Knowledgebase

1) Misconfigured email client
2) SPF Record issues - Using external email servers to send email.
3) Spammyfied emails and content filters.
4) Blacklists

1) Misconfigured Email Client

Most issues experienced is due to a misconfigured email client. Please ensure you have followed our email client setup documents located here http://www.hostworx.co.za/knowledgebase/51/Mail-Setup-for-email-clients-and-Cell-Phones.  

If your domain is on our servers and mails are being rejected by other email servers and our servers, this is due to the email client being misconfigured.   Please select the correct document related to your email client and follow the step by step instructions to resolve your issue, once configured according to these instructions you should not have any further issues.

2) SPF Failures - Using non HostworX servers

What Is SPF exactly?

Well, let's start with WHAT SPF IS NOT and move forward from there. SPF is not a solution for spam. It does not stop spam from being sent or received. It will not block spam from getting to your mailbox. In fact, it won't even stop spam from being sent out through your own server.

What is it then?   It is a solution for email address spoofing.

Spoofing is when a spammer sends out a batch of email and it is made to look like it came from you.     Spammers will push out a ton of spam emails and a great majority of it gets bounced back to them as undeliverable. They don't like that. It wastes time for them.

So they came up with a solution. Get an address that works and send out that spam as if it came from that address.
Your address. The result is that you get all those bounceback messages. Nice, right?? Well, this is where SPF helps.

SPF allows a domain owner/admin to specify which email servers emails can be sent from for the domain. Mail servers who check for an SPF record can make sure that the person sending an email is actually allowed to send it. When someone else's mail server receives a message claiming to come from your domain, then that receiving server can check whether the message complies with your domain's stated policy. In other words, if someone sending an email out as if it came from yourdomain.com, but it is actually being sent from gmail.com, the receiving server can reject the email since gmail.com would not be listed in your SPF setting in your domain's DNS zone.

This Is All Just A Bit Confusing!

It can be. So, here's a little diagram that might help.

I hope this illustration shows the process in a way that most people can easily follow what is happening.

By Default HostworX sets the email servers that your domain is hosted on as the only servers that can send mails out, this means if you use any other email servers, for example telkom, mtn, vodamail, etc to send out mails they will get rejected.   So if you do not use "smtp.(your own domain) or mail.(your own domain)" as the outgoing mail server your mails will most likely also be rejected. To fix this issue please see point 1 above.

Sometimes there is a requirement to use external email servers, ie you use a hosted billing or invoicing system, which sends out the emails as if they come from your domain. Well to resolve this issue, you will need to contact the systems support personnel, ask them what their mail servers ip address or dns name is that they use. Once you have this you can edit your SPF record on our control panel to include this server. To do this follow the below instructions, for example you want to use sage accounting, and send out mails to clients as if its from your domain, but via sage, you will need to contact them and ask for their spf record for their mail servers.

1. Login To SolidCP
2. Click on My Domains"
3. Click on the domain you are using or making changes to
4. Click on the "Edit Dns Record Button"
5. You should see a TXT dns record near the bottom looking like this
   
    _SPF         TXT       "v=spf1 mx ip4:196.22.190.0/24 -all"
   
   
6. Lets say you were given the spf record name _spf.sage.co.za as the spf record for sage mail servers that they use
7. Add in the remote mail server by using the include parameter in the spf record field, click the edit button of the spf TXT record for your domain
8. The Record Data field should look like this  "v=spf1 mx ip4:196.22.190.0/24 -all" To add sage to this record, you goto the end, just before the "-all" and insert in "include:_spf.sage.co.za" making sure you keep the spaces between the parameters. if its added correctly the data field will look like this below.
   
   "v=spf1 mx ip4:196.22.190.0/24 include:smtp.xyz.co.za -all"
   
   
9. Then you can click save to update the record.  
   
   

This will now allow the smtp.xyz.co.za server to send mails out on behalf of your domain.

3) Content filters and spammyfied emails getting blocked or rejected

Sometimes emails are received with spammyfied content, which can cause emails to be rejected or marked as spam, unfortunately this is different for every email received as there are thousands of reasons why the emails could be rejected. HostworX makes use of spamassasin, which is used worldwide by most ISPs   and is a collaborative effort. rules are updated regularly with spam that is generally received. Spamassasin use hundreds of checks and these checks returns a scoring, which if it goes over a certain score values is flagged as spam.  

