Had an exchange of emails with someone, around 4-5 back and forth emails. He then told me that my last reply never arrived. When I forwarded that email again to him, he told me that actually the original reply arrived but landed in spam… he checked it after I forwarded the initial reply.
It’s not critical or even a super important conversation but I think he lied to me. Is there any chance that a reply lands in spam if the last 4 mails in a thread arrived without a problem?
The emails were sent from a custom domain, using Office 365 Business. I have that email address for more than 6 years and I never had a problem with my emails landing in spam or never arriving. It’s the first time I am hearing about it but I think he is duping me.
Edit Thanks all for the replies, it’s good to know that it can happen.
Yes. It’s happened to me and it is a head fuck. The email was from a business with a perfectly legit email address.
You haven’t mentioned what email provider they’re using. That matters a lot. Not all providers have smart filter. No need to attribute to malice what can be explained by reason.
Yes, and even more chance of that happening today than 5 years ago. Reason: because of the modern day prevalence of the ‘fake reply’ SPAM and Phishing emails. Spammers and phishers are now drafting fresh messages mocked up to look like replies in existing email threads…older spam detection used to let these types of messages slip through because they thought they must be legitimate replies, and so naturally spammers started exploiting that to slip past detection. Modern detection no longer gives apparant replies a free pass.
Absolutely. Ask Apple. Even the “VIP” all end up in the spam folder all the time too, and there’s no way to tell it “this isn’t spam”.
Doesn’t moving to out of the spam folder tell it?
Unfortunately, no. There are a handful of emails, that no matter what I do, always go to the spam folder. I was told making them VIP would keep them out of the spam folder, but I can say with certainty that’s not true.
In my experience, yes. When I finally got the official job offer from a HR person I’d previously communicated with, the email landed in spam.
I had an email go to spam in the middle of a discussion with my insurance company. Even though I had already had 5 exchanges with them.
Yes. Email basically makes no sense whatsoever, it’s a rotten pile of hacks on hacks on hacks that’s been around for decades. Anything can end up anywhere.
To expand on what others have said, once you send the email, one of two things might happen:
1.) The receiving email server might report the email as delivered to the recipient, or
2.) Your email might get “bounced”, where the recipient is not notified of the email and the email is returned to you with a notice stating why the email was not delivered.
The second one is what happens if the email server is “sure” your email is spam. But even if the email is marked as delivered, that doesn’t mean it goes in the inbox. Secondary checks determine which box it goes in, and that box might be “Spam”. This secondary process is entirely internal to the mall provider, where the initial checks before delivery usually rely on a SpamAssassin instance.
Both are influenced by a number of factors, but the biggest are DNS (Domain Name Service) records on your domain which show you’re a legitimate sender. These are:
- SPF: Sender Policy Framework
- DKIM: Domain Keys-Identified Mail
- DMARC: Domain-based Messaging, Authentication, Reporting, and Conformance
A comprehensive explanation and guide can be found here: https://www.dmarcly.com/blog/how-to-implement-dmarc-dkim-spf-to-stop-email-spoofing-phishing-the-definitive-guide
But the short of it is that if your SPF or DKIM are wrong or missing, your emails are much more likely to be rejected or to land in spam. You won’t lose points (yet) for not having DMARC, but if you have SPF and DKIM set up correctly it gives about 10% better chance of being delivered (but it may not affect whether you get to the inbox, depending on those secondary checks).
You can use https://mail-tester.com to check for these and other issues that would stop your emails getting to the inbox. Don’t worry about “reverse DNS” not matching, or if it says you don’t have an “unsubscribe header”. RDNS can’t be expected to match anymore and I don’t think it’s a good spam indicator. Unsubscribe headers are only for mailing list emails, so if you’re not testing a marketing email from somewhere like MailChimp then you won’t have an unsubscribe header. Finally, being on SORBS is not the end of the world, and blacklists generally can be ignored unless your email provider is small, or if you run your own server.
Finally, don’t ever think “it’s been working fine so it shouldn’t stop working now”. SPF and DKIM weren’t necessary five-ish years ago, now they’re mandatory; DMARC itself hasn’t been taken very seriously to date but Microsoft just recently announced they’re actually going to start paying attention to it. On top of standards changing, unless you own and run the email server in your dwelling, you don’t have the control necessary to say “nothing has changed”. Microsoft can and does change their system constantly behind the scenes: applying patches, updates, retiring old servers and configuring new ones into the cluster, and so on. What was is not relevant; you can only look at what is, and fix that.
Wow! Thanks so much for the detailed response. I remember I tried mail-tester some time ago, I tried it now it gave me a 7.9/10
SpamAssassin. Score: -2.1.
-0.1 DKIM_SIGNED
Message has a DKIM or DK signature, not necessarily valid This rule is automatically applied if your email contains a DKIM signature but other positive rules will also be added if your DKIM signature is valid. See immediately below.
