the domain contain the proper DNS records for email transactional trust? Be sure to use the right domain and email solutions to avoid problems pertaining to your domain and DNS records. Your IT support company can help you with all of these settings.
5. The Recipient’s Settings May Be Sending Your Email To Spam
Why? There is spam filtering in most email clients and they vary from client to client. You can’t control this. What you can do is lower your level of suspicion.
The tips above are simple enough for most people to do on their own.
The tips below explain the more technical aspects of spam filtering. They carry a lot of weight and you need to get them right to improve your email deliverability rates. Talk to your IT support company about the following settings.
3 Ways To Improve Email Security & Deliverability
Now that you are familiar with some key ways to improve your trust or spam score, here are 3 technical changes you will need to make to improve your domain security and improve email deliverability from your domain.
1. DKIM – Domain Keys Identified Mail
DKIM signatures are used to authenticate emails by adding a predefined header to each email message, which is protected by encryption at the mail server level and verified that the email is authorized by the sending domain.
When the email is received, the recipient’s incoming email server checks the DKIM signature to confirm that a message was in fact sent from the authorized domain.
DKIM records help improve the deliverability of your outgoing emails by authenticating you and your domain as trusted senders.
You can use your Sender Policy Framework, DKIM and DMARC tools in tandem to reduce cyber crime and protect your business from being used to send malicious emails via your domains.
2. Your Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is an anti-spam approach whereby the email sender’s domain is scored for threat risk.
For example, when you setup your SPF, you (or your IT provider) will specify which servers are authenticated to send mail on your behalf, via your domain and business email addresses at that domain.
If a mail server sends an email, and that email server is not part of the SPF record, it is rejected. This protects your domain and others from receiving spam forged to look like it is coming from your organization.
You have likely received a phishing email at some time which appeared to be from one organization, but in fact was a spoofed email from a malicious sender. These emails are utilizing Sender Address Forgery, and this is exactly what a DNS SPF record fights against.
So, your email may end up in spam folders because your personal computer or free webmail is not part of the recipient’s SPF record, and it is rejected.
Solution: Create an SPF record for your domain. Most users will require the help of their IT support person to accomplish this.
3. DMARC – Domain-based Message Authentication, Reporting and Conformance
DMARC is an email validation tool that protects your domain and email addresses from being used in email phishing and spoofing campaigns and protecting your domain security.
DMARC builds on SPF and DKIM and adds a reporting functionality to allow you to gain insight into who is sending email on your behalf. Publishing a DMARC record into your DNS record will give you visibility in to and control over your email communications.
This in-depth explanation of DMARC is perfect for more technical readers. For business owners, your key takeaway is to ensure you have domain protection tools such as SPF, DMARC and DKIM in place.
This is by no means an exhaustive list of spam scoring criteria, however it gives you an overview of the common areas every business owner should explore and take control of to protect their valuable domain and email channel.
If you are a solopreuneur trying to keep overhead low by running your business on cheap hosting and free email services, the cost might be that your messages aren’t being delivered or received. You may want to consider investing in a business email solution.
If you’re a small business owner and your team has problems getting past spam filters, try some of the above suggestions, or contact your IT provider to help you adjust your mail server settings, SSL certificates, and DNS SPF records.
For Toronto IT security services, reach out to TUCU Managed IT Services Inc. Trusted since 2003, we are SMB IT experts who will help you protect your business. In addition to security, we offer complete IT management services, including server management, network management and cloud management. Let’s talk!
Ready to make some changes?
Speak to our Toronto IT Consultants for options & an estimate.