4

Possible Duplicate:
How to send emails and avoid them being classified as spam

I have been developing a PHP application and one of the features in that application is the ability to send e-mails to users. However, when I tried to send e-mails via application (SMTP) to Gmail and Hotmail accounts, they always go to Spam/Junk box. This doesn't happen when I use Google SMTP for sending them. Those e-mails were delivered properly to Inbox.

What I have done:
- Set up reverse DNS
- Set up Domain Keys (DKIM) and SPF (v=spf1 +a +mx +ip4:184.107.222.2 ?all)
- Run various IP/domain checks and I didn't see any problem there.
- Sign up to SNDS. After checking my IP, it says "All of the specified IPs have normal status".
- Contact Gmail and Hotmail supports. They did not see anything offhand that would be preventing my mail from reaching their customers and suggested me to join Sender Score Certified Mail Program (although they made no guarantees that it would guarantee email deliverability to their customers).

Sample of email header that was gone to Spam box (site name was replaced by xxx):

Delivered-To: yyy@gmail.com
Received: by 10.50.17.8 with SMTP id k8csp200979igd;
        Sun, 23 Dec 2012 05:13:19 -0800 (PST)
X-Received: by 10.50.53.162 with SMTP id c2mr13168931igp.112.1356268399035;
        Sun, 23 Dec 2012 05:13:19 -0800 (PST)
Return-Path: <admin@xxx.com>
Received: from server.xxx.com (server.xxx.com. [184.107.222.2])
        by mx.google.com with ESMTPS id gx9si16855394igb.34.2012.12.23.05.13.18
        (version=TLSv1/SSLv3 cipher=OTHER);
        Sun, 23 Dec 2012 05:13:18 -0800 (PST)
Received-SPF: pass (google.com: domain of admin@xxx.com designates 184.107.222.2 as permitted sender) client-ip=184.107.222.2;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of admin@xxx.com designates 184.107.222.2 as permitted sender) smtp.mail=admin@xxx .com; dkim=pass header.i=@xxx.com
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xxx.com; s=default;
    h=Content-Type:MIME-Version:Message-ID:Subject:Reply-to:From:To:Date; bh=C+NTtxJMfonnwJsUGv2YpiHXmAQt43Cmk567o37IJhA=;
    b=UlnRc4rM6uVp44OaPfIicZ3vgH7eKR+7E4BQwADhtVSgvlmnwlw4aqGanvUZn8jGCWJ4hdPNFY3GLWJ5uT82EM57baCL0t7yxgjWg7/CXm4IHJ0SusxWI+e5JjGBv3pd;
Received: from server.xxx.com ([184.107.222.2]:38728 helo=applicationnewtest.xxx.com)
    by server.xxx.com with esmtpa (Exim 4.80)
    (envelope-from <admin@xxx.com>)
    id 1Tmlwc-0004uj-GQ
    for yyy@gmail.com; Sun, 23 Dec 2012 07:50:22 -0600
Date: Sun, 23 Dec 2012 07:50:22 -0600
To: New Supplier <yyy@gmail.com>
From: Distributor Bid Builder <admin@xxx.com>
Reply-to: Distributor Bid Builder <admin@xxx.com>
Subject: Supplier Purchase Order Email Copy
Message-ID: <f8c08c9269c441d7a0e04b7ba37e9adf@applicationnewtest.xxx.com>
X-Priority: 3
X-Mailer: PHPMailer 5.0.0 (phpmailer.codeworxtech.com)
MIME-Version: 1.0
Content-Type: multipart/mixed;
    boundary="b1_f8c08c9269c441d7a0e04b7ba37e9adf"
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.xxx.com
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - xxx.com
X-Get-Message-Sender-Via: server.xxx.com: authenticated_id: admin@xxx.com


--b1_f8c08c9269c441d7a0e04b7ba37e9adf
Content-Type: text/html; charset = "UTF-8"
Content-Transfer-Encoding: 8bit

This is purchase order document for purchase order #1001.<br><br><hr>P.S. This is a post-only mailing. Replies to this message are not monitored or answered.

--b1_f8c08c9269c441d7a0e04b7ba37e9adf
Content-Type: application/octet-stream; name="Supplier Purchase Order #1001 Email Copy.pdf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="Supplier Purchase Order #1001 Email Copy.pdf"
(attachment)

Do you find anything wrong with my configuration?

