7 reasons why your emails get bounced

7 reasons why your emails get bounced
in:
Created:
19 Jan 2021

7 reasons why your emails get bounced

Do your advertising emails end up in spam? Are you having deliverability problems with your e-Commerce emails?

The systems for filtering spam or phishing emails have evolved a lot in recent years, to the point they sometimes also block useful email messages, such as registrations to services, documents, invoices, communications, etc.Perhaps it might be useful to explain what the fundamental criteria are to ensure that one or more e-mails can be sent with confidence and the knowledge that you have respected the good rules.

First of all it is good to know that e-mails have in their source code a series of information that certifies its origin, this set of data is called Message header and its elements make up the Header fields. In applications or e-mail clients it is called Internet header or Internet Headers, and has a universal formatting.

An email that by hypothesis you are about to send will undergo precise and in-depth checks that we summarize below.

For the more experienced on the subject, it is good to specify that we are illustrating what checks are carried out on public ip addresses, domains and reputation of the same. These checks are performed even before the content or formatting of the email (which are managed by anti-virus and anti-spam).

Here are the 7 reasons why your emails get bounced

1. Greylisting

Greylisting is a system that, if activated on a mail server, will hold all incoming e-mails (for a few minutes) that do not have a known sender or that have not had a conversation with an e-mail address of their domains. in the last few hours or days. It is simple and effective and is able to stop up to 90% of spam because the sender does not make several delivery attempts as mail-servers usually do within 72 hours, but sends only one sending to hundreds of thousands of addresses, so if Greylisting does not receive a new transmission attempt, it discards the message permanently.

2. Reverse DNS resolution (rDNS)

Reverse DNS resolution (rDNS) is the reverse operation to what a DNS usually performs for you every time you type the name of a site in a browser, while in this case the DNS translates the IP address for you in the domain name. The reverse resolution enabled on a mail server verifies the presence and consistency of the IP address retrieved in the sender's SMTP Internet Headers with the PTR which must therefore have a public name. To simplify your understanding of this mechanism, know that once again most spammers send e-mails that do not have this information because they do not have fixed public ip addresses. The reputation of a mail-server, we will see later, is directly interconnected with the address or pool of public IP addresses to which it belongs. Using smtp servers that have PTR properly configured is a great start.

3. DNSBL (RBL or Black-list)

The DNSBL (RBL or Black-list), are public databases, or even private in the case of proprietary lists such as those maintained by commercial anti-viruses or other anti-spam systems, in which public IP addresses or entire classes are listed public or even domains. It is also possible to implement a black-list on your own mail-server even if it will be less effective than large international archives. Mail server administrators usually configure their system in such a way that upon receipt of your e-mail the public address from which it originated is quickly checked and whether it is present in one or more RBLs, at its discretion, and whether this address ip was present or had been reported for any reason, your communication will be directly rejected without escape (not tagged as spam, but rejected).

Nowadays the problem is that many public IP addresses are black-listed without users knowing it, either because they are dynamic addresses and therefore, they were probably used by a spammer before, or because the previous user unknowingly had a malware on your system that has sent thousands of spam mails or even worse with phishing URL.

This is why large e-mail providers and services mask your origin IP address and deliver the e-mail with theirs, not to protect your privacy but simply because most e-mails would be rejected.

4. Sender Policy Framework (SPF)

Sender Policy Framework (SPF), another system to verify a trusted sender, certainly effective and accurate. If the receiving server adopts this further verification in addition to the previous ones, it will perform a DNS query on the sender domain, and will look for a specific record (the SPF) which will contain the list of public IP addresses that can send on behalf of that domain. In practice, if you are not the legitimate owner or manager of the domain, it will be difficult to send an email that has a different IP than the one published in the DNS zone by the legitimate owner or administrator. It is also a good way to limit the phenomenon of phishing.

5. DomainKeys Identified Mail (DKIM)

DomainKeys Identified Mail (DKIM), if you can do it, implement it on your mail-server and e-mail domain because this mechanism for verifying the origin of the sent mail is the one that, if used by the recipient, guarantees the delivery of your mail message. electronics. How does it work? Simple, imagine that you have a real digital signature configured on your mail server and that this signature is encrypted and then split in two in order to have a public and a private key. The key will be published in your DNS zone, available to everyone and in any case encrypted, the private key will be sent every time you send an e-mail. If the receiving server has DKIM active, it will receive your key, query your DNS, merge the two information and validate that the signature is yours, with no room for error. DKIM drastically cuts down the chances, practically nullifies them, that someone can send non-certified emails on your behalf, whether they are spam, malware or phishing and spoofing. Today the most popular commercial or free e-mail systems use this powerful protection system.

6. Domain-based Message Authentication (DMARC)

The Domain-based Message Authentication (DMARC) is an evolution of the two previous systems, the DKIM and the SPF, and in the same way it performs further checks on the email sent, and in particular that the sender address has not undergone any changes , but not only, it also verifies that communication and attachments have not changed (spoofing). You know when you receive a message from yourself but then in the Internet Headers you see that the real sender is an address unknown to you? Writing to you with a friend's e-mail address or with your own can bypass the spam filter which does not block known or owned domains but does not deceive the DMARC.

7. The reputation of IP and domains

As we said above, by now the IP classes and the public addresses themselves have left traces on the Internet, that is, they have their own negative or positive reputation. It is monitored on a global scale by companies, which then resell or provide such data to the main e-mail services, but they are also partially accessible for free.