Account reconfirmation emails going to spam

adrake · June 13, 2020, 5:26pm

Hello! First, thank you for the wonderful service I’ve been a happy user since 2015.

Today I got a “Please reconfirm your dynv6 account” email which wound up in my spam folder. I wanted to let you know since it might lead to others having their accounts deactivated if they don’t check their spam folders regularly.

I use Fastmail as my email provider. Here’s the header they provide that gives the spam score breakdown (the threshold is 5):

X-Spam-score: 6.1
X-Spam-hits: BAYES_40 -0.001, HTML_MESSAGE 0.001, ME_SENDERREP_NEUTRAL 0.001,
  ME_VADESPAM_HIGH 3, MIME_HTML_ONLY 0.1, SPF_HELO_NONE 0.001,
  SPF_NONE 0.001, URIBL_INVALUEMENT 3, LANGUAGES en, BAYES_USED user,
  SA_VERSION 3.4.2

I tried to dig in to what the two high-scoring items were:

ME_VADESPAM_HIGH - This appears to be a commercial spam filtering product from VadeSecure, not sure of the details
URIBL_INVALUEMENT - This means some URI in the email was found on Invaluement’s URIBL. (I wasn’t able to figure out which one, though, possibly it’s already been delisted?)

Let me know if you’d like any more information or if there’s anything I can do to help! Happy to reach out to Fastmail support to ask for more details on either of those if it would be helpful.

corny · June 14, 2020, 6:28pm

Hi adrake and thanks a lot for your investigation! We only checked that the reconfirmation emails are classified as regular emails by Google Mail. If someone else observes our emails to be classified as spam, we would be happy to get a notice here.

dmke · June 15, 2020, 10:52am

The embedded list of zones might trip off the spam detection in multiple ways:

The zone name looks like a domain, and it’s target does not link to that domain (example.dynv6.net links to dynv6.com/zones/123). This might add points by the phishing detector.
The zone name itself is contained in some block lists. Not sure which spam detector tries to resolve everything that looks like domains within the message body.

Another problem is that the mail is HTML-only, which at least SpamAssasin considers suspicious.

corny · June 15, 2020, 4:17pm

I’ve added a plain text part to the reconfirmation mail.

senza · July 4, 2021, 8:19pm

web.de classified a reconfirmation email as spam on 2021-06-15.

From the E-Mail header:
X-Spam-Flag: YES
X-UI-Filterresults: junk:10;V03:K0:[…]

dynv6 · July 8, 2021, 4:47pm

gmx.com went into spam.
PLEASE say how to get a NEW confirmation email!