SOLVED: What Causes Email To Be Sent To Junk Folder or Quarantine?

Published by Ian Matthews on

Microsoft, Google, Yahoo, Apple and others are not going to provide details on how their algorithms determine what is and what is not spam. What they will do is provide generalized explanations and allow email administrators (like www.URTech.ca staff) to see various “switches” and thresholds for categories. From these we can tell you how to reduce the likelihood of getting your email blocked by a spam filter.

This article is intended for tech savvy end users. If you are an administrator, you will find What an Email Message Header Tells You About Spam useful.

What Causes Email to Be Flagged as Spam?

We will start with the nontechnical reasons email is flagged as spam and then go onto the hard core stuff.

  1. CORPORATE vs PERSONAL:
    Senders using corporate email are far less likely to have their emails flagged
    • Tech – In the message header there often a segment named “x-ms-exchange-senderadcheck: 1” and that means that the email was routed through a Microsoft Exchange mail server and that the sender belongs to an AD (Active Directory).
  2. ADVERTISEMENTS:
    If you are sending advertising / promotional material the mail servers can figure that out and will often flag and then block it.
  3. LINKS:
    There are two details here:
    1. This one really depends on the receiving mail servers anti spam rules but some email servers not only look at the number of links included in an email but also where those links are going. If you have many links in your email, it is more likely to be blocked.
    2. If the links you include go to malicious sites, infected sites, or are pretending to be some other company (i.e. it has a few Amazon logos, but it is not Amazon), the email is likely to be flagged as spam
  4. BULK MESSAGES:
    If you are sending dozens, hundreds or thousands of messages at the same time, most mail servers will pick up on this and often block your email. Once solution is to send your emails in batches rather than all at once.
  5. GRAPHICS:
    The are two things here:
    1. If you are sending emails with more than one graphic, most receiving mail servers will increase their “spam confidence level” (aka SCL) and may block your message
    2. If you are sending email that contain corporate or brand logos (like Amazon, Microsoft, Nike, UPS, FedEx, Apple, the Government, Staples, Costco…) many of the better anti-spam filters will think you are trying to mislead the recipient into thinking you are someone the servers know you are not, and they may block you.
  6. HACKED SERVER:
    Nearly all legitimate mail servers (Microsoft, Google, Apple…) will:
    1. periodically scan the mail server you are sending from (i.e. your companies) and if they find security holes on it, they will flag and block messages from it, including your legitimate message.
    2. use “Real Time Black List” (aka RTBL and RBL) and “Real Time Black Hole List” (aka. RTBH lists) to see if others have flagged your mail server as sending malicious content or not being secure
      • Tech – Used free services like check.spamhaus.org to see if your server is flagged and why.
  7. BLACK LIST:
    Users easily report email messages as spam. One such report will do nothing to change your status, but if dozens report your email as spam all the big email processors (like Microsoft, Google, and Apple) will block your mail at their servers
  8. SOURCE SERVER:
    If you are sending mail through a service like HubSpot, Constant Contact, Mail Chimp or Drip, your messages are (correctly) far more likely to be blocked
    • Tech – In the message header look for a line that says “Antispam: BCL:0” That indicates the message is not from a bulk sender
  9. GEOGRAPHY:
    If your emails originate in or are routed through Russia or China or other countries known for high rates of spam, your email is more likely to be blocked.
  10. AUTHORIZED SERVER:
    Sender Policy Framework (aka SPF) records exist in the internet phone book (called DNS) and they tell receiving mail servers which servers are authorized to send mail using a domain. In other words if you try to send an email using a domain you do not control, it will likely be blocked.
Categories: Microsoft 365 Apps, Azure & CloudMicrosoft Exchange ServerOffice: Word, Excel, Outlook...

1 Comment

MO · November 20, 2022 at 9:37 pm

Very well written. This was killing me. Why is my mail going to junk!?!?!? Fixed it with your help 🙂

Keep up the good work

Reply

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Step By Step - How to Remove Public IP Addresses From Azure

SOLVED: VIDEO: How To Remove Public IP Address & Save Money In Azure

In this short Azure tutorial we demonstrate how to remove static addresses from Azure virtual machines. In particular, we show how to remove static public IP addresses. 0:00 Introduction0:24 Why Remove Public IP Addresses0:44 How Read more…

how to split an an excel rows into groups

SOLVED: VIDEO: Separate Excel Rows Into Groups of 100

We had a client that wanted to separate a very large Excel list of about 3000 rows into groups of 100 so that they could print off wrote lists for about thirty volunteers. We didn’t Read more…

mfa keeps you safe from hackers

SOLVED: How To List Users Who Do Not Have MFA in Azure & M365

We’ve recently had a client who was breached because a long-term brute force spray password attack eventually correctly guessed and administrators password. This breach should have been avoided by the company ensuring that all of Read more…