Editor’s note: In another article we featured a support ticket between a customer of ours and our Director Network Compliance, Mike Witty. He had some great advice about controlling spam and blacklisted IPs. A comment on that post about Mike’s preference for the spam software, SpamAssassin, prompted a reply from Mike that delves further into some of the nuances of spam software and how to prevent your legitimate correspondence from ending up in your clients’ spam folders.
“[SpamAssassin] is smart and does a good job. But it still erroneously categorizes some kinds of email as spam when it is not. Deleting valid email that has been mis-categorized as spam is NOT acceptable except in special circumstances. For example, my web-based order form sends an automatic email to the customer giving them a code to enter on the form. This establishes the validity of an email address they have entered and proves it can reach the customer. But this automatic email looks like spam to SpamAssassin. So some of my customers don’t get the email and give up.”
My preference for SpamAssassin is just an opinion, sure. But it’s a popular opinion or it wouldn’t be one of the top, go-to, spam-filtering solutions of choice. To suggest that Spam Assassin is flawed based on one particular exception regarding a form email doesn’t make me second guess my stance on SpamAssassin. What it shows, in fact, is that this business of sending email can’t be taken for granted… “Good intentions” no longer get you very far.
When it comes to filtering email, of course there are exceptions to the “rules” (as defined by whoever and whatever). No piece of software is perfect, especially spam filtering software… which has to “learn” over time, all the time, while constantly being challenged by spammers trying to fool it, and ultimately, has to make “educated guesses” whenever the answer isn’t one or zero, which is essentially always.
To prevent important form emails from getting shuttled into your clients’ spam folder, test your form email against SpamAssassin until you have a message that works. You should simply alter the message so that SpamAssassin doesn’t think it looks like spam. When an email is filtered as spam, SpamAssassin will tell you why… it will tell you which test(s) the message failed. If you address the issues raised in the failed tests, then you should be good to go.
For example, if the content of a message is mostly links and/or images, SpamAssassin, by default, sees that as suspicious and as a result, docks the message a certain number of points. SpamAssassin will run the message through a couple dozen or more tests. It assigns points for the failures and does nothing for tests that the message passes, though sometimes it will even credit a message with points for tests that it passes at an exceptional level. If the total number of points exceeds the threshold (usually around 4.0-6.0) as set by the recipient of the message (which is the part of this equation that none of us can control, the recipient gets to decide how many total points define a message as “spam”), then the message will be labeled as spam and filtered accordingly. By reducing the number of points that SpamAssassin will assign to a message through failed tests, the probability of a message being safely delivered increases.
So, by replacing all the links and images in the content of our example message, with actual text and maybe only one link, SpamAssassin may assign the message fewer points, if any at all. If the new point total is less than the assumed threshold as set by the recipient, it will be delivered normally.
Photo by John Lillis