There are several reasons why emails are flagged as spam. We will look at some of the many reasons why this happens and how these can be avoided. For more information and help, feel free to reach out to us and we will be more than happy to help you with your emails.

• Email content (body and subject line) contain keywords that are misleading or trigger negative emotions. Some examples of suspicious keywords are, “special promotion”, “order now”, “cancel at any time”, “risk free”, “great offer”, “toll free”, “dear friend”, to name a few. Avoid using these keywords in the body of the mail. There are several testing tools (free and paid) available online that help you to identify and remove suspicious keywords from the body content.
• Big fonts and flashy colours with excessive and repeated punctuations in the body content will be marked as spam or junk by majority of the junk filters. Ensure that your email is well drafted and formatted. Avoid using jazzy and flashy design elements in the body of the email.
• Presence of suspicious links in the email body tend to land in the spam folder. Avoid using too many links, especially masked links, and generic URL shorteners.
• Too many images with little text in the body tend to trigger the spam filters. Majority of the email providers, such as Gmail, Outlook, Yahoo, to name a few, tend to block images from loading, which makes the email appear distorted or meaningless. Avoid using many images as these are prevented from loading by majority of the email clients and providers. Convey the message in well drafted text. Feel free to reach out to us and we can help with drafting the emails for you.
• Emails with JavaScript, CSS or other dynamic HTML coding tend to get flagged as spam. As a precautionary measure, email clients and providers, firewalls and spam filters block all types of code, especially suspected malicious code in emails. Avoid using coding to make your emails “appear” fancy or “designer” type. Keep the email body simple.
• Every email should have certain key elements such as a legitimate name, an identifiable email of the sender, appropriate subject line, body content. Marketing emails should have a link to unsubscribe, company name, contact info and other disclaimers. Ensure that your emails follow standard protocols and have these elements clearly visible. Reach out to us for help in ensuring properly configuring your emails.

These are some of the common reasons why emails go to the junk/spam folder. Apart from these, there are other technical reasons such as SPF and DKIM is not configured appropriately, sender’s server IP address is blacklisted, domain is blacklisted, to name a few. To know about more issues and remedial measures, contact us and we will be more than happy to help you resolve these.

Both are email protocols that were formulated during the mid-1980s. Let us first understand both these protocols and how they work. Both have their pros and cons. The comparison table provided will serve as a guide to help you decide on the protocol to be used.

POP3 stands for Post Office Protocol Version 3 and was formulated in the year 1984. This is the most widely used version of this protocol. As the name suggests, the “post office” in the name suggests the mechanism of working analogous to the post office – once the mail has been delivered, there is no record of it in the post office. Similarly, once the emails have been downloaded to the client’s system, these are deleted from the server.

This is useful when emails need to be accessed from a single device with capability to work offline. This mechanism of working gives an “illusion” of an unlimited sized mailbox. The flip side to this is there is only one copy of the emails – either on the server (if it has not been downloaded to the client’s system) or on the client’s system. Hence, multiple devices will “see” different versions of the email inbox.

IMAP stands for Internet Mail Access Protocol. This protocol was formulated as a better alternative to POP3 in the year 1986. This protocol is designed to “sync” emails from the server to the local device. Hence, emails can be accessed from one or more devices. The list of emails on each device will be the same. Majority of the email providers, including ours provide IMAP access to emails.

Now that we have understood the working mechanisms of both protocols, the deciding factor would be the use case of the email. The table below summarizes the broad features of both protocols which will help you decide between POP3 and IMAP, depending on your requirements. Our recommendation would be to use IMAP. Contact us and we will help you setup emails as per your requirements.

POP3	IMAP
Designed for accessing emails on a single device. Deletes all emails from server after downloading them. Does not sync emails – tends to create a “distorted or skewed” list of emails on both – server and local (client) device. Emails reside on the local system. Good for offline use. Works especially in areas of poor internet connectivity.	Designed for accessing emails on multiple devices. Does not delete emails from server or any device after downloading. Syncs emails, hence, the list of emails is the same across all connected devices and the server. Emails reside on the server. Good for online use. Works especially in areas of good internet connectivity.

Today, majority of the email service providers, including us, provide IMAP access to your emails. For more information about IMAP, refer to the answer for “Should I use POP3 or IMAP for my emails?” To recap, IMAP is a protocol that syncs emails and the folder structure across multiple devices and the server. For this to work effectively, each of the local email clients need to be configured for IMAP email access. This will ensure proper sync between emails on various devices. If you still face issues in resolving email sync issues on various devices, feel free to contact us.

DNS records are simply human understandable records that are mapped to IP addresses or instructions for the respective server. There are several records related to email routing, authenticity, and security that need to be configured correctly. The important ones are as listed below.

• MX (Mail Exchange) records: this is a record that contains the name of the email servers with their priorities that will provide the email service. This information is used by the MTA (Mail Transfer Agent) software to query these records for the email server address.
• SPF (Sender Policy Framework) records: these are text records that mention the names of servers authorized to send emails on behalf of your domain. These need to be correctly configured to ensure a good email reputation score, else these could cause your emails to go to spam.
• DKIM (DomainKeys Identified Mail) records: this is a form of email authentication that allows an organization to claim responsibility and ownership of the email and its contents. This is necessary to protect email senders and recipients from spam, phishing, and spoofing. This is added to the domain in the form of a text record, which is a public encrypted key.
• DMARC (Domain-based Message Authentication, Reporting & Conformance) protocol: this is the protocol that unifies the use of DKIM and SPF records to authenticate and validate emails and its content, the sender, and the recipient. This is done to avoid domain spoofing and phishing. DMARC records consist of a set of SPFs, DKIM, CNAME and A records for the DNS of a given domain name. All these need to