How to stop your important business emails going to spam folders
Are you having trouble with clients and suppliers receiving your emails, or maybe you are wondering why emails from clients and suppliers are going to spam?
The answer is simple and twofold, it’s either because your DNS data is ill-configured, or more than likely you are making common mistakes that are causing your emails to get flagged as spam.
In this blog post, we want to show you what’s happening in email security and why the game is changing and what you can do to create better emails that land correctly.
Contents
What’s changing with your email spam filters and why
How to make your important business emails more deliverable
How email authentication works
How to configure your DNS correctly for better email deliverability
How to format your email for better deliverability
How Westway IT can help you configure your business email accounts for success
What’s changing with your email spam filters and why
Cybercrime has exploded since the pandemic, according to Interpol and criminals are using the fear and uncertainty of Covid, the recession and political unrest to exploit their victims. If we think about it it’s easy to see where business owners and employees are falling into the traps that hackers are leaving them if their minds are elsewhere.
From April 2021 to March 2022 the office of National Statistics reported 4.5 million fraud attacks, a rise of 25% from pre-pandemic times. Two-thirds of these attacks were online phishing scams committed by email, social media or text messages. Most hits were users between the ages of 25 and 44, who lost personal identifiers that led to bank or credit account fraud and customer or retail fraud.
As a result of increased threats, email providers like Microsoft are taking the lead to improve their email security.
In Microsoft’s own research around the pandemic, they found that 62% of security professionals including SOC Analysts, security admins and CISOs reported more phishing email campaigns during this period. IT professionals went on to say that they believed security issues increased as concerns appeared to be related to downloading content and accessing work information on remote, private WiFi networks that may not be as secure as work connections.
Whilst some of these situations may be avoided now that IT professionals and staff are back in the office, post-pandemic, Microsoft recognised that the cost to business each year (reported by IBM as $4.65 million, or £3.75 million in 2022) was rising and so made steps to improve their email defence systems.
At the same time, email hosts also recognise that businesses are operating differently than they were pre-pandemic. Most businesses now offer a wider range of device options for employees to use in hybrid working environments. This means that changes are not just about filtering our cybercrime, but also about device protection.
This is where AI comes in. If we look at Microsoft’s email security protection software, Exchange Online Protection, which comes as standard, we can see they have improved it to include updates on known threats. For 365 premium users, there is the new Safe Links, which filters highly suspicious emails to a sandbox for security administrators to manually filter. This human-operated approach to enhancing security creates a safer environment for businesses still.
But that doesn’t stop spam from getting in and it also increases the risk of poorly set up emails going to spam folders.
How to make your important business emails more deliverable
As we mentioned earlier there are two reasons why your emails are not delivering as they should; firstly your DNS data is ill-configured, or secondly, you are making common formatting mistakes.
Before we fix that, let’s look at how email authentication works.
How email authentication works
When you send an email, the server you send it from signifies the legitimacy of your email to the recipient’s email server (which can be configured in your DNS settings). Security software filters out anything that doesn’t have a validated or approved server as the host of that sent email.
There are two common types of email authentication
Sender Policy Framework (SPF)
Domain Keys Identified Email (DKIM)
Sender Policy Framework (SPF) was developed in the early 2000s and as a method of authentication uses DNS records to identify verified sources. It looks something like this.
Domain Keys Identified Email (DKIM) authentication is a method that includes a private digital key signature along with DNS record verification to match a public key record - an extra layer of security.
It’s a bit like saying to your sender, “Here’s my email and here’s my digital signature to say that my email is verified, unaltered and sent securely from my domain.”
How to configure your DNS correctly for better email deliverability
To configure your DNS records you need to authenticate your domain. Depending on your provider the process will look different, but essentially you are looking to
Head to your domain provider’s dashboard
Check that you have your domain authenticated
Record your DNS record details
Log into your email provider
Add your DNS record details
You will need to contact your email provider or IT professional if you are finding it hard to locate your DNS records for SPF and DKIM keys.
How to format your email for better deliverability
Email security isn’t just looking for authentication passes anymore, instead, it is looking for indicators within an email. Let’s run through some formatting issues that might be causing you problems.
Start using named email addresses - generic emails, like info@, accounts@ score less on email filters, whereas genuine names pass as more authentic email addresses. Consider using a combination like “SallyP@yourbusinessname.com” for your employee emails. You’ll find it also helps build trust among customers and suppliers too.
Don’t use forms or tools that spoof emails - The user’s SPF will likely make your form email fail. Instead, forms should be sent from a service account, as we detailed above. Your form’s reply-to function should also be set to the person who submitted the form.
Make sure your body, attachments and links include a human interaction element - Security filters are crawling emails to look for human interaction, context and spam indicators. This means avoiding spam words and phrases and always showing a meaningful reason for connection - no more empty emails!
Avoid bare emails with very little text or no unique details - if your recipient’s server cannot identify who you are or what you are sending they will likely mark your email as junk. Make sure you add email titles, add some personalised content and provide context for the email.
Make sure you name files accordingly - if you are attaching a file, make sure it makes sense to the email title and body. Again this shows a need for that file inclusion within your email. Never send Macro files - Macro files are software files that have the potential to change software on a recipient’s computer. Sending these will likely get you blacklisted very quickly. Instead stick to common file types, like PDF, doc, xls, csv, ppt, etc.
Never mass send emails from your email address - if you are emailing clients reminders or generic mass emails, then you must use a CRM, like Mailchimp, Active Campaign, Hubspot, etc. These platforms have better sending limits than business email systems which have considerably lower send limits.
How Westway IT can help you configure your business email accounts for success
As Microsoft partners, Westway IT is in a unique position to be able to help you implement M365 and other Microsoft software across your business and its devices. We are specialists in handling sensitive data, as many of our clients’ industries have regulatory requirements.
We have seen many of our clients through the Pandemic and everything the dark web has had to throw at them, so we understand the importance of multiple-device handling and hybrid-working protocols.
Your business emails are crucial. They aren’t just tools for communication, they are instruments that help you deliver work, secure payments and manage client relationships. It means that having each of your emails arrive exactly when you want them to, and to whom you want them to arrive is vital.
If you need help with email deliverability book a 15-minute consultation.
John Fisher
Meet John Fisher, founder of Westway IT, passionate about helping businesses thrive with technology. With a BSc in Computer Science, he values integrity, education, and quality relationships. Active in The Tech Tribe and CompTIA, John simplifies IT and creates scalable strategies. Connect with him on LinkedIn.