Hacker News new | past | comments | ask | show | jobs | submit login
Test the Spammyness of your Emails (mail-tester.com)
94 points by shawndumas on Oct 18, 2015 | hide | past | favorite | 38 comments

I've used Postmark's JSON API to test spam-ratings of emails for years. Can't recommend enough.


Very interesting. This could be a good way to preflight your emails automatically before you send them. Thanks.

Thanks, I've added that into my own mail platform as another source to test!

Upvoted you too! :)

Since you absolutely have to run everything you plan on sending to a mailing list via spamassassin beforehand, mail-tester.com is a great tool. It saves the annoying work of cobbling together a spamassassin test script and integrating it into your workflow, and gives you a bunch of other checks while you're at it.

Spamassassin is half of the bane of my life when it comes to maintaining deliverability on a scientific mailing list:


It stops being a useful tool and starts being a mode of censorship that is in effect controlled by the people who practice fraud and abuse. It is very annoying to find all sorts of things that effectively can't be discussed by mail in a list: specific drugs and technical terms used in research, any research discussion or published research that uses long technical words in close proximity, fundraising for research, and so on and so forth. Every newsletter to the opt-in, well-gardened list becomes a little minefield of self-censorship as you go through multiple iterations with spamassassin, weeding out and rewording things.

It is all very trying. One has to think that there's a better way.

Nice, I have used this service before (along with http://mxtoolbox.com/ and http://www.checktls.com/), I'm up to 9/10 now for my private mail server (on Digital Ocean), still working on getting DKIM to work.

But, even scoring 9/10, I still have a lot of trouble sending mail to people on hotmail/live/outlook. I have contacted Microsoft and after getting the advice to not send bulk mails (I don't) a couple of times, I finally got a human to respond. This person admitted that their spam filter is an outsourced black box over which they have no influence. I should try to use proper formatting and hope for the best...

So I don't know how useful this score is in the real world.

Edit (some more mail server pain): The first mail I sent from my own server was a mail to all my friends informing them of my new email address. at that time I didn't have spf configured and used a self signed cert. So I would be 7/10. All Yahoo contacts answered me that I was permanently banned. None of them ever receive any of my mails.

I had 10/10 during years, yet outlook would block emails from one of my domains - even if I was replying to an incoming email!!

Microsoft seems to have lots of secret rules, blocked IPs and other stuff that nobody's really figured out.

I did manage to contact them one, I got white-listed, and email went through. But only for a few months, and then it went back to being silently dropped again. It was only for a particular domain. Other domains on the same host has no issues.

I had to move the client in question to Fastmail, since there seemed to be no way to figure out how to please MS, and my client had lost several big sales due to documentation being silently dropped. Fastmail deals with it somehow. I guess they have some human contact with some influence in MS anyway, being large as they are.

Yes, that is the worst thing about it, there is no reporting of any kind, no errors in my logs, and not my email getting into a spam folder at outlook.com. If it would be in a spam folder my relatives could un-spam it, if I got an error message, I could act on it. In stead, some emails go through, some don't with no indication on either side what the system choose.

Discovered that I hadn't setup DKIM for my Google Apps domains, nor had I realized how easy it is to do it: https://support.google.com/a/answer/174124?hl=en

Just ran this service through https://emailprivacytester.com/ - The mail-tester.com results page popped up a javascript alert injected by emailprivacytester.com which proves that the content of email is not being properly escaped in some manner at mail-tester.com before being displayed.

That's not ideal, but is also probably not a big deal in this case. There's no sensitive information to be stolen off the page here, and the only person who's going to see it is the attacker.

This is cool. I like how simple it is. Also, I just learned about SPF records from this. I didn't realize there was a DNS related[0] mechanism of preventing spam. Kinda neat.

As an alternative to this, if you'd like a little finer grained information about it spam filters from specific companies, Litmus (I'm not affiliated) has a really cool spam-test[1] that actually tests it against all major spam filters (Google, Yahoo, etc) instead of testing it against spam lists like this does.

[0] https://en.wikipedia.org/wiki/Sender_Policy_Framework

[1] https://litmus.com/spam-filter-tests

DKIM is better (SPF doesn't prevent, for example, Amazon SES impersonating you and sending out unauthorized email on your behalf)

Neither actually prevents anything because it's up to the recipient ('s server) to apply whatever scrutiny they feel like.

DMARC actually specifies exactly what the recipient should test and what they should to with the email.

