Keeping Legitimate Email From Ending up in Your Clients’ Spam Folders

by Mike Witty  • 

Editor’s note: In another article we featured a support ticket between a customer of ours and our Director Network Compliance, Mike Witty. He had some great advice about controlling spam and blacklisted IPs. A comment on that post about Mike’s preference for the spam software, SpamAssassin, prompted a reply from Mike that delves further into some of the nuances of spam software and how to prevent your legitimate correspondence from ending up in your clients’ spam folders.

Reader’s comment:

“[SpamAssassin] is smart and does a good job. But it still erroneously categorizes some kinds of email as spam when it is not. Deleting valid email that has been mis-categorized as spam is NOT acceptable except in special circumstances. For example, my web-based order form sends an automatic email to the customer giving them a code to enter on the form. This establishes the validity of an email address they have entered and proves it can reach the customer. But this automatic email looks like spam to SpamAssassin. So some of my customers don’t get the email and give up.”

Mike’s response:

My preference for SpamAssassin is just an opinion, sure. But it’s a popular opinion or it wouldn’t be one of the top, go-to, spam-filtering solutions of choice. To suggest that Spam Assassin is flawed based on one particular exception regarding a form email doesn’t make me second guess my stance on SpamAssassin. What it shows, in fact, is that this business of sending email can’t be taken for granted… “Good intentions” no longer get you very far.

When it comes to filtering email, of course there are exceptions to the “rules” (as defined by whoever and whatever). No piece of software is perfect, especially spam filtering software… which has to “learn” over time, all the time, while constantly being challenged by spammers trying to fool it, and ultimately, has to make “educated guesses” whenever the answer isn’t one or zero, which is essentially always.

To prevent important form emails from getting shuttled into your clients’ spam folder, test your form email against SpamAssassin until you have a message that works. You should simply alter the message so that SpamAssassin doesn’t think it looks like spam. When an email is filtered as spam, SpamAssassin will tell you why… it will tell you which test(s) the message failed. If you address the issues raised in the failed tests, then you should be good to go.

For example, if the content of a message is mostly links and/or images, SpamAssassin, by default, sees that as suspicious and as a result, docks the message a certain number of points. SpamAssassin will run the message through a couple dozen or more tests. It assigns points for the failures and does nothing for tests that the message passes, though sometimes it will even credit a message with points for tests that it passes at an exceptional level. If the total number of points exceeds the threshold (usually around 4.0-6.0) as set by the recipient of the message (which is the part of this equation that none of us can control, the recipient gets to decide how many total points define a message as “spam”), then the message will be labeled as spam and filtered accordingly. By reducing the number of points that SpamAssassin will assign to a message through failed tests, the probability of a message being safely delivered increases.

So, by replacing all the links and images in the content of our example message, with actual text and maybe only one link, SpamAssassin may assign the message fewer points, if any at all. If the new point total is less than the assumed threshold as set by the recipient, it will be delivered normally.

Photo by John Lillis

Find out more about ServInt solutions

Starting at $69

  1. RT @mrcjdawson: Awesome post by @ServInt 's Mike Witty on Keeping Legitimate Email From Ending up in Your Clients’ Spam Folders http://t ...
    NeilBinkley /
  2. Re. #spam, "The business of sending email can’t be taken for granted. Good intentions no longer get you very far."
  3. Not all automated emails are spam. Here's how to make sure yours aren't mislabeled, in this week's #TechBench.
  4. Awesome post by @ServInt 's Mike Witty on Keeping Legitimate Email From Ending up in Your Clients’ Spam Folders
  5. Keeping Legitimate Email From Ending up in Your Clients’ Spam Folders
  6. Thanks for responding so well to my comment. I will definitely follow your advice for my automatic messages to my Web visitors. As to using SpamAssassin in general, it depends on the habits of the users. I have a customer who uses and publishes her one email address freely. Naturally she receives incredible amounts of spam. I enable and tune SpamAssassin for her, and she is generally pleased with its performance in letting through only a few spam messages each day, and in its fairly rare false positive. On the other hand, I don't use SpamAssassin for my own addresses because I create and delete email forwarders (not full accounts) as needed to keep my raw spam level close to zero. I use "temporary" forwarders for websites that may attract spammers (Facebook, domain name registration) and where I only need replies to be received for a limited time (like this very posting), and more "permanent" addresses for my friends and relatives. I also use Web-based Contact forms with simple forms of text CAPTCHA (this succeeds because my sites have relatively low traffic) and never publish my addresses. I always use "reply ignored" addresses when replying to messages that may or may not be spam (based on obvious internal evidence). For me, these strategies have proven a better mechanism to control spam without ever having the hassle of missing email because it was a false positive. Email is, without any doubt, the poorest-designed area of the Internet. I have no doubt that someday someone will redesign it. How that new design will work to deliver communications the recipient wants to see and to reject those the recipient does not want to see is a puzzle that I have considered but have not been able to solve. I choose to believe that such progress will happen. And, by the way, I hope it will permit senders to delete emails they have sent from the mailboxes of recipients up to the time they are opened by the recipients. Anything is possible in the magical land of tomorrow.
    David Spector /
  7. Want to keep important emails from ending up in your clients' spam folders? Check out this week's #TechBench.
Mike Witty

Mike Witty

Director of Network Compliance, ServInt

Mike Witty started his career in web hosting with ServInt in early 2000 as a customer support technician. Today, Witty leads ServInt’s Network Compliance department, guiding a team charged with protecting the integrity of ServInt’s network, enforcing ServInt’s Acceptable Use Policy, and helping to educate clients and staff on operating and maintaining a safe and secure network presence in accordance with prevailing legal standards and practices.

  • The New York Times
  • The Hill
  • Bloomberg
  • The Seattle Times
  • Computer World
  • Ars Technica