1

I'm running a number of wordpress sites on an AWS EC2 instance.

One of the sites is using WooCommerce for an online shop. when an order is made a confirmation email is sent out but these mails all seem to go straight to recipients' spam.

The client has their mail hosted with outlook.com.

what would be the best solution for safely sending out mail when MX records etc are all hosted elsewhere?

thanks

Dog
  • 113
  • 3
  • You say "MX records etc" - you mean your domain's DNS? What do you mean by that? You have no access to your DNS records? – B. Shea Nov 18 '19 at 14:28
  • The EC2 IP range is generally considered to be scorched earth as far as spam reputation goes. You're better off sending via something like Amazon SES (or a similar provider - Mailgun, Postmark, Sendgrid, etc.) as there's a decent chance your EC2 IP (or its entire range) has previously been blacklisted. – ceejayoz Nov 18 '19 at 14:29
  • @ceejayoz BL's easy enough to check: https://mxtoolbox.com/blacklists.aspx - and I mentioned 3rd party smtp providers below as an option. But, agree. he would probably be better off on a smtp provider - especially if sending out 'store' type emails. And is generally easier to setup/maintain/admin. – B. Shea Nov 18 '19 at 14:31
  • @bshea sorry i wasn't clear there... i have access to the DNS at the registrar... i meant that i didn't want to make changes to the MX records which might effect the client's emails... – Dog Nov 18 '19 at 15:26
  • 1
    @Dog Gotcha. Well, adding an outbound smtp provider/'smart host' will not use any (incoming only) MX record(s) (you may have to add CNAMEs if using smtp provider, though). As mentioned, a 3rd party smtp provider avoids many pitfalls you will run into on AWS ec2/elastic IP. If your send rate isn't too high some are free, too. :-) You -do- have to be careful with bounce rate/complaints if you use one, though. Like with anything. – B. Shea Nov 18 '19 at 17:29

1 Answers1

2

Firstly, check if you own the IP mail is coming from or if it is shared. If you own it, you can do all of the below: If it's shared, you're unable to consider the bottom ones.

Consider the content of the messages. E.G avoid image heavy messages or well-known words/phrases that trigger junk filters.

Avoid sending to large number of recipients in a single messages.

Check the addresses you send mail to. do they all want to receive your message?

Add SPF records to clarify which sources can send from @yourdomain.com check your server isnt insecure etc (tolls like https://mxtoolbox.com/diagnostic.aspx are great for this)

check your IP(s) aren't on email blacklists.

Apply rDNS records to verify your IP is yours.

Steve
  • 121
  • 3
  • Good answer - all good points. DKIM and DMARC should be considered as well. He could also consider using a SMTP service like AWS-SES, SMTP2GO, etc etc.The rDNS will already be setup among other things. And they have guides for the rest. – B. Shea Nov 18 '19 at 14:21
  • @steve all good points... i think the most relevant for me are the last ones... i need to setup SPF and reverse dns records for this domain... thanks! – Dog Nov 18 '19 at 15:41
  • 1
    Good point. forgot DKIM/DMARC :-) – Steve Nov 18 '19 at 16:33