Messages sent to gmail from custom domain going to spam - email

I know this isnt kind of perfect type of message to post here, but I will give it a try:
When I send an email from my domain to gmail, it automatically goes to spam. On customer support, they told me that my domain isnt on any kind of blacklist.
Here are the headers:
http://pastebin.com/QVYrDQbz

Ask gmail recipients to move messages from [GMAIL]/Junk folder to Inbox folder (IMAP terminology) or mark it as "not spam" via web interface.
As long as recipients do not tell gmail its "classification as (possible) spam" had been wrong gmail assumes it has been right.
It may help to publish spf record for domain of email sender especially when sending host is in another domain
DKIM signing of outgoing messages may help too
https://support.google.com/mail/answer/81126?hl=en#authentication

Related

Email sent through my custom email address are ending up in spam

I'm sending emails via this custom email address sales#decorbunny.a2hosted.com that I have but all the emails are ending up in spam. i have done all of the following authentications
DKIM (Domain Key Identified Mail)
SPF (Sender Policy Framework)
DMARC – requires you to already be using DKIM and SPF
I also tested the emails score here at https://www.mail-tester.com/ and its 10/10. But still the emails end up in spam. Can anybody please tell what can be the issue?
If you're sending bulk emails make sure the list your using isn't bad and that your email address isn't marked as a spam address by services.
If your emails contain links to fishy/sketchy websites then it can be marked as spam.
Your using too many images or too much images with too little text.
You're sending too many attachments.
Your recipient marked you as spam.
Your outgoing email information is incorrect/bad
If you're using a hosting service then contact your provider and see if something is up or if they can provide any insight! Email's are next to printer's in how fun it is to troubleshoot. Goodluck! If it's just one email your sending to that is marking you as spam then check it's settings if you can, or ask that email address owner to whitelist you, that is if your not sending bulk. Don't go asking 100+ people to whitelist your address lol

hide the fact that an email is sent from gmail's web interface

Does anyone know if you can hide or modify some of the header fields from the sent email via the Gmail web interface?
such as:
X-Gmail-Original-Message-ID: xxxxxxxxxxxx#mail.gmail.com
Message-ID: xxxxxxxxxxxxx#mail.gmail.com
My idea would be to completely fake (hide the fact) that the said email was sent from the Gmail web interface. The goal of that would be simple - use Gmail even if the company you work for, does not allow it.
Perhaps there is a Gmail extension for that?
AFAIK, you can only change the from email when sending email from Gmail. Take a look at Send emails from a different address or alias.
Also, there are techniques to really find out where an email came from; forging email headers and/or spoofing emails is something that spammers do and will get your IP address blacklisted by your ISP.
You can also check How can I find out where an email really came from?. The headers can also be put in SpamCop and let them do the trace work with an option of sending a SPAM notice to the responsible sysadmin.

