I’ve been consulting on email delivery for over 15 years now, so you could say I have learnt a thing or two on my travels. Email delivery is becoming evermore complex and trying to get your head around the technical aspects of it can be a sure way to a banging headache and the urge to knock email on the head and revert to pen and paper.
I have tried to cover as much as possible and hope the information in this post can help you in your time of need.
When you send an email from your Gmail or G Suite account you expect it to simply arrive in the recipient’s inbox, ready for them to read, right? It’s taken for granted that pressing send is all that’s needed to guarantee your email will arrive at the other end. It should be that easy shouldn’t it?
It should, but unfortunately it isn’t always the case…..
Getting emails into inboxes is becoming a constant uphill battle. I speak to people nearly every day of the week who are in a blind panic because their emails are being dumped in junk folders. With some even having their emails not being delivered at all.
The information below was written with G Suite and Gmail users in mind. But email delivery problems are in no way unique to Gmail. Delivery issues can occur with any email provider and can affect people who send only a few emails to their Aunt Mary, right up to large corporations sending the tens of thousands.
So no matter who you use to handle your outbound email, this blog post will help shed some light on the rather complex issues surrounding sending a simple email.
Common causes for emails being classified as spam & how to avoid them.
Companies and ISPs are adopting more aggressive spam filtering technology.
Spam filtering has come on leaps and bounds over the years, with self learning software that works 24/7 to stop unwanted spam emails hitting inboxes.
Google recently reported
Gmail Now Blocks 99.9% of Spam and Phishing Emails, and that spam messages account between 50% and 70% percent of emails Gmail users receive on a daily basis.”
This gives you some idea to the scale of the spam and phishing epidemic around the world.
With over 205 Billion emails sent everyday, a percentage of emails are always going to be incorrectly processed. With some emails receiving a false negative and being marked as SPAM and others given a false positive and moved to the inbox.
Due to technical advancements this isn’t as common as it used to be, but once in awhile an email will be classed incorrectly. (Normally marking the email as not spam or this is spam will help teach the self learning software)
Try not to use spammy words in your emails, if you send an email to someone with a ton of marketing content then the emails spam score will be increased. If you forward an email you have received, this will also be scanned and the content given a spam score.
Email Marketing Sending Domain.
Don’t send your everyday emails (transactional emails) from the same domain name used for your email marketing emails. This is a common mistake and one that can cause your emails to be incorrectly marked as SPAM. Always use separate domain names for different types of emails.
Emails Being Marked as SPAM by the Recipients
If recipients mark your email as SPAM, this will have a direct influence on the future delivery of your emails to them and others. To prevent this from happening always be clear in the from name and subject line who the email is from.
Always, and I mean always, include a one click unsubscribe link, when someone can’t find an unsubscribe link or it requires a secondary action like logging in or manually entering their email address, there is a high possibility they will click this is spam, as it’s quicker!
Following the above advice will help limit subscribers clicking the dreaded THIS IS SPAM
Unscrupulous users abusing Gmail to send SPAM and harmful emails is a major issue, as Gmail’s IP addresses are shared, one user can effect another user’s reputation. Google are normally on the ball with this but it can become an issue if their IP addresses get blocked.
IP and Domain Name Block Lists
There are many self appointed anti spam organisations on the web who publish real time block lists. Server administrators and ISP’s can subscribe to their block lists in an attempt to block unwanted email traffic. If your IP address or domain name gets listed on one of these lists, the chances are you emails will be marked as SPAM or even rejected.
The Google abuse team monitor their own IP address ranges and would normally be aware of any potential problem long before you do, but it’s still worth you taking a look yourself to make sure everything is clear.
You can check the main block lists via mxtoolbox.com. If you find yourself listed on one, visit the website(s) and look for the link to request a delisting and work through the process. Some companies like spamhaus.org will only accept delisting requests from the sending IP owner. If this is the case, contact Gmail or G Suite for guidance.
IP & Domain Sending Reputation
Every IP address that is associated with email traffic is monitored and given a sending score.
Receiving mail servers can check these scores to see the type and quality of emails associated with the IP, and based on the score decide how to class your email and if to deliver it or not. It works a bit like a credit score and is now used by most email providers. Some of which will block emails who exceed a certain score threshold.
Take into account that if you are sending through Gmail or G Suite the email messages are being routed via their mail servers and IP addresses and they use multiple IP addresses.
So even though you may be able to view the score and any associated issues, you may not be able to request a problem to be fixed. In this instance you would need to contact Gmail or G Suite directly asking them to help.
