Outgoing Anti-SPAM Protection


Introduction

This article contains the best practices for sending outgoing email from your server.

These practices must be followed so that your emails do not get filtered, blocked, or marked as spam by OVH or other anti-spam organisations.

For every IP available with OVH products and services, as an internet service provider, OVH will register and reserve it with organisations such as RIPE or ARIN. This means that we appear as the IP abuse contact for litigation in the WHOIS database. If an IP is reported to organisations such as Spamhaus and SpamCop, which work to combat spam, malicious websites and phishing, then the reputation of the entire OVH network is affected.

Note

OVH Anti-SPAM system is based on Vade Retro Anti-SPAM technology. It is not possible to get a whitelisting (Ex: a filtering exclusion on a server).

RFC and Best practices

Note

RFCs (Request For Comments) are documents intended to describe technical aspects of the internet. They are produced and published by the IETF (Internet Engineering Task Force), a group which basically produces and defines standards.

For more information, see: RFC, IETF and Internet Draft.

Best practices are recommended procedures which are often based on these documents and are intended to advise you on the best way to proceed in order to avoid your emails being marked as SPAM.

Sending Volume

If your outgoing email volume is very high, you are advised to:

  • Reserve an IP block dedicated to email usage only
  • Add an “abuse” email address on the block information to receive complaints
  • Configure reverses on all IPs correctly

This operation will enable you to simultaneously isolate the IP and domain reputation if you send emails for various domains, to receive the complaints, and thus do what is necessary to get unblocked by various organisations. It also enables you to locate a problem faster, as the emails are not sent out from the same IP and don’t have the same reverse.

Email Content

  • Avoid using common spammer keywords in your emails such as “buy” and “last chance”, and avoid capital letters, impersonal subjects, exclamation marks, and % discounts.
  • Don’t forget to provide an unsubscribe link for people who have not requested to receive your email.
  • Be particularly careful to ensure that your emails contain the sender’s address (or an alias), a subject, and a correct ratio of text/images/links in the body of the message.

Warning

The text/image and text/link ratio must be high. Avoid overloading the email with hypertext links and avoid Javascript.

Feedback Loop (FBL)

This system will enable you to follow up on feedback provided by some internet service providers directly, informing you that their users have marked your message as illicit, and that it has thus been classified as spam.

This will enable you to interact with these ISPs directly concerning your reputation. Here are some FBLs:

Authentication

Some authentication services enable you to protect your reputation:

Unblocking Procedure

Via OVH Manager

Go to the OVH Manager and click on the IP section in the left menu.

_images/troubleshooting-antispam-managerv6-1.jpg

Manager IP Section

When an IP has been blocked for spamming, you will see an alert:

_images/troubleshooting-antispam-managerv6-2.jpg

Manager Anti-SPAM alert

Select the relevant Server/Service:

_images/troubleshooting-antispam-managerv6-3.jpg

Manager Server/Service select

Then select “Anti-SPAM”:

_images/troubleshooting-antispam-managerv6-4.jpg

Manager “Gear icon” menu

Finally click on “Unblock Anti-SPAM”:

_images/troubleshooting-antispam-managerv6-5.jpg

Manager unblock Anti-SPAM

Note

If you want the list of message-IDs detected as spam, click on Details.

[1]An email authentication technology developed by Microsoft which validates the authenticity of your domain name by verifying the IP address of the sender. This technology is based on the IETF standard: RFC4406
[2]Sender Policy Framework is a standard for verififying the domain of the sender. It is based on RFC4408 and consists of adding an SPF or TXT field to the domain DNS, which contains the list of IPs authorised to send emails from this domain.
[3]Reverse enables your IP to be “translated” into your domain. That allows the domain associated with the IP address to be found.
[4]DKIM This standard is described in RFC4871. AOL, Google (Gmail) work on this basis. Official website: DKIM