How to Keep Your Email Out of the Spam Folder

Overview

This article contains helpful information to make sure that other servers or network do not mark your email as spam. You do not want to send spam from your server. For more information on how to make sure that you do not send spam, read our How to Prevent Email Abuse documentation.

Use email authentication

DKIM and SPF

DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) authentication can help verify that email comes from a trusted sender. DKIM is a validation system that detects email spoofing. It allows your mail server to check whether a domain’s administrators authorized email from a domain. The email includes a digital signature that your mail server uses to verify the sender’s public key in their DNS record.

SPF uses DNS records to prevent email spoofing. If an email message uses falsified sender addresses, SPF uses the DNS record for the sender’s domain to detect the modification in the email’s header.

Note:

On servers that run CentOS 7, CentOS 8, or AlmaLinux 8, you may see a named warning about the absence of SPF resource records on DNS.

  • This warning is not relevant on CentOS 7, CentOS 8, or AlmaLinux 8 servers because RFC 7208 deprecated SPF records. CentOS 7 and 8 servers use TXT records instead of SPF records.
  • Red Hat 7.1 and CentOS 7.1 both contain bind-9.9.4-23.el7, which is an updated version of BIND that complies with RFC 7208. To resolve this issue, update your operating system to a version that contains the updated version of BIND. For more information, read the Red Hat Bugzilla case about SPF record errors.

For more information, read our Email Deliverability documentation.

DMARC

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a technical specification to help reduce the potential for email-based abuse. A DMARC policy uses DNS to confirm that an email message uses a valid DKIM and SPF record, and that the From: header matches those records.

Many large email networks require that you use a DMARC policy to help protect their users from spam email. To prevent email rejections or spam flags within these networks, your server must use a DMARC policy.

Configure the server PTR record

A PTR record resolves an IP address to a domain name. A PTR record resembles a reversed A record. Configure the PTR record of the primary IP address of your server to use the hostname of your server. If you have configured Exim to use a different IP address, ensure that the PTR record of that IP address uses the hostname of your server.

A record resemble the following example: 

1
2
3

server:~ root$ dig mx1.cpanel.net +short
208.74.121.68
server:~ root$

PTR records resemble the following example: 

1
2
3

server:~ root$ dig -x 208.74.121.68 +short
mx1.cpanel.net.
server:~ root$

Spam and other networks

If email networks such as Gmail, Yahoo, or Outlook mark your server’s email as spam, you must identify the reason and resolve the problem. If you have recently resolved an issue with spam on your server or you received a new IP address which previously sent spam, you must notify the remote network. Make certain that you review the bulk sender policy of large email networks.

Note:
  • In most cases, Google automates their spam flagging system and requires you to wait for their system to restore your domain’s reputation. For more information, read Google’s Troubleshooting for bulk email senders documentation.
  • We recommend that you read Google’s Bulk Senders Guidelines.
  • For more information, read our Blacklisting & IP Address Reputation documentation.

Bulk email best practices

We recommend that you adhere to the following best practices:

  • Use the same IP address to send all bulk email.
  • Use the same email address in the From: header of your emails.
  • Ensure that your email complies with RFC 5322.
  • If your email uses HTML, ensure that it complies with HTML standards.
  • Ensure that the contents of your email relate to the subject of your email.