This article contains helpful information to make sure that other servers or network do not mark your email as spam.
Prevent email abuse on your server
You do not want to send spam from your server. For more information on how to make sure that you do not send spam, read our How to Prevent Email Abuse documentation.
Use Email Authentication
DKIM and SPF
DKIM (Domain Keys Identified Email) and SPF (Sender Policy Framework) authentication can help verify that email comes from a trusted sender. DKIM is a validation system that detects email spoofing. It provides a way for your mail server to check whether a domain's administrators authorized email from a domain. The email includes a digital signature that your mail server uses to verify the sender's public key in their DNS record.
SPF uses DNS records to prevent email spoofing. If an email message uses fake sender addresses, SPF uses the DNS record for the sender's domain to detect the modification in the email's header.
On servers that run CentOS 7, you may see a
named warning about the absence of SPF resource records on DNS.
- This warning is not relevant on CentOS 7 servers, because RFC 7208 deprecated SPF records. CentOS 7 servers use TXT records instead of SPF records.
- Red Hat 7.1 and CentOS 7.1 both contain
bind-9.9.4-23.el7, which is an updated version of BIND that complies with RFC 7208. To resolve this issue, update your operating system to a version that contains the updated version of BIND. For more information, read the the Red Hat Bugzilla case about SPF record errors.
For more information, read our Email Authentication documentation.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a technical specification to help reduce the potential for email-based abuse. A DMARC policy uses DNS to confirm that an email message uses a valid DKIM and SPF record, and that the
From: header matches those records.
Many large email networks require that you use a DMARC policy to help protect their users from spam email. To prevent email rejections or spam flags within these networks, your server must use a DMARC policy.
Configure your server's PTR record
A PTR record resolves an IP address to a domain name. A PTR record resembles an A record, but in reverse. Configure the PTR record of the primary IP address of your server to use the hostname of your server. If you have configured Exim to use a different IP address, the PTR record of that IP address should use the hostname of your server.
Example of an A Record:
Example of a PTR record:
Other networks mark my email as spam
If email networks such as Gmail, Yahoo, or Outlook mark your server's email as spam, you must identify the reason and resolve the problem. If you have recently resolved an issue with spam on your server or you received a new IP address which previously sent spam, you must notify the remote network. Make certain that you review the bulk sender policy of large email networks.
Bulk email best practices
- Use the same IP address to send all bulk email.
- Use the same email address in the
From:header of your email.
- Ensure that your email complies with RFC 5322.
- If your email uses HTML, ensure that it complies with HTML standards.
- Ensure that the contents of your email body relates to the subject of your email.