Test your email setup with mail-tester.com
This is an awesome free service that examines the header of your email and reports back any problems, try it now https://www.mail-tester.com/
SPF, DKIM and DMARC Records
Your domain’s DNS plays an important part in ensuring your emails are correctly delivered. In the age of domain spoofing, phishing attacks and unsolicited email, SPF, DKIM and DMARC records are all essential.
If any of these records are misconfigured your emails may not arrive at all!
If someone spoofs your domain name to send SPAM, the effects can be devastating. An hours work now can save you a lot of time and trouble in the future.
I haven’t gone into too much detail as to what each one does but I have included links for further reading. I will cover these in further blog posts as each one needs it’s own detailed explanation.
SPF – Sender Policy Framework
“The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. More precisely, the current version of SPF — called SPFv1 or SPF Classic — protects the envelope sender address, which is used for the delivery of messages. See the box on the right for a quick explanation of the different types of sender addresses in e-mails.”
If you use Gmail or G Suite exclusively to route your email, then you would add a TXT record to your domain names DNS, the SPF record would look like this:
v=spf1 include:_spf.google.com ~all
Further reading can be done on the SPF website at http://www.openspf.org/Introduction and detailed setup instructions for Gmail and G Suite can be found at https://support.google.com/a/answer/178723?hl=en
DKIM – DomainKeys Identified Mail
“DKIM works by “signing” the email with a digital signature, a field that is added to the message’s header. A “signature” is generated by the sending mail transfer agent (MTA) using an algorithm, applied to the content of the signed fields, which creates a unique string of characters, a “hash value.” When the signature is generated, the public key used to generate it is stored at the listed domain.”
DKIM may sound a little complex, but Google make the setup very easy by generating the DKIM keys that need to be added to your domain for you. Note that you need a separate DKIM key for each domain you use for sending emails from G Suite.
Detailed setup instructions can be found at https://support.google.com/a/answer/174126?hl=en
DMARC – Domain-based Message Authentication, Reporting & Conformance.
“DKIM is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.”
A detailed guide can be found https://support.google.com/a/answer/2466563?hl=en
You can also read my earlier article, what is DMARC
Setting up DKIM, DMARC and SPF will help solve most email delivery problems, or at least point you in the right direction. Google do their utmost to monitor their IP reputation and remove any unscrupulous users who cause harm to their network. But the onus really does fall on you or your G Suite administrator to keep a watchful eye on your domains reputation and compliancy.
Abuse@ and Postmaster@
Abuse@ is a recognised channel for reporting spam and other abusive email that may originate from your organisation, having this setup correctly lets you deal with any problems before they are escalated.
postmaster@ – Nearly every domain should have the e-mail address email@example.com where errors in e-mail processing are directed.
Email best practice stipulates that all email sending domains need both an abuse@ and postmaster@ email address attached to them. You need to make sure you have abuse@ and postmaster@ alias names setup on all of your sending domains.
Google doesn’t allow you to add these as standard alias names, but lucky for you I don’t get out much so I have already written an article that covers setting up postmaster and abuse email alias names on G Suite using Google Groups.
Below are less common issues and are mainly relevant to those sending emails via their own mail server.
MAIL FROM domain
This is applicable to those NOT using Gmail.
A MAIL FROM domain isn’t something everyone will be aware of but it holds an important roll in email delivery.
Amazon SES explains what a MAIL FROM address is quite well:
When an email is sent, it has two addresses that indicate its source: a From address provided in the email header, and a MAIL FROM address that the sending mail server specifies to the receiving server to indicate the source of the message. The MAIL FROM address is sometimes called the envelope sender, envelope from, bounce address, or Return Path address.
When recipients view an email in their inbox, they see the email’s From address. In contrast, the MAIL FROM address, which is used by mail servers to return bounce messages and other error notifications, is typically only viewable by recipients if they inspect the email’s headers in the raw message source.
If the MAIL FROM address is incorrectly setup, all sorts of weird and wonderful things can happen to your emails. I’d recommend further reading on this subject if you are at all worried about it.
Reverse DNS is IP address to domain name mapping – the opposite of forward (normal) DNS which maps domain names to IP addresses. Many e-mail servers on the Internet are configured to reject incoming e-mails from any IP address which does not have reverse DNS.
If you run your own mail server, reverse DNS must exist for the IP address that outgoing e-mail is sent from. It does not matter what the reverse DNS record for your IP address points to as long as it is there. If you host multiple domains on one e-mail server, just setup reverse DNS to point to whichever domain name you consider primary.
More details on setting up reverse DNS correctly can be found here.
That’s it …..
I think I have covered everything, apologies if I get too technical but DNS and email delivery is fairly complicated, hence why I have been kept but over the years consulting on email delivery!