5.3 How to increase email sender reputation

Email Reputation Banner EN

What is Sender Reputation?

Sender reputation of an email plays a crucial role in the deliverability and acceptance of emails by recipients. Mail servers and spam filters analyze the sender’s reputation to determine whether an email should be placed in the inbox or marked as spam. Sender reputation depends on various factors, such as the frequency of sending emails, the number of spam complaints, adherence to authentication protocols (like DKIM and SPF), and the overall reputation of the IP address you use for sending. Maintaining a good sender reputation is pivotal for successful email delivery and effective communication with recipients. In this article, we will explore the fundamental methods to enhance your sender reputation.

Sender Address

A common and fundamental mistake when sending emails is an incorrectly specified sender address. You can create mailboxes, implement all possible authentication methods, use a dedicated IP for sending, and still provide an entirely different email address in the sender field. The peculiarities of the SMTP email sending protocol allow you to specify almost anything in the sender’s address, even something like elon.musk@tesla.com. However, how the receiving mail server interprets such an email is an entirely different matter.

Throughout your life, you’ve likely seen sender addresses when receiving emails. Typically, it appears as the following line in the email header:

From: john.jackson@example.com

The sender address consists of two parts: the local part and the domain part. The local part usually represents the username or the mailbox name on the mail server, while the domain part indicates the domain to which the email address belongs. When using SMTP, always specify a genuinely existing mailbox based on your domain in the sender’s address. Otherwise, no further advice on improving email deliverability will be able to assist you.

Attention: a similar mistake can be made using phpMail for sending emails. If your PHP is configured to use an email address not based on your domain but, for instance, a Gmail address, it significantly diminishes the chances of your emails being successfully delivered.

Using SMTP for Mass Emailing

Note: the issue of using phpMail is discussed in more detail in a separate article.

Often, mass email campaigns are conducted using the mail() function and its derivatives like phpMail. However, not everyone is aware that the mail() function scripts can also harness all the advantages of SMTP, including enhanced delivery reliability and multiple levels of authentication. Below is an example script with SMTP authentication:

// Include the PHPMailer library
require 'path/to/PHPMailer/PHPMailerAutoload.php'; 

// Create a new PHPMailer object
$mail = new PHPMailer; 

// Configure SMTP settings 
$mail->isSMTP(); 
$mail->Host = 'smtp.example.com'; 
$mail->SMTPAuth = true; 
$mail->Username = 'client@example.com'; 
$mail->Password = 'client_password'; 
$mail->SMTPSecure = 'tls'; 
$mail->Port = 587; 

// Set email parameters 
$mail->setFrom('client@example.com', 'Client Name'); 
$mail->addAddress('recipient@example.com', 'Recipient Name');
$mail->Subject = 'Subject of the Email'; 
$mail->Body = 'This is the body of the email'; 

// Send the email 
if (!$mail->send()) {     
    echo 'Error: ' . $mail->ErrorInfo; 
} else {
    echo 'Email has been sent successfully!'; 
}

As you can see, in this script, an existing email address on the server is used as the login.

When using phpMail on our hosting services, SMTP authentication can be performed using a simplified approach, without specifying a password and encryption, and using port 25. The SMTP settings block in this case would look like this:

// Configure SMTP settings 
$mail->isSMTP(); 
$mail->Host = 'localhost'; 
$mail->SMTPAuth = false; 
$mail->Username = 'client@example.com'; 
$mail->Port = 25;

Dedicated IP Address

Using a dedicated IP address for email sending can significantly improve email deliverability. When you share a hosting’s shared IP address with other users, your reputation can be affected by the actions of other email senders. If one of the users sharing the same IP address sends spam or violates rules, it can impact the sender’s reputation for all users utilizing that IP address.

However, with a dedicated IP address, you have full control over its reputation and can manage email sending independently from other senders. This allows you to substantially enhance email delivery rates and reduce the risk of emails being marked as spam.

Note: The dedicated IP you obtain should be configured for your email domain to ensure emails are sent from it. This configuration is necessary for effective email delivery.

PTR and Hostname

If you have a virtual/dedicated server service, you are provided with a dedicated IP address by default. Additionally, a dedicated IP can be acquired for hosting services. When working with a dedicated IP, it’s essential to pay attention to Hostname and PTR records.

PTR records, also known as reverse DNS records, associate your server’s IP address with its corresponding domain name. When sending emails, the recipient’s server can verify whether the PTR record matches the hostname stated in the sender’s address. If the PTR record is not configured or doesn’t match the expected hostname, it can negatively impact email deliverability.

On hosting services, you can modify PTR records yourself in the control panel under the IP Address List tab. For virtual servers, PTR records can be changed in the cluster control panel under the IP Addresses tab. Alternatively, you can always request support to modify the PTR record for your IP address.

Hostname is the name assigned to a device in a computer network, applicable to both Windows and UNIX-like systems. For email delivery, the Hostname must be configured to match the actual domain name of your server. In some cases, email service providers may verify the correspondence between the hostname and the domain name specified in the sender’s address, using this information to decide whether to deliver emails. However, there is no option to change it on hosting services.

To access these settings on Windows, you typically need to right-click on My Computer (or This PC in newer Windows versions) on the desktop or in the Start menu, select Properties or Settings, and then navigate to the Computer Name section.

In Unix-like systems such as Linux or macOS, the hostname is found in the /etc/hostname file. To change the hostname, you usually need to edit this file using a text editor or employ specific commands, like hostnamectl in Linux or scutil in macOS. The current server name can be checked using the hostname command.

In most cases, for email delivery, PTR records and Hostname should have the same value.

SPF (Sender Policy Framework)

SPF is a DNS record that allows you to specify which servers are authorized to send email on behalf of your domain. SPF helps prevent email spoofing and increases the likelihood of successful email delivery. When a server receives an email from your domain, it checks the SPF record in your domain’s DNS records to ensure that the server sending the email is authorized to do so.