Avoiding email filters with legitimate use of spoofing

I have a web application that will be used by committee chairs to communicate with committee members over email. All these users will have e-mail accounts external to the web application and domain the web application is hosted on. Any replies from members need to be directed to the e-mail of the committee chair user, not an account on the domain of the web application. The only two methods of accomplishing this that I've come up with are
In the from of the e-mail, use the e-mail of the sending user. E-mail applications for many of the committee members block this as spam.
Use an account such as no-reply#applicationdomain.com, and then include instructions in the e-mail of the correct address that replies should be sent to. Users often get confused and don't send replies to the correct address.
Are there any alternatives I am missing?
Traditionally, this was the purpose of the Sender email header. If you want an email to be From the user, but sent by you, you would just set the Sender header to an email address on your domain but have From be the user. Also, the SMTP envelope sender should also be on your domain. Then, you would be properly declaring that you're the sender of the message for anti-spam purposes, you'll receive any bounce messages, but email clients will know that the email is reportedly from the "real" user, and will direct replies accordingly. Generally, email clients would report both Sender and From, saying something like "From my-server#website.example.net on behalf of real-user#example.com", though obviously the details depend on the email client being used.
Refer to What's the difference between Sender, From and Return-Path? and OpenSPF Web Generated Email Best Practices for more information.
However, now DMARC has come along. It has made the decision that verification should be based only on the From header. The theory is that there's no way for an end-user to know whether a particular Sender is in fact authorized to send mail "on behalf of" the user listed in the From header. While it probably isn't the decision I would have made due to how it ignores the traditional Sender, it's something that needs to be dealt with now, as if the domain of the user listed in the From has a DMARC record that is set to q=reject, then nobody else, including your web form that's trying to send mail with the complete approval of the user, can send mail that's From that domain. More and more domains are turning on DMARC, and as they do so your form won't be able to send email From them, regardless of what other headers are set.
The only other alternative, then, is to have email be From your application entirely, but set the Reply-To header to where the email program should send replies to. Also, the SMTP envelope sender should be your application, and ideally be set to an address that can handle bounce messages or other errors. You shouldn't need to include any instructions, as the Reply-To header is very well supported among email clients as indicating where replies should be directed.
Refer to the DMARC FAQ entry "Why are messages I send on behalf of visitors to my website being blocked?".

Trouble creating own mailserver

I am creating own mail server. I am using Haraka (http://haraka.github.io/). But I am little confused about the relay thing. How to make relay my mail server so that I can send mail using other domain(DKIM and SPF verified).
I want mail in receiver inbox not in Spam. Right now mail is received in spam. What is relay in particular ? Can anyone help ?
What I've got is that you're having a problem with sending mail on behalf of "other domain".
Given that "other domain" mail reaches its destination (even in SPAM folder) I assume that you've configured your relay right.
Key thing to notice is that DKIM and SPF records not only need to be validated but also need to be aligned with your "other domain". It's a common scenario when SPF/DKIM validations 'pass' but overall DMARC policy 'fails'.
Providing both your message headers (to check how it was processed) and your other domain name (to check how SPF/DKIM/DMARC records configured) would help a lot.

Gmail thinks our email is NOT from the FROM domain and puts it in Spam Folder, how to solve this?

We have a website where we allow you to reset your password (say if you forget your password). This is standard on many websites. Basically you enter your email address which you've used to register on our website, then we send you an email containing an email reset link.
This is all standard stuff. However, the problem is: Gmail somehow thinks this email we send to the user is spam, and puts it in the Spam folder.
The specific message Gmail shows is:
Be careful with this message. Our systems couldn't verify that this message
was really sent by xyz.com. You might want to avoid clicking links or replying
with personal information.
Let me explain how we send the email. We use the company sendgrid.com to deliver
the emails. xyz.com is a domain we control. (xyz is a pseudo-name here.)
The email's from address is: do-not-reply#xyz.com
We have changed xyz.com's SPF record to include "sendgrid.com" (and "sendgrid.net" "sendgrid.me").
There's no website associated with xyz.com, however.
My question is: what else can we do to make Gmail believe the email is from the domain xyz.com? So it doesn't put the email in the spam folder?
Thank you.
Did you end up publishing DKIM with Sendgrid? Also, I have a feeling your SPF record isn't quite right as generally there's one official entry per email provider. You mention adding several. I'd recommend looking at their docs for exactly what they recommend publishing in your SPF. Do this for any provider you use for any kind of email.
Since you mentioned Sendgrid as your ESP, here are Sendgrid's instructions. Once you've done the DNS you have to ask Sendgrid to "sign" it. Since DKIM uses cryptography you'll need them to do their side.
DKIM's less complicated than it sounds. The DNS records you have to add will take a few minutes then presumably open a ticket to Sendgrid to have them do their side.
Also, as an aside, could you post what you have for your SPF record here? I don't mean your domain but what the value is? It's not directly causing the problem but it's a key component of email authentication.
Once you've completed SPF and DKIM, it is critical you validate them both. Do a search for SPF validates and DKIM validator to find online tools.