A few spam issues - DomainKeys/DKIM, Reverse DNS for mailserver

Hi there,
I've been dealing with the common problem of having email sent from my website's server arriving in others' spam folders.

I have already set up SPF, and the headers in Gmail say that the email is already passing the SPF tests. We've set a pretty restrictive mask, not +all or something.

I've also enabled Apache as a trusted sender on our server to avoid the X-Authentication-Warning headers when we send email from PHP.

I am on a VPS and have dedicated IP addresses, although these were probably recycled.

Anyway, email is still ending up in Yahoo's bulk folder. I have neutral domainkeys headers in my Yahoo headers, as expected.

I'm trying to find other things we can do to prevent this... it seems with this problem that there are a patchwork of solutions and there is no silver bullet. I have a few questions I'd be obliged if you could help me with:

- Does Yahoo use DomainKeys or DKIM? Does it matter? [EDIT: The Yahoo blog implies that they now use DKIM.]

- Are there any resources out there with straightforward instructions for setting DomainKeys/DKIM up? It's a lot more complicated than SPF, and Yahoo doesn't provide instructions for this that I can find, even though they invented it (the SourceForge page states that it is "no longer actively maintained" (http://antispam.yahoo.com/domainkeys).

The best instructions I can find are at http://www.dkim.org/specs/rfc4871-dkimbase.html but it's not entirely directed at senders, and again, it's not clear if I should be using DKIM or DomainKeys.

- Any other tactics you can think of that I haven't already tried to get on mailservers' good side? I've seen warnings against using Sender ID.

EDIT: Also, the ReverseDNS for our IP points to our server's address within our VPS provider's network (fully-qualified domain name), but the MX records point to a mail subdomain, i.e.

mail IN A 12.34.56.78

Is that a problem?

Any thoughts out there? The instructions I linked to are actually proving pretty useful, but I'm still wondering about Yahoo using DKIM versus DomainKeys, and any other anti-blacklisting strategies you might know.

It's been suggested to me that I simply call Google, Yahoo, etc, and explain that I'm a legitimate sender, but I have to say that it doesn't sound promising .

psychoxl99:
From Wikipedia>
E-mail spam, also known as "bulk e-mail" or "junk e-mail," is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.[1][2][3][4][5] "UCE" refers specifically to "unsolicited commercial e-mail."

E-mail spam slowly but exponentially grew for several decades to multiple billion messages a day. Spam has frustrated, confused, and annoyed e-mail users. Laws against spam have been sporadically implemented, with some laws being opt-out and others being opt-in. The total amount of spam, over 100 billion a day today, has leveled off slightly in recent years, and is no longer growing exponentially. The amount received by most e-mail users has decreased, mostly because of better filtering. About 80% is sent by fewer than 200 spammers. Botnets, virus infected computers, account for about 80% of spam. The cost of spam is borne mostly by the recipient, so it is a form of postage due advertising.





According to the definition of SPAM, any e-mail could be classified as such.
Tools to stop it: Mainly send the mail to a Spam folder and let the user
reclassify the mail; specially when it is first time mail.
Finally, let me give you this real life example which truly surprised me:
had an account at gmail.com so I decided to get another account with yahoo.com and a third
account with hotmail.com
I sent, from my account at yahoo.com a mail with a 60kb attachment to my account at hotmail;
to my surprise it went directly to the spam folder, did the same thing with my gmail.com
account to hotmail.com and same thing happened.
The big ones do not seem to trust each other.
Another test: have been sending mail from my mail server to hotmail without problems; of course I have my spf records reverse and the rest of basic requirements; created a new account at my mail server and sent a mail to hotmail.com; again to my surprise it arrived at the Spam folder. Note: it was same mail server and same configuration but different user.
Statistics show a reduction in SPAM but at what cost?
I think that the word Spam has a true meaning that has been misinterpreted by most.
Let add this: To me, it does not make sense that a mail server at hotmail.com which is supposed to
verify all mail coming and going, to send a mail to a spam folder of a user.
Perhaps, they are telling you that a new sender is sending you mail, we do not have any experience
with it and so lets classify it as spam, so you may reclassify the mail and after that it
will be your total responsibility if this sender starts sending you unwanted mail every 5 seconds!.
finally I do not think that your mail server has anything wrong at all!.
Regards
Franco

You mention a problem when mail gets sent from your website:
1) If you directly email any of these users, does it still go to the spam/bulk folder? If not, then it may be a problem with your headers in the mailing script.
2) What scripting language are you using to send the mail?

As for your MX going to a subdomain:
mail IN A xxx.xxx.xxx.xxx

The above points the mail subdomain to that particular IP address.

You should have a seperate MX record listed:
domain.com. IN MX mail.domain.com

or something similar.

As far as domain keys and dkim, it's not necessary as of yet. You can still setup a server to send mail to yahoo and hotmail without it being delivered to spam/bulk folders.

@franco190453: Not sure what that long-winded response was really for. Email providers such as hotmail, gmail, yahoo, etc, all have certain spam filters and/or programs running to help cut down on spam. The filters for each of these providers is different.

I could create accts with each of them that would send any email from those accts to bulk/spam folders... but I can also create accts where they get delivered to the inbox.

There could be a variety of different things that influence whether they get sent to bulk/spam versus Inbox.

Ruling out his server as being the problem is without merit.