0.1 DKIM_VALID
Message has at least one valid DKIM or DK signature Great! Your signature is valid
-0.001 HTML_MESSAGE
HTML included in message No worry, that’s expected if you send HTML emails
-0.1 MIME_HTML_MOSTLY
Multipart message mostly text/html MIME
-1.985 PYZOR_CHECK
Similar message reported on Pyzor (https://www.pyzor.org) https://pyzor.readthedocs.io/en/latest/ Please test a real content, test Newsletters will always be flagged by Pyzor Adjust your message or request whitelisting (https://www.pyzor.org)
0.001 RCVD_IN_MSPIKE_H2
Average reputation (+2) xxxxx listed in wl.mailspike.net
0.001 SPF_HELO_PASS
SPF: HELO matches SPF record
0.001 SPF_PASS SPF
sender matches SPF record Great! Your SPF is valid
This is the other part of the test with yellow checkmarks.
You’re not fully authenticated
[SPF] Your server xx.xxx.xx.xx is authorized to use mail@xxxxx
Your DKIM signature is valid
You do not have a DMARC record You do not have a DMARC record, please add a TXT record to your domain _dmarc.xxxx with the following value: v=DMARC1; p=none
Your reverse DNS does not match with your sending domain.
The rest seems to be green except for the List-Unsubscribe header but I do not send newsletters.
My pleasure! I am somewhat versed so I’m happy to spread the knowledge where I can 😊 Microsoft does typically set up SPF and DKIM automatically for new accounts, but a small handful of my customers with legacy GoDaddy accounts that got switched to Office 365 found that it wasn’t enabled for them, for some reason. Probably a migration issue at GoDaddy.
Looks like it’s working just fine for your tenant though, and the rest of the test looks good. Pyzor would’ve triggered 'cause it was a short or empty test message - like the tester noted, test with real content to avoid that, but for now we can just ignore the ding, so you effectively have a 10/10. Nice 👌
It’s an unfortunate truth that there is no power on earth that can guarantee you stay out of the spam box. But, your domain and email are in good enough shape that you will pretty much always get delivered, even if sometimes that delivery is to Spam. You (or the person you were emailing) with might be able to harangue the receiving email provider into refactoring their sorting though; I’m sure your recipient doesn’t want their important emails going to spam, either!
Thanks so much! Well after a few days, I think that person lied to me and I don’t think anything landed in his spam. I think it was his way of getting out of something. Anyway should I also go ahead and do a DMARC record or is SPF and DKIM enough?
I’d recommend DMARC, sure - every little bit helps! But only because your SPF and DKIM are already aligned.
If you want me to check your work, shoot me a DM with your domain and I can take a look after you’ve done it with something like https://mxtoolbox.com (bookmark that one too, it’s good for checking your records after an edit to make sure the edit went live - just give it up to 72 hours). Or, a screenshot of the settings you’ve entered for the record, and I can validate for you (or mark it up to show changes if they’re needed).
Wow this is invaluable, I would love to do that and contact you. I am in a busy period so that’s why it took longer to respond. I will most likely make the changes in 1-2 weeks. Is it ok if I DM you in 2 weeks or whenever I made the changes? Thanks!
No troubles, I’m no stranger to busy stretches myself 😊 I’ll keep an eye out for your message.
It shouldn’t, but it can, had it happen a bare handful of times but it’s really rare.
Yes, but the mail provider/software you’re using and a bunch of other variables do play the role in this equation.
A suggestion: to confirm it, have a test conversation with somoene and mark the last message as SPAM, to see how your environment is going to react.
Absolutely NEVER mark anything from an online email provider you want to keep as spam. They use shared systems, it’s not just spam for you, but potentially for everyone on that email provider. That’s one way to protect people from receiving spam, 100 users marked that same newsletter email as spam? Alright, the newsletter will go to the spam folder for the next 20k users.
If you mark legitimate emails as spam for fun you’re fucking up the system (and give the sender a massive headache if suddenly every @gmail.com receiver puts their emails into the spam folder).
Absolutely NEVER mark anything from an online email provider you want to keep as spam.
Set up temporary email account for the purpose of test, write to yourself, mark as spam, check how it works, forget about it.
Done.
Best case: This achieves absolutely nothing.
Worst case: Your ‘temporary’ email account gets banned for spamming (new account, first email sent is marked as spam by receiver). Then your original email account is banned too for ban evasion (same IP, same browser fingerprint, they know it’s you).
Just don’t mess with the spam filters on a server that doesn’t belong to you.
You shouldn’t be working in IT. If you do, then your salary is wasted.
Ah well, I have plenty of uses for my salary. Though I’m a software developer, so that’s more like ITish.
I also run my own mail server with a self-learning spam filter, so I know how easy it is to mess that one up.
You totally shouldn’t work in IT and if you do, it’s a waste of money.
my own server
Turnkey > download relevant ISO > auto-install on some computer > set up basics and an admin account
Woooooooooooooooooow, what a flex. You should definitely think about Silicon Valley startup with that experience of yours…
deleted by creator
Absolutely yes. Even if you have marked all their previous emails as non-spam manually.
Email needs to change. It’s incredibly insecure and the volume of spam/phishing/scams is overwhelming. Most people will not notice this, but if you open a couple of domains or work at a company that has secrets worth getting at, you’ll notice how bad it is.