They can easily ignore DMARC records, but at least you're still telling them what to do with failing email.

So... it's a reinforcement learning tool for spammers?

I've used it (amongst other email testing tools) for quite some time now to validate the thousands of emails we send each week for BoomboxFM[1]. And none of those emails are "spam". Email is the delivery system for our product, and trust me, it sucks trying to figure out why people who 100% want your emails don't always get them straight to their inbox. Particularly with Gmail.

[1] http://www.boombox.fm/

I know all about the nuisance of BigCorp dumping my (non-commercial, mind you) email into the spam folder for obscure reasons, but whatever company you're trying to push, you miss the point. A web service to say "this is what most spam filters will do to your email" is just a training signal for spammers. That is, unless they are smart enough to implement an amazing meta-spam filter.

It's a tool, which can be used by anyone regardless of intention.

Much like a scalpel can be used to save lives of kill people.

Are there plans for an API (paid or otherwise)?

My SaaS has a built in marketing tool that allows for bulk email sending. I constantly run into an issue where customers have an image from a designer, and want to embed that image as the entire content of the email. Of course, that's flagged as spam. I would love to show users a spam score before they blast away.

Am I the only person out there that doesn't display images in email by default? I can't tell you the number of emails I've gotten--from companies I'm a big fan of and I've agreed to receive mail from--with enticing subject lines that contain no content. Just images.

Case in point is REI. A couple weeks ago I spent several hundred bucks on camping gear from one of their competitors and found out later they'd had an enticing discount linked in one of their image-only emails. I guess we both lost out.

Their FAQ page has a section on this: https://www.mail-tester.com/faq#api

+1; am also interested

Is anyone else blocked by CASA-CBLPLUS? It's apparently the China Anti-Spam Alliance, I'm very confused.

My mail got listed there as well, even though I send everything through google's smtp servers with my own domain name.

That revealed a configuration problem in my server. The hostname was set to some an old domain name (which I no longer own or control). Who checks their hostname? Not me obviously. This probably explains why some email was being filtered to spam by gmail. Fixed, and I'm now getting 9/10.

10/10 is pretty easy to reach if you sit down one afternoon and do your homework (I was a newbie to email when I used this, and opensmtpd could not have been simpler!).

It really makes a huge difference getting past spam filters everywhere, so I can't recommend this website enough!

How bizarre, was looking for one of these just last week because I'm starting to worry that my email signature's image tags are causing issues for some recipients.

Can't recommend these kind of tools enough!

I've used mail-tester in the past and had great results with it. I highly recommend it!

My email fails DKIM in half the tests, and succeeds in the other half. Sigh...

I don't get it. What am I suppose to do ?

View the front page. It will show you an email address which looks something like "web-ONhx3B@mail-tester.com" which is unique to you. Send an email to that address then click the "Check your score" button. It will rate the email which it received from you and point out any configuration problems.

Thanks for the help. I finally succeeded. I'm missing spf and dkim. Not easy to define.

Useful tool, sure. But really, if you have to test, then yes, your mail is probably spam that noone cares for.

You clearly never made an app that sends opt-in emails (think activity notifications, reminders, whatever). Unless you know the exact right incantations, 3% of these mails will end up in Gmail's spam folder. This directly results in 3% unhappy users. They'll never consider blaming Gmail instead of you.

Part of the problem with those is that a lot of companies (including big ones) have started sending notification and "what's happening" updates them without an opt-in, which causes users to think they're spammy and mark them as such. LinkedIn and Twitter are particularly big offenders here, but there are a lot of others. Twitter even likes to periodically invent new kinds of email notifications and newsletters, and opt you in to them by default.

Gmail might be making this a little better by introducing a middle ground, moving those kinds of emails out of the Inbox into either the "Social" or "Promotions" boxes, where they're less likely to be marked as spam (although probably also less likely to be seen).

A reach. Not clear you can tell how many ended up in spam folder vs how many unhappy users. Could be 30% got called spam, and 27 of those 30 were perfectly happy that happened. Those 3 were just the ones that complained?

Well, personally, I'd consider any notifications, reminders, etc to be SPAM unless I had explicitly set up a rule to allow those emails from a specific source. By default such mails are just unwanted junk (IMHO) and should be treated as such by default (opt-in/opt-out is pointless since it is almost impossible to avoid opting in to crap these days).

You also probably never ran your own mail server and wondered why some people aren't responding to your mails. :)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact