Not much is known about how Gmail handles spam. So it is no wonder that we receive a regular stream of posts in the Gmail Help Community asking about various aspects of Spam. A few common questions would be:
- Why is only Gmail flagging messages from me as Spam?
- My domain was used to send out spam in the past but we have removed that address and changed other details. We are no longer being listed under any blacklists. So, why are emails from our domain still being marked as spam?
- Please whitelist our domain.
- Spam filter sending messages to other category tabs instead of Primary.
- My messages to Gmail are not being delivered.
- Gmail has suddenly started marking emails from my domain as spam.
This blog is divided into three sections:
Understanding Gmail's Spam Handling
Gmail uses multiple data points (or signals) to identify messages - such as their own algorithm, information from reputed blacklists, crowd-sourcing and user preference. Based on their assessment, Gmail may decide to include extra info next to the sender’s name in the message, collect the message under Spam or deny delivery of the message altogether.
So what exactly does the above mean? In Gmail's words, a message might be blocked (or considered Spam) if it contains suspicious-looking or spammy text or if the sending IP(/server/domain) has had a history of sending unsolicited messages and that's a whole list of things to look at and figure out should this be happening with your domain.
To rule out "suspicious-looking or spammy text" you should look at the content of the mail. There are a number of ways a sender can inadvertently confuse Google's automated spam filter: by sending a suspicious-looking or spammy text, images or common links or by sending emails Cc/Bcc'd to large numbers of recipients ("bulk mail") to send out newsletters, invitations, etc. Since spam is sent to many recipients or any other behavior which may mimic that of a spammer, the spam filter is slightly more likely to confuse bulk mail with spam. Check your emails, both body and signature, for spammy content e.g. lots of exclamation marks; "must read"; attention-getting, large and/or gaudy colored text; text the same color as the background; tiny text; [almost] zero height images; links hidden under text, images or links with a different URL; etc. All or any of these may cause Gmail to mark your emails as spam.
With regards to the signature, ensure it is a simple one as a long signature containing details like phone numbers or email addresses, or signatures with pictures or links to websites or social media pages often causes the message to look like spam. So if you are sending out messages to Gmail recipients with an elaborate signature, and getting your emails flagged as spam, check if simplifying your signature to a short, text-based one or eliminating it brings you better results.
With regards to the signature, ensure it is a simple one as a long signature containing details like phone numbers or email addresses, or signatures with pictures or links to websites or social media pages often causes the message to look like spam. So if you are sending out messages to Gmail recipients with an elaborate signature, and getting your emails flagged as spam, check if simplifying your signature to a short, text-based one or eliminating it brings you better results.
The other cause is that the sending IP(/server/domain) has had a history of sending unsolicited messages either due to the mail server been hacked and used to send out spam or lacking implementation to adequately identify and authenticate emails sent from your domain (SPF, DKIM, and DMARC among others) or if the sending server is running in a shared web hosting environment where other domain users may get a chance to influence the reputation of the sending server. If this is the problem, there's very little one can do about it, other than asking them to request the host to move that account to a different server.
Other activities such as your domain being listed as unsafe with Google Safe Browsing, sending out sample phishing messages or test campaigns from your domain, or impersonating another domain or sender without permission can cause your domain’s reputation might be negatively affected, your domain could be added to internet blocklists, and Gmail to categorize the messages as spam
Other activities such as your domain being listed as unsafe with Google Safe Browsing, sending out sample phishing messages or test campaigns from your domain, or impersonating another domain or sender without permission can cause your domain’s reputation might be negatively affected, your domain could be added to internet blocklists, and Gmail to categorize the messages as spam
Additionally, Gmail also puts emphasis on the reputation of the sending server based on how Gmail users may have interacted with messages from that domain, that email address or with messages containing similar text, links, and images. So, user action (or crowdsourcing) can impact both aspects of spam detection - what Gmail considers as suspicious-looking or spammy text, images, and links and which domain is sending them.
At times, using the googlemail variant of your Gmail username as a "Send mail as:" alias may trigger the Spam mechanism. So, please check that possibility as well.
Finally, the Spam team in Google is known to make frequent updates to how spam filtering works in their effort to make it a more efficient system and to counter activities related to spamming, spoofing, and phishing. So, it could also be a recent update causing this issue for you.
How to approach resolving your issue
The first suggestion would be to look at the message from Gmail. In Gmail, there is a banner above that message explaining why the message was flagged as spam. Here are a few examples:
Besides the detail offered in the overhead banner, you can also click on the "?" icon at the bottom-right to read about those reasons in detail.
The Prevent mail to Gmail users from being blocked or sent to spam article is possibly the only source of official information that lists recommendations on how an external domain sending to Gmail recipients should best set up their credentials. Pay careful attention to all suggestions included there (particularly those relevant to your issue) and implement them.
Among other things, check regularly to make sure your domain isn’t listed as unsafe with Google Safe Browsing. To check your domain status, enter your domain in the Safe Browsing site status page. Also, check any domain that’s linked to yours.
Among other things, check regularly to make sure your domain isn’t listed as unsafe with Google Safe Browsing. To check your domain status, enter your domain in the Safe Browsing site status page. Also, check any domain that’s linked to yours.
Don’t send sample phishing messages or test campaigns from your domain. Your domain’s reputation might be negatively affected, and your domain could be added to internet blocklists.
Don’t impersonate another domain or sender without permission. This practice is called spoofing, and it can cause Gmail to categorize the messages as spam.
If you happen to send out a fairly large number of emails to Gmail users, I would also suggest you to use this Postmaster tool to help locate the issue: Be a better sender. For information related to it, you can peruse the following help articles:
Use these links to (1) troubleshoot and (2) report this issue to Google.
It is important to bear in mind that when a domain is used to send out spam, it suffers a reputation hit with Gmail which may take some time to get restored because Gmail usually follows a wait-and-watch policy to confirm that the changes introduced are not temporary. It also becomes extra mindful about ensuring the domain in question is following their guidelines. So, do not expect an immediate change of things.
Answers to the FAQs
- Why is only Gmail flagging messages from me as Spam?
It could be simply because of how Gmail tends to identify incoming messages. Contact the recipient to obtain the reason Gmail assigns for flagging your messages as spam and refer to the details included in the second section of this blog on how to approach resolving it.
- My domain was used to send out spam in the past but we have removed that address and changed other details. We are no longer being listed under any blacklists. So, why are emails from our domain still being marked as spam?
As I have mentioned, do not expect an immediate change of things as Gmail usually follows a wait-and-watch policy to confirm that the changes introduced are not temporary. Review the Bulk Sender Guidelines and use the troubleshooter links to ensure things are in order and keep at it. Users have often mentioned in the community about 2-4 weeks waiting period before noticing a positive change.
- Please whitelist our domain.
Gmail doesn't have a whitelisting policy. Whitelisting in Gmail parlance ensures a guaranteed delivery to a user's inbox, which Gmail is unable to promise prior to their assessment of the received message. All incoming messages must go through Gmail's assessment of them before being delivered as determined by the system and any user preference indicated through filters and Gmail settings.
- Spam filter sending messages to other category tabs instead of Primary.
This is not an issue related to the spam filter. The various inbox categories - Primary, Social, Forums, Promotions, and Updates collectively make up the inbox. So, in essence, the emails are being delivered to that inbox, just not under the right category.
To correct, the recipient can just drag and drop one such message from the wrong category to the Primary and click Yes on the confirmation black box for all future messages.
Otherwise, the surest and quickest way to customize it to your liking would be by creating a filter. Sign in to your account from a desktop browser and open one such email from that sender, click on the 3-dots (more) menu at the right side, click on "Filter messages like this", click on Create filter, Categorize as <Primary>.
You can also apply the filter to other matching messages. This overrides the default Gmail classification to place messages from that sender to where you specify it to be.
- My messages to Gmail are not being delivered.
You would need to look at the bounce-back message for the exact error message included therein. Subsequently, review the Bulk Sender Guidelines and use the troubleshooter links to ensure things are in order and keep at it.
- Gmail has suddenly started marking emails from my domain as spam.
It could be because of how Gmail tends to identify incoming messages or due to any recent changes implemented by the team. Contact the recipient to obtain the reason Gmail assigns for flagging your messages as spam and refer to the details included in the second section of this blog on how to approach resolving it.
For years my gmail account which I use for business messages (I'm a freelance writer) has had the URL to the magazine I write for at the bottom of my sig line. Suddenly, this month, other gmail users that I write to are telling me they are getting that ugly yellow warning message that says Warning, gmail can't verify that the message actually came from me. People not using Gmail are not getting that message. So Gmail did something to cause that and I don't know what it is. I read your blog and removed the URL from the bottom of my sig line and I also removed my Gmail address from the sig line. Immediately one of the gmail recipients reported the ugly message was gone. So it worked, and thank you. However, I want to complain that I need that URL so people can look up the magazine I write for! The domain is the magazine's domain, which I will not include here. I guess I will try putting the URL elsewhere but it will look pretty silly to have it included in the body of my messages.
