Child pages
  • How to Keep your Email out of the Spam Folder
Skip to end of metadata
Go to start of metadata

Overview

This article contains helpful information to make sure that other servers or network do not mark your email as spam.

Prevent email abuse on your server

You do not want to send spam from your server. For more information on how to make sure that you do not send spam, read our How to Prevent Email Abuse documentation.

Use Email Authentication

DKIM and SPF

DKIM (Domain Keys Identified Email) and SPF (Sender Policy Framework) authentication can help verify that email comes from a trusted sender. DKIM is a validation system that detects email spoofing. It provides a way for your mail server to check whether a domain's administrators authorized email from a domain. The email includes a digital signature that your mail server uses to verify the sender's public key in their DNS record.

SPF uses DNS records to prevent email spoofing. If an email message uses fake sender addresses, SPF uses the DNS record for the sender's domain to detect the modification in the email's header.

Note:

On servers that run CentOS 7, you may see a named warning about the absence of SPF resource records on DNS.

  • This warning is not relevant on CentOS 7 servers, because RFC 7208 deprecated SPF records. CentOS 7 servers use TXT records instead of SPF records.
  • Red Hat 7.1 and CentOS 7.1 both contain bind-9.9.4-23.el7, which is an updated version of BIND that complies with RFC 7208. To resolve this issue, update your operating system to a version that contains the updated version of BIND. For more information, read the the Red Hat Bugzilla case about SPF record errors.

For more information, read our Email Authentication documentation.

DMARC

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a technical specification to help reduce the potential for email-based abuse. A DMARC policy uses DNS to confirm that an email message uses a valid DKIM and SPF record, and that the From: header matches those records. 

Many large email networks require that you use a DMARC policy to help protect their users from spam email. To prevent email rejections or spam flags within these networks, your server must use a DMARC policy.

Configure your server's PTR record

A PTR record resolves an IP address to a domain name. A PTR record resembles an A record, but in reverse. Configure the PTR record of the primary IP address of your server to use the hostname of your server. If you have configured Exim to use a different IP address, the PTR record of that IP address should use the hostname of your server. 

Example of an A Record:

server:~ root$ dig mx1.cpanel.net +short
208.74.121.68
server:~ root$ 

Example of a PTR record:

server:~ root$ dig -x 208.74.121.68 +short
mx1.cpanel.net.
server:~ root$ 

Other networks mark my email as spam

If email networks such as Gmail, Yahoo, or Outlook mark your server's email as spam, you must identify the reason and resolve the problem. If you have recently resolved an issue with spam on your server or you received a new IP address which previously sent spam, you must notify the remote network. Make certain that you review the bulk sender policy of large email networks.

Bulk email best practices

  • Use the same IP address to send all bulk email.
  • Use the same email address in the From: header of your email.
  • Ensure that your email complies with RFC 5322.
  • If your email uses HTML, ensure that it complies with HTML standards.
  • Ensure that the contents of your email body relates to the subject of your email.

Additional documentation