What we do to ensure our email deliverability remains high
Getting emails to inboxes is not easy, spammers are innovative and there are no fool proof methods to ensuring every email lands correctly. The big inbox providers have a myriad of methods and approaches to filter out spam from ham that we watch closely.
Here's an explanation of some of the methods we use to keep our reputation high and ensure our customer's emails get delivered.
When an email comes from an OhMySMTP server that is flagged as spam, the reputation of everyone sending with OhMySMTP is impacted. Luckily we have several elements in place to help stop spam on our platform.
Many providers let spammers sign up and send thousands of emails, for free! With OhMySMTP, everyone sending is a paying user, and that dramatically reduces the volume of spammers.
Some providers don't check that the signing up account actually has authority to send emails on behalf of the domain. We enforce this by validating ownership over DNS during the account setup.
We use Rspamd to filter every email sent through ohmysmtp. Our filters are aggressive and we use the built in Neural network module to learn from spam we see in the wild.
We support attachments, but we only support a subset of file extensions (details in our docs), and virus scan them before sending. This significantly reduces the risk of dangerous files being sent through our service.
Some providers let you put different headers into the email that can mask where it has come from. We don't allow custom headers and rebuild the full email when sent through our service, so it always completely and fully originates from our servers.
We manually review all new accounts, and actively disable any we think could be potential spam accounts.
Spammers rarely do all the things that "real" senders do. There are a bunch of written and unwritten rules an email server needs to do to fit in with the crowd, and keep deliverability high:
How you react to SMTP responses is important. We parse each response and categorize them, taking action as appropriate. Sometimes this means manual intervention, in other situations we automate the expected behaviour. We handle 4xx errors (where we have to to retry sending the email every X minutes for up to three days), and we handle 5xx errors, where the server is telling us to stop sending and hard-bounce the email. For any hard bounces we automatically add them to a block list and do not send any future emails to this address. Our users can remove emails from this list manually if they are confident the issue has been resolved.
From a deliverability perspective, the most common (especially for low volume senders) is a Greylisting response. The server is asking us to wait and resend again in a few seconds or minutes. We must back-off and send again, ideally with an increasing time between each resend. We handle this transparently for all our customers.
Sometimes an email will be accepted, but the server will later find out it cannot deliver it. The server will then send a bounce response via email to the `ReplyTo` address. We pick up these bounce reports, parse them and take appropriate action on behalf of your users.
All our IP addresses have been warmed up to a sufficient volume over an extended period of time. We rotate new IPs into our test pool and warm them up very gradually, before making them available to our customers.
There are various checks that servers perform to validate the originator of an email, including DKIM, SPF and DMARC. Unlike other providers, DKIM is hard requirement to use our service. Out of the box we pass all SPF checks, and you can also enable DMARC support by completing the "Advanced Verification" section.
We support TLS 1.2+ to ensure your emails are sent between SMTP servers with transport level security.
Feedback Loops are a mechanism to give email providers and large senders a notification when a message is marked as spam by end users. We're registered for them, and handle any reports or complaints that come through the FBL.
Unless you're sending 250k+ emails/month, from one domain, in a consistent pattern, having a dedicated IP address will hurt your deliverability. This is because your volume will be too low to build a good reputation. Most email providers will offer dedicated IPs at a very high price - it's rarely worth it, so we don't offer it at all.
There are a bunch of things our users can do to help with their specific emails, things like link shorteners, html emails with only images, blocklisted domains in the email content etc. can trip spam filters. We actively review our outgoing spam scores and contact our users if we can help them improve.
We run monitoring and anomaly detection on our systems, automatically searching for things like:
Additionally we manually review accounts regularly and monitor external blocklists and deliverability ratings for our IPs and domains. There are even some whitelists that our IPs are on.
As you can see there's quite a lot here, and this is by no means an exhaustive list! If you'd like us to handle all of this and more for you, sign up for an account at OhMySMTP.com