Virtually every website these days sends automated emails. Whether it be for newsletter signups, Magento order confirmations, or forum posts on WordPress, your site will send out emails on a regular basis to your visitors. On occasion you may hear reports from your users that they are not receiving your site’s emails, or they are landing in their spam folders. Keep in mind that this info is coming from users who take the time to notify you directly; in reality a great number of users may be affected.
Below are several techniques to eliminate your site’s emails from being marked as spam.
How are emails marked as spam?
Before we dive into specific techniques, we should define exactly what spam is. Each email service defines it differently, but in general it is a set of rules set in place to evaluate an email to determine if it should be considered spam. These will typically include the email sender’s domain and IP address, the content of the email, the DNS (domain name system) records associated with the email address, and if the recipient has marked a previous email from the sender as spam.
Every email service is different, and they generally do not publish their precise rules to prevent a spammer from “gaming” their system. As a general rule of thumb, the below techniques will help your site’s emails across the board.
Keep your site up to date
As with all things website related, the #1 rule is to keep your site up to date and secure. It is increasingly common for hackers to use a hacked site as a base camp for sending spam emails. As opposed to other types of hacks, this can go completely unnoticed by a casual visitor or even you as the site owner. Nevertheless it could be sending out thousands of spam emails “behind the scenes”. There are known instances of WordPress hacks targeted specifically for that purpose, further proof that WordPress sites should be on some sort of maintenance plan.
Hackers have in effect caused your IP address and/or domain considerable damage by sending spam from your site. Your site will likely become blacklisted (more on that later). Fixing this will be time consuming and frustrating, taking you away from focusing on your business. As always, there should be no compromise when it comes to site security.
Prevent spam submissions on contact forms
You should consider adding anti-spam protection if your site has a contact form that sends an email to an email address in the input field. The form would send out a tremendous amount of emails all coming from your domain should the form be found by a spam-bot. It may raise the attention of the blacklisting services and put your emails at jeopardy of being marked as spam for legitimate users if they are sent to fake email addresses. Your user base may be impacted as well as your own inflated inbox.
At a minimum we recommend using some kind of Captcha on your site’s forms. These used to be the annoying “please fill in the box with the impossible to read squiggly letters below”. The newest generation captchas are quite unobtrusive yet still very effective. Implementing one will help you personally and the site as a whole.
Keep your DNS records up to date
DNS is a technically challenging subject worthy of its own discussion. For our purposes there are key DNS records that have a direct impact on the deliverability of your site’s emails. One such record is known as an SPF record (Sender Policy Framework). In essence, it declares what IP addresses can send emails from your domain. For example, if your domain is mystore.com and your website’s IP address is 1.1.1.1, you should have a clause that states “IP address 1.1.1.1 is authorized to send emails from mystore.com”. If you recently changed hosting companies, your IP address will have changed as well. If your new host did not also update your SPF record, most email providers will consider your emails to be spam.
Contact your hosting provider and/or web developer to help you get all your DNS records updated if you recently changed your hosting plan and are receiving complaints of emails going to spam.
Check your blacklist status periodically
Your domain may end up on a blacklist if your domain has been reported to be sending out a lot of spam (either by automated methods or recipients marking it as such). While there is no single authoritative blacklist, there are several dozens of such lists that are used by service providers and email services to see if your domain’s emails should be considered spam. You may have ended up on a blacklist if your customers are reporting more and more emails going to spam.
To check if your site is on a blacklist, go to MX Toolbox and see if your domain has made any of the lists. If it has, the particular list will usually have instructions on removing it. Oftentimes your hosting provider will help you out with this if you believe it is erroneous since it will be in the host’s best interest to not have any sites on their servers blacklisted.
Consider using a third-party email sending service
You may want to use a third party sending tool to send emails for you if your website sends out a great number of emails on a continual basis (such as a site that has an active forum). The advantage of doing so is that the service will track all your outbound emails and will allow you to search for them and provide detailed statistics. For example, you can see that 98% of your emails are delivered successfully, 1% are undelivered, and 1% are going to spam. You can also search for individual emails so you can definitively know if an email was sent and received by the end user. Very few hosting platforms allow you to view all your site’s outbound emails in such a useful way.
In addition, the service can often provide technical assistance in the case of blacklists or other site-wide issues. These services usually require some technical assistance by your host or developer to set up. Several (such as Sendgrid) have WordPress plugins to aid the process.
In summary, ensuring consistent email delivery from your website requires diligence and persistence. Pay attention to your users if they begin to complain about not receiving emails. There may be a bigger issue at hand.