Why are Emails going to Spam and what you can do about it

Emails going to spam is a major issue these days with email providers such as Microsoft and Google having their work cut out to identify real emails from fake. This is because 95% of sent emails are malicious by nature and criminals are far more sophisticated than they used to be. Understanding why emails end up in spam folders can help you avoid this unwanted situation inadvertently happening to you.

Fact: Incoming emails going to spam is the fault of the sender, not the receiver.  There is nothing wrong with your Email system if incoming emails to you are going to your spam folder.  To resolve the situation, let the sender know that their sent emails are going to spam.  This is due to a problem at their end, not yours and they may already have experienced similar issues with others too, but if nobody tells them, then they will never know!  

There are various reasons why companies like Microsoft and Google deems that certain incoming emails are ‘spam’ but their ultimate goal is to protect you from opening unsafe attachments or clicking on unsafe links on emails and they control this.  So on that basis, something within the incoming emails will be triggering spam-like behaviour and it is for the sender to find and fix this at their end.

The spam filter levels set by email providers such as Microsoft and Google are the same for every company.  Overriding these at the backend is effectively changing and overriding their in-built security and spam level settings and therefore requires I.T engineering work, whereas the real problem relates to the sender and they need to make changes to ensure their emails are not deemed ‘spam-like’.

Something in their sent emails is triggering Microsoft/Google’s spam filter.  It doesn’t matter how big or small the sending company is.  It doesn’t matter what their IT experts say or if they arrogantly dismiss you, saying nobody else has the same problem.  The simple fact is that emails sent by them are being classified as spam by Microsoft/Google and it is for them to look into the reasons why and resolve this.  But if it is in your interests to receive these emails, then there are ways you can work together to resolve this situation.

Typical reasons 

The email will be classified as spam due to a word, phrase, attachment, link (url) or email signature.  Or it could be due to the sender’s domain name not having a perfect reputation due to missing or incorrect configuration of their SPF, DKIM and DMARC zone records (Understand More Here).  Or quite simply, their IP address could be on a blacklist.  Alternatively it could be that the sending email address is sending out large volumes of email which is naturally ‘spam like’ behaviour, even if those emails are legitimate.  E.g. it could be an accounts email address that sends out hundreds of statements at once.  Finally it could be their CRM system that is sending out the emails and this is causing the trigger. *1

How do they resolve this with your help?  

The sender should start off by sending you a plain/ blank email with no attachment, link or email signature to see if it goes through to your inbox and not your spam folder.

- If it still doesn’t come through then it relates to their domain name, ip address or zone records and it is for them to resolve as it relates to their system and setup.

-   If a plain/blank email goes through to your inbox then clearly, something in the email is triggering it to go to spam.  The sender should then add their email signature and resend a plain/blank email.

- If this email then goes to spam then voila!  It is their email signature that is causing the problem and this needs to be removed until the problem with their email signature is resolved **2

- If this email comes through to the inbox then next add the attachment and test again.  

- If the email now goes to spam then it is the attachment that is the issue.  It is getting quite common these days for emails with attachments to be classified as spam.  Email providers are now preferring url links to be sent (which can be scanned), rather than attachments ***3

- Keep testing using the same scenario by sending emails that include words and phrases used in the original email that went to spam.  Eventually you will find a situation where the email will go to spam and then the sender can avoid these words or phases in the future.

It is fair to say that Microsoft/Google doesn’t always get it right but it is better to be safe than sorry.  For example, if the company that is sending you emails has actually been hacked, and it is a hacker that is actually logged into their systems and sending the email to you, then due to you trusting the source of the email, you will be tricked into providing details and of course, this will be going into the wrong hands.  Just because you deal with a company all the time does not mean their sent emails should not be scrutinised by Microsoft/Google, unless you override this to compensate for their issues.

*1 This is where domain hygiene comes into play and the SPF record is adjusted to include the CRM system, plus a separate DKIM record is created for that system to authenticate emails sent directly from it.  This will then vastly improve the reputation of emails sent from that domain and its integrated systems.  For more information on understanding this, please refer to our separate article on ‘Understanding SPF DKIM DMARC and Good Domain Hygiene’.

**2 Email Signatures often contain images or url links and these could be linking to something that is deemed unsafe.  E.g. if an email signature contains a link to a website and the website has been hacked, blacklisted or doesn’t have a valid SSL certificate, then emails containing that link will be deemed unsafe or spam.

***3 We are seeing more and more that attachments which are sent out from a system are being caught up in spam.  E.g. a CRM which emails out invoices or quotes.  Such systems are now being treated as higher risk.  The preferred and modern approach is to send a link to the file, rather than actually attach it.  This is for many reasons but generally speaking, attachments sometimes cannot be scanned or can contain hidden code whereas url links can be followed through and the attachment at the other end can be checked.

What can you do to help the situation?

If you want to allow emails that are normally classified as spam into your inbox then there are numerous ways to achieve this.  Rules and filters are one.  Adding the sender as a proper contact in your system is another and whitelisting the sender and their domain is a third..  

How to stop incoming emails from going to Spam in Microsoft 365

In your own Outlook system, you can manually +Add companies to your own safe senders list.  Again, this is not because there is something wrong with your email system or setup, it is purely because you wish to have these emails by-pass spam filters which is a risk you are prepared to accept.  To do this:-

Go to Outlook.com online and login with your email address and password

Go to Settings >  All settings

Mail > Junk Mail

Under Safe senders and domains click the + sign > Add

Rather than type in the email address, type in the actual domain name without the www. At the beginning.

E.g. Adding Computer-Clinic.co.nz  means that any emails from anyone@Computer-Clinic.co.nz will be allowed directly into your inbox.

Also tick the box ‘Trust email from my contacts’

Click Save

A screenshot of the settings and where to find everything is below:-

Now go to your contacts in Outlook and save the sender as a real contact with name, email address and any other contact information needed.  Please note that just because an email address ‘comes up’ or appears when you start to type in the To: Box on a blank email, it doesn’t mean that they are a stored contact.  Instead this is known as a ‘suggested contact’ and is not necessarily a proper and real stored contact in your address book.

Once the contact is stored in your Address book, by ticking the box ‘Trust email from my contacts’ means that they are now trusted and will be by-passed from spam filtering.  Please repeat the above process for all email accounts in your organisation.  

Administrator Level changes - company wide

At larger organisations where they have paid internal IT staff, their IT administrator would normally tackle all of this and would even get involved to override/change Microsoft’s spam filtering settings at a company wide level so that the above does not need to be done by all individual staff - but this is more complex and requires IT engineering time.  This kind of change is not something that unqualified or non-IT Professionals can do, should be doing or are expected to know how to do.  Getting this wrong can also cause untold amounts of problems such as leaving the company at risk from spammers or accidentally blocking legitimate incoming emails.  The instruction and training for these administrator level changes are covered at a professional level when undertaking a recognised IT qualification such as the Microsoft MS-102 Certification: Microsoft 365 Administrator

Contacting Microsoft for help

If you wish to contact Microsoft to discuss issues and get them resolved, then there is no option for you to phone them.  It is done by creating a ‘Service Request’  To do this:-

Sign in to Microsoft 365 at admin.microsoft.com using your Microsoft 365 admin account, and from the admin centre select Support > New service request then follow the prompts.  You will be chatting with artificial intelligence/robots and eventually may get a human to help.