While gathering information for Microsoft's JMRP program registration, I'm not sure what I should do next (if it doesn't make those e-mails go to inbox). Is it really necessary to register to Sender Score Certified program/use email delivery service? Is there a non-commercial solution for this?

rei
  • 61
  • 1
  • 6
  • 1
    I feel your pain. You've taken the right steps. Can you give an idea as to how much mail (volume) is being sent to these addresses? These seem like order confirmation messages related to a e-commerce or ERP application. How frequently are they sent? – ewwhite Jan 04 '13 at 14:33
  • 1
    Your `HELO` (`applicationnewtest.xxx.com`) does not match your IP's reverse DNS (`server.xxx.com`). Some mail servers reject if this is the case although I don't know what Hotmail and Gmail do about that situation. – Ladadadada Jan 04 '13 at 14:42
  • @ewwhite Thanks for your kind words! Most emails usually are sent to 1 recipient (initiated by user via application), although the application may send emails to 5-20 accounts at the same time once a day (scheduled via Cron job). – rei Jan 04 '13 at 15:17
  • @Ladadadada I have several subdomains under the same IP for this application. One is for test environment (applicationnewtest.xxx.com) and another is for production environment (application.xxx.com). Did you mean I should have 2 reverse DNS for them? – rei Jan 04 '13 at 15:23
  • 2
    You can only have one reverse lookup per IP address but you can change the Postfix `myhostname` variable so that it matches the existing reverse lookup for the IP. This will change the `HELO` statement sent by your mail server. – Ladadadada Jan 04 '13 at 16:00
  • @Ladadadada technically, [there is no constraint to the number of PTR RRs for a single label](http://en.wikipedia.org/wiki/Reverse_DNS_lookup#Multiple_pointer_records). Implementations might have trouble with that, though. – the-wabbit Jan 04 '13 at 16:40
  • @Ladadadada Do you know how to change HELO statement in Exim? I have tried this guide: http://serverfault.com/questions/28515/when-exim4-sends-helo-ehlo-how-do-i-configure-which-host-name-it-sends?rq=1 and modified primary hostname, but the HELO statement still doesn't change. – rei Jan 05 '13 at 13:07
  • Unfortunately, I don't. [There's another question with different advice](http://serverfault.com/questions/46545/how-do-i-change-exim4s-primary-hostname-on-a-debian-box) but if you still can't get it to work, it might be time to open a new question with your Exim config and the exact steps you have tried included. – Ladadadada Jan 05 '13 at 13:15
  • @Ladadadada OK. Thanks for the link. HELO statement has been set to match IP's reverse DNS, but a pity the email still doesn't go to Inbox folder :(. – rei Jan 06 '13 at 05:45

1 Answers1

10

Your message is being rejected as spam because it precisely matches the profile of a very common malware distribution scheme: messages claiming to be order or shipping confirmations, with PDF attachments.

My suggestions:

  1. Clean up the grammar. "This is purchase order document for purchase order #1001"? Broken English sounds incredibly spammy, and although I claim no insider knowledge, you can assume that Gmail considers poor grammar as one factor in scoring potential spam messages. A real purchase order would just have a heading of "PURCHASE ORDER" followed by the actual purchase order content. It would not first say, "Hello friend, this is purchase order for buy definite article."

  2. Replace the PDF attachment with inline content. Exploiting Adobe vulnerabilities via maliciously crafted PDF attachments is an extremely popular way to infect remote computers with malware. If I were Gmail, I would mark a PDF attachment from an unknown sender as spam, too.

  3. Get rid of the "post-only mailing" mumbo-jumbo that almost certainly boosts your Bayesian spam score, and send the message from a valid reply address. If you are really sending genuine purchase orders in this way, you are going to want to know if they bounce, and you are going to want the vendor to be able to reply, right? Right.

  4. You need to include your company's name and address, links to your web site, valid contact e-mail address and phone information, etc. The more anonymous and "hit-and-run" your message appears to be, the more likely it is to be classified as spam.

  5. Unless there is a very good reason not to do so, you should end your SPF record with -all. The entire point of an SPF record is to positively identify valid sender IPs and ban everyone else. You should not leave it up to the receiving mail server to decide whether an unlisted sender IP is valid.

Skyhawk
  • 14,149
  • 3
  • 52
  • 95
  • 3
    +1 especially the SPF remark. Servers I run see that "?all" and bump the Spamminess by 50% just for that. – Chris S Jan 04 '13 at 17:14
  • Thank you for your detailed suggestions, Miles. I have tried all of them, but the email still goes to spam box. However, when sending the same email with Gmail SMTP, it was delivered properly to Hotmail and Gmail inbox folders (even if I use the previous message and include PDF attachment). I'm not sure, but I guess the problem may be on my server's configuration. – rei Jan 05 '13 at 12:55