Reputation: 26271
Identify spam indicators based on emails headers
Using PHPMailer with SMTP, the following email was sent from my VPS (mydomain.com hosted by phpwebhosting) as if it came from my Comcast account ([email protected]) to my Gmail email ([email protected]), and Gmail flagged it as spam.
Looking at the email headers, how can I determine what might make a email client flag an email as spam?
Delivered-To: jane.doe
Received: by 10.28.7.197 with SMTP id 188csp518471wmh;
Fri, 8 May 2015 06:51:39 -0700 (PDT)
X-Received: by 10.43.17.135 with SMTP id qc7mr4244827icb.14.1431093098853;
Fri, 08 May 2015 06:51:38 -0700 (PDT)
Return-Path: <[email protected]>
Received: from smtp1.phpwebhosting.com (smtp1.phpwebhosting.com. [145.242.148.75])
by mx.google.com with SMTP id ag10si4096698icc.25.2015.05.08.06.51.38
for <jane.doe>;
Fri, 08 May 2015 06:51:38 -0700 (PDT)
Received-SPF: neutral (google.com: 145.242.148.75 is neither permitted nor denied by domain of [email protected]) client-ip=145.242.148.75;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 145.242.148.75 is neither permitted nor denied by domain of [email protected]) [email protected];
dmarc=fail (p=NONE dis=NONE) header.from=comcast.net
Received: (qmail 29774 invoked from network); 8 May 2015 13:51:37 -0000
Received: from unknown (HELO test.sites.mydomain.com) ([email protected]@145.242.134.91)
by smtp1.phpwebhosting.com with (DHE-RSA-AES256-SHA encrypted) SMTP; Fri, 08 May 2015 09:51:37 -0400
Date: Fri, 8 May 2015 06:51:36 -0700
To: Jane Doe <jane.doe>
From: John Doe <[email protected]>
Reply-To: [email protected]
Subject: Mydomain Password for Test Site
Message-ID: <[email protected]>
X-Priority: 3
X-Mailer: PHPMailer 5.2.9 (https://github.com/PHPMailer/PHPMailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_fa1b444df47091d2ca100f40d93b14cc"
Content-Transfer-Encoding: 8bit
--b1_fa1b444df47091d2ca100f40d93b14cc
Content-Type: text/plain; charset=us-ascii
Hello Jane,
I have added you to our Mydomain sales tracking and bid solicitation tool.
Your username is: jane.doe.
Click the following link within 24 hours to set your password: https://test.sites.mydomain.com/index.php?cid=25&task=display_p&t=28dba87d5fb8062e40a69f0192660471
Thank you
--b1_fa1b444df47091d2ca100f40d93b14cc
Content-Type: text/html; charset=us-ascii
<p>Hello Alvin,</p>
<p>I have added you to our Mydomain sales tracking and bid solicitation tool.</p>
<p>Your username is: jane.doe.</p>
<p>Click the following link within 24 hours to set your password: <a href="https://test.sites.mydomain.com/index.php?cid=25&task=display_p&t=28dba87d5fb8062e40a69f0192660471">https://test.sites.mydomain.com/index.php?cid=25&task=display_p&t=28dba87d5fb8062e40a69f0192660471</a></p>
<p>Thank you</p>
--b1_fa1b444df47091d2ca100f40d93b14cc--
Upvotes: 0
Views: 360
Answers (1)
Reputation: 3817
There is no surefire way to tell why Gmail flags an email as spam. Spam filters in general are black boxes from the perspective of the sender, as only those who know the inner workings and have access to logs can tell for sure what happened to certain email. The reason for flagging can be virtually anything, like violating the sender domain's policies, poor IP reputation, poor reputation of links used, similarity to spam emails, bad standards compliance and so on. Sometimes there is no singular reason either.
It's not that you can't make an educated guess. In this particular case, you are sending an email in the name of a comcast.net user, but you are bypassing Comcast servers entirely. Comcast has SPF and DMARC policies in place and although Comcast's SPF policy evaluation doesn't assert smtp1.phpwebhosting.com either permitted or not (SPF "neutral" result), the DMARC result that Gmail is getting is "fail". The DMARC policy for Comcast is not to flag emails failing email authetication (but report them only), but I'd still guess it's a bad omen. Try sending the email via your authorized Comcast server or use your own domain name for both From: and Return-Path to see if you can avoid getting flagged as spam.
Upvotes: 1
Related Questions
- Are email headers different when email is in spam?
- Clustering or other mechanisms for implementing generic spam detection
- Email spam classification extracting features from header
- Analysing email header from hotmail for message marked as spam
- Can custom email headers trigger spam filters?
- How to identify emails sent by humans?
- How do I catch the email address of a spammer?
- To detect spam messages using imap php
- effective way to determine if a message is spam?
- Preventing spam through e-mail frontend