10 Tips to Keep Email Out of the Spam Folder

1. Be Compliant with the CAN-SPAM Act

If you are sending “any electronic mail message, the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” then you must comply with the following 7 main requirements (or face penalties up to $16,000) [5]:

1. Don’t use false or misleading header information
2. Don’t use deceptive subject lines
3. Identify the message as an ad
4. Tell recipients where you’re located
5. Tell recipients how to opt-out of receiving future email from you
6. Honor opt-out requests promptly
7. Monitor what others are doing on your behalf

If your email contains only transactional emails or relationship content, then you are exempt from these rules; however, you must still not include false or misleading routing information.
Read more…

Stop PHP nobody Spammers

PHP and Apache has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.

Watching your exim_mainlog doesn’t exactly help, you see th email going out but you can’t track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you’ll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP – so everything will go through /usr/sbin/sendmail =)

Requirements:
We assume you’re using Apache 1.3x, PHP and Exim. This may work on other systems but we’re only tested it on a Cpanel/WHM Red Hat Enterprise system. Read more…