ReplyDeleteThank you for letting me know the suggestion worked!
DeleteAs for your complaint, can you please check if replacing your signature with a Canned Response (Template Response) works and post an update?
This should be the sequence of steps:
1. Create and Save a Template Response in Gmail (You can follow the suggestions included here - https://blogs-on-gmail.blogspot.com/2019/05/canned-responses.html) with content that you would include in your Gmail signature.
2. Select the No Signature option for new emails or if convenient you can remove the signature from Gmail altogether.
3. Type your business message as you normally would.
4. At the end, insert the previously created and saved Template Response.
5. Send your email.
But I am using Apple Mail on my computer - the sig line is one that I created in the app's preferences section and appears on all my emails sent under the particular gmail address we are discussing. Isn't that a template?
ReplyDeleteYes, and my bad. I assumed you are using the Gmail web UI.
DeleteOne other thing - when I wrote to the person who told me the message was gone, I included an example of a made-up URL in the body of the email. She promptly wrote back and told me the message was back! So apparently I cannot include *any* URLs in my message no matter where they are placed!
ReplyDeleteNo, I never use webmail. So any thoughts about my having put a fake url into the body of an email after having removed the one from my sig line, and having that warning come back? I just don't know enough to work this out for myself. Could it be true that gmail to gmail users now need to remove ALL urls from their emails ? I mean you could fake it by writing dot before com, but I don't particularly like that because readers can't just click on the url I send them - for example, a url to a specific story they may want to see.
ReplyDeleteCould it be true that gmail to gmail users now need to remove ALL urls from their emails ?
Delete-- No. However, the reputation of the link/site and how the users have previously interacted with it matters.
Can you help me with the exact error message the recipients' receive? Is it the same for everyone?
Only 2 people have reported it to me so far. Both use gmail. It is the message you have in your post, the yellow one that starts with Warning.
ReplyDeletePlease check if there is any text, image, links included in your messages, quoted texts (previous messages), or your signature causing this. Typically, check the hints mentioned in the paragraph that begins with "To rule out "suspicious-looking or spammy text"". Also, I have previously searched for details on this issue, and noticed that the following (not an exhaustive list by any means) may trigger such alerts:
Delete1. If the web link details on Spam content including asking for personal/confidential information of the user, or get rich schemes.
2. If the link includes any phishing information that asks for usernames/passwords/ social security numbers/credit card details.
3. Messages sent from accounts or IP addresses or servers that have sent other spam messages.
4. If the email/domain is unauthenticated.
5. Broken URLs
6. Blacklisted Domains
7. Not maintaining a proper WHOIS registry for your domain
8. Seeking subscribers' personal information
9. Shortened URLs from public services
10. Include URLs with multiple redirections
11. Cases where words like "Access Account" has a link pointing to a public URL.
Finally, ask the recipients to click on the "Looks Safe" button. It helps to improve the reputation of your email address and trains the Gmail algorithm to not commonly show warnings for emails from you.
I am unable to send emails from my domain to Gmail users. Two weeks ago, an email user account under my domain was compromised and used to send a large number of spam emails randomly. I receive the following message every time I send an email to any Gmail user:
ReplyDeletecss
Copy code
Action: failed
Final-Recipient: rfc822;shXXXXXXXXX@gmail.com
Status: 5.0.0
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 550-5.7.1 [110.1XX.XX.XX 19] Our system has detected that this message is
550-5.7.1 likely suspicious due to the very low reputation of the sending
550-5.7.1 domain. To best protect our users from spam, the message has been
550-5.7.1 blocked. Please visit
550 5.7.1 https://support.google.com/mail/answer/188131 for more information. s8-20020a656448000000b005b958401e4fsi1160711pgv.418 - gsmtp
Can anyone let me know how long it will take to rebuild my domain's reputation? There is nothing wrong with my email authentication records, as suggested by Gmail policies, that I need to correct.
You need to ensure you comply with the guidelines here - https://support.google.com/mail/answer/81126?hl=en. Once you have ensured that, you need to wait for the necessary period for the improvement in the reputation of your domain with Gmail, whereupon, you will see the desired result. As mentioned in the blog, there is no fixed period of time for this to happen as Gmail follows a wait-and-watch policy.
Delete