Spam trigger words or phrases

Spam filters consider a long list of criteria when judging the "spamminess" of an email. They'll weigh each factor and add them up to determine a spam score, which then determines whether an email will pass through the filter. They might look for spammy phrases like "CLICK HERE!" or "FREE! BUY NOW!" Then they'll assign points every time they see one of those phrases. Certain criteria get more points than others. Here's a sample of criteria from Spam-assassin filters:

• Talks about lots of money (.193 points)
• Describes some sort of breakthrough (.232 points)
• Looks like mortgage pitch (.297 points)
• Contains urgent matter (.288 points)
• Money back guarantee (2.051 points)

If your campaign's total "spam score" exceeds a certain threshold, then your email goes to the junk folder. Passing scores are determined by individual server administrators, so unfortunately, what passes some filters doesn't pass all of them. Many words and phrases used in spam emails are used in legal emails such as words and phrases like the below list just to mention a few, Unfortunately, there is no complete list of spam trigger words.

• "Dear Friend"
• "attached is my CV"
• only an image in the body of the email with no writing
• a blank subject line
• Using phrases like "Click here!" or "Once in a lifetime opportunity!"
• Excessive use of exclamation points!!!!!!!!!
• USING ALL CAPS, WHICH IS LIKE SCREAMING AT THE TOP OF YOUR LUNGS VIA EMAIL (especially in the subject line).
• Using bright red or green colored fonts.
• Using bad content. This one's broad, but important. Email delivery expert Laura Atkins details content-based filtering in this article.
• Coding sloppy HTML, usually from converting a Microsoft Word file to HTML.
• Creating an HTML email that's nothing but one big image, with little or no text. Spam filters can't read images, so they assume you're a spammer trying to trick them.
• Using the word "test" in the subject line. Agencies can run into this issue when sending drafts to clients for approval.
• Sending a test to multiple recipients within the same company. That company's email firewall often assumes it's a spam attack.

Further, it is not always the case that your email will end up in the spam filter simply by using a so-called trigger word. The key thing to remember is that a spam filter is trying to remove commercial advertisements and promotions. So generally, words that are common in such emails should be avoided or used sparingly.

Phishing emails are designed to steal your identity by getting you to click on a fraudulent link. The most common method is for the email to be disguised as a legitimate email from a service you trust, such as your bank or a website you frequent. Thus, you want to avoid using phrases that are common to phishing attacks.

Attachments

In general, .jpg, .gif, .png and .pdf attachments are safe to send, provided you include some content in the email as well. However, executable attachments such as .exe, .zip, .swf, etc. should be avoided entirely. Generally, you should not send attachments to people on your list that are not expecting them.

If you need to email a large attachment or an attachment type that usually can be flagged as spam or trigger virus scanners, we recommend a service such as DropBox.com or you can use our bulk online files storage option under your webmail account.

4) Blacklists

Blacklists are used to list known email domains and email servers that have sent out spam and people and isps have reported them due to this happening consistently. Most isps check these blacklists to see if the sending email server is listed, and if listed on multiple lists the emails are normally rejected immediately by the receiving mail server.  

BUT THESE ARE VALID CUSTOMERS
Yes unfortunately your customers who are valid email senders,   also sometimes have email issues, not caused by themselves but others. Most ISPs use shared mail servers where multiple email domains are hosted, and sometimes spammers hack valid email accounts and then use these accounts to send out thousands of spam emails. Unfortunately this gets the mail server listed on blacklists and causes issues.

DONT YOU MONITOR FOR HACKERS
Sure we monitor our servers for people hacking them, but if a person uses a password such as P@ssword,   John123,   Pa55word, or passwords the same as the email account name with 123, qwerty, etc that are easily guessable, hackers find these accounts, and send out thousands of emails before it is picked up.   This is why one of the reasons of why normal email accounts on our servers are limited to a send rate of 250 emails per hour to prevent this from happening.

In a case like this the customer will need to contact their ISP to find out and resolve these issues. You can add a clients email address to your trusted senders list, this will bypass spam filters on our servers like content filters, but this will NOT bypass the blacklist filters.   If your customer has an issue they will need to contact their ISP, we can indicate to you where the issue is happening but they will need to resolve it.