Help! Legitimate business email flagged as spam

9    28 Jun 2015 16:01 by u/flat_hedgehog

Dear /v/programming, I hope this is acceptable here. I need your help.

I work at a business that sends regular bulk emails to thousands of people. This isn't spam. They have signed up with us and we need to be able to email them. Recently we have fallen afoul of various spam filter programmes. Turns out some spammers got into the mail relay server, sent out a few batches of spam emails, then vanished. It was enough to get our IP blacklisted in a few places.

I am an IT semi-professional, in that everything I know about how email works I have learned in the past 6 weeks. I have taken us off of a few blacklists. The real IT guys have tidied up a few things, including the way the spammers got in. We are being blocked by "Spam Assassin", which has a long list of rules and I don't know which is relevant to us. I control what's in the body of the email. The IT guys deal with the server. To make matters worse, the server is used by a couple of sister businesses.

To prevent legitimate email looking like spam, what rules should I implement? I am aware of putting the business name and address at the foot of the email and adding an unsubscribe link for non-essential email. I'm currently enforcing these two. What else is important? Assume I have moderate influence in the business, very little outside the business and no budget.

TLDR: How do I stop legitimate business email looking like spam?

Update: Finally managed to get us off a privately-held blacklist. Fuck spammers.

10 comments

5 u/flashurnands 28 Jun 2015 16:25

Having DKIM and proper SPF worked pretty well with google's filters for me. I made a postfix server for funsies but noticed all my mail by default was put in the spam folder when sending to my google email until I had DKIM implemented.

Is there a /v/sysadmin or something more relevant?

2 u/flat_hedgehog [OP] 28 Jun 2015 17:36

I had the IT guys implement proper SPF. I also looked into DKIM but it currently falls under "no budget". After doing all the obvious things, I'll prepare a report and ask for things like DKIM to be put in place.

And I'll try to cross post this to /v/sysadmin.

2 u/flashurnands 28 Jun 2015 17:44

Hmm, it didn't cost me any money to implement. Well, good luck! Hope the sysadmins can be of further help.

1 u/flat_hedgehog [OP] 28 Jun 2015 17:52

Ah, no. It would cost the IT guys time and effort, which they would bill to us. And one said that it would take funding to set up and pay for the certification.

4 u/flashurnands 28 Jun 2015 17:58

I believe he is confused as to how DKIM is implemented, it is not PKI.

From Wikipedia:

The default parameters for the authentication mechanism are to use SHA-256 as the cryptographic hash and RSA as the public key encryption scheme, and encode the encrypted hash using Base64.

A verifier queries the TXT resource record type ... There are no CAs nor revocation lists involved in DKIM key management, and the selector is a straightforward method to allow signers to add and remove keys whenever they wish

1 u/flat_hedgehog [OP] 28 Jun 2015 18:10

Hmm... I'll raise it tomorrow. Thanks for your help.

1 u/flashurnands 28 Jun 2015 18:12

No problem! Good luck!

2 u/brandonwamboldt 28 Jun 2015 20:58

Make sure you aren't on any blacklists (http://mxtoolbox.com/blacklists.aspx), and ensure you have a valid SPF record (http://mxtoolbox.com/spf.aspx). I added an SPF record which fixed most of my issues, but turns out I was blacklisted by Hotmail (an entire block of IPs was, I just happened to be in that block). I was able to easily get myself removed from the blacklist though.

0 u/flat_hedgehog [OP] 29 Jun 2015 21:25

We're not on any blacklists (any more) but the SPF isn't showing up on that site. I get an SPF = pass on an email received by a test account so I'm not worried about that. The IT guys implemented it properly over a week ago. Thanks for your reply.