To set up SPF, you need to create a TXT record in your domain’s DNS records, specifying the authorized servers for sending emails. This helps reduce the chances of your emails being marked as spam or rejected by the recipient.

The possible syntax for an SPF record is presented below:

SPF Record Description
SPFv1 SPF record version
v=spf1 Beginning of the SPF record
include Include additional domain in the SPF record
ip4 Allowed IPv4 addresses of senders
ip6 Allowed IPv6 addresses of senders
a Allowed A records of the sender’s domain
mx Allowed MX records of the sender’s domain
ptr Allowed PTR records of the sender’s domain
include:_spf.example.com Example of including an additional domain
ip4:192.0.2.0/24 Example of allowing an IPv4 range
a:mail.example.com Example of allowing an A record

For example, lets review the following SPF record:

example.com.  IN TXT "v=spf1 include:_spf.example.com ip4:192.0.2.0/24 a mx ~all"
  • v=spf1 specifies the beginning of the SPF record.
  • include:_spf.example.com includes the additional domain _spf.example.com in the SPF record. SPF checks will be performed for this domain.
  • ip4:192.0.2.0/24 allows sending emails from IPv4 addresses in the range 192.0.2.0/24.
  • a allows sending emails from servers specified in the A records of the sender’s domain.
  • mx allows sending emails from servers specified in the MX records of the sender’s domain.
  • ~all indicates a soft fail. If an email doesn’t match any SPF record rules, it will be marked but still might be delivered.

Note: By default, SPF records are created for all domains parked on our hosting service.

DKIM (DomainKeys Identified Mail)

DKIM is an email authentication method that allows you to verify the authenticity of the sender and the integrity of the email’s content. It relies on the use of a cryptographic key that is added to the email header. The recipient can verify this key and ensure that the email was sent by the domain indicated in the header and was not altered during transmission.

To use DKIM, you need to generate a key and add it to the DNS record of your domain. This enables mail servers to authenticate your email. DKIM increases the likelihood of your emails being delivered to the recipient’s inbox rather than the spam folder.

Let’s consider an example of a DKIM record:

example._domainkey.example.com.  IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2bgaY1cHPsZcscb     5A1E6sjXnx2hTdyHbCzm31Frc9oE4d0bfuUOjq6lc+NLXKwGOn8l 6zV6EK+sL9HvEKByuoDgFElF2r6xGudFhK4fC9K+jAKf9B3iYRiH SX8mrrzzWZnvnKYTpG8lWCocGZ5O5p7FhC7m+8FOXFUm9tuvAQIDAQAB"

Note: DKIM records are unique for domains and copying records from the example for your domain will only worsen the delivery of emails!

In this example:

  • example._domainkey.example.com. is the DKIM record name, which should be configured in the DNS for the domain example.com.
  • IN TXT indicates the TXT record type.
  • "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2bgaY1cHPsZcscb...AQAB" is the value of the TXT record containing the parameters and the public key for DKIM.

Warning: by default DKIM is not created for all domains parked on our hosting. It can be generated and activated as follows on any of our hosting services, or on a virtual or dedicated server with the ISPManager panel.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

DMARC is a set of rules and authentication methods that combine DKIM and SPF to enhance email security. DMARC allows you to specify how mail servers should handle emails that fail DKIM or SPF authentication. You can choose to have such emails delivered, placed in the spam folder, or completely rejected.

To set up DMARC, you need to create a TXT record in the DNS records of your domain, specifying the DMARC policy and email addresses for receiving DMARC verification reports. DMARC helps strengthen email deliverability and protect your domain from email spoofing.

The possible syntax for a DMARC record is as follows:

DMARC Запись Описание
_dmarc DMARC record start
v DMARC version
p Policy for handling emails that fail DMARC checks
rua Address(es) for sending DMARC verification reports
ruf Address(es) for sending reports about emails that failed DMARC checks
fo Options for handling emails not conforming to DMARC policies
adkim DKIM signature verification method
aspf SPF alignment verification method
sp Action for SPF policy checks
pct Percentage of emails subject to DMARC checks
_dmarc.example.com.  IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc-reports@example.com; ruf=mailto:dmarc-failures@example.com; fo=1; adkim=r; aspf=r; sp=reject; pct=100"

In this example:

  • v=DMARC1 indicates the DMARC version.
  • p=reject specifies the action policy, in this case, to reject all emails that fail DMARC checks.
  • rua=mailto:dmarc-reports@example.com specifies the address to which DMARC verification reports will be sent.
  • ruf=mailto:dmarc-failures@example.com specifies the address to which reports about emails that failed DMARC checks will be sent.
  • fo=1 sets the option for handling emails that do not conform to DMARC policies for report generation.
  • adkim=r specifies the DKIM signature verification method for the From header field.
  • aspf=r specifies the SPF alignment verification method for the From header field.
  • sp=reject specifies the action for SPF policy checks, in this case, to reject emails that fail SPF checks.
  • pct=100 specifies the percentage of emails subject to DMARC checks (in this case, 100%).

Note: DMARC is not created by default for all domains parked on our hosting. You can configure DMARC for your domain yourself; however, without DKIM, this record is much less effective.

Conclusion

Enhancing email deliverability through technical means can be critical for effective communication with your clients. Implementing DKIM, SPF, dedicated IP, and DMARC enables you to increase the likelihood of successful email delivery and prevent them from ending up in spam folders. Ensure that you have configured these authentication and protection mechanisms correctly according to your domain’s specifications and requirements. Remember, even strict adherence to all authentication rules does not guarantee your recipient will receive your email, especially if your IP address current reputation has been compromised previously.