avoiding spam filters
blog

Avoiding Spam Filters

So, I let Alert Ferret out into the wild recently and found that email from it was being caught in spam traps of both Google Mail and Hotmail.

I spent some time talking to people on the bitfolk user’s mailing list and a couple of sysadmin friends to figure out what was going on.

There were two things that were definite problems for the systems and I’ve described them below.

SPF / IPv6

I set up SPF records a while ago, maybe a few months, when I got the Alert Ferret domain and rejigged my exim config to allow me to add email domains to my server by just having config files added by puppet.

What I did not realise is that my server would attempt to contact other people’s servers using IPv6, I was not aware that I could contact servers over IPv6 outside of bitfolk’s borders.

I have not been keeping up with IPv6 rollout/adoption so this is my bad I guess.

Since there are no AAAA entries for my machines when my exim server spoke to Google’s mail servers it failed the SPF test and got canned as spam not ham since the IPv6 address my machine is on is not allowed by my SPF entry.

Fair enough.

Current fix is to stop exim using IPv6, I now need to go and look at my machines IPv6 setup at some point.

This would not, I assume, have been a problem if I were using a 3rd party email provider like Sendgrid/Mandrill but the fix is pretty easy.

Reply-To

The alertferret.com domain is used by a little service I wrote which can send messages on behalf of the user.

The messages were taking advantage of “Reply-To” to ensure that if the recipient just hit “Reply” on their MUA the message would be sent to the user who created the message content, not the “noreply@alertferret.com” address used as “From” address on the emails.

Removing this stops the Google and Hotmail systems from canning the messages as spam.

This would not have been fixed by using a 3rd party email provider like Sendgrid/Mandrill.

Conclusions

I would like to be able to use “Reply-To” as it was intended, and I think my use is perfectly legitimate. The messages themselves make it clear that the message has been sent on behalf of someone else, and clearly states the person’s email address.

Unfortunately spammers have messed it up for everyone by making the “Reply-To” header a signal for spam.

I may have to add an auto-responder to the “noreply@alertferret.com” address to inform the person that they should maybe reply to the email in the message rather than the “From” address.


05 August 2013 - email spam filter spf ipv6 reply-to

There is currently no way to leave comments, but if you feel the need then email them and they will eventually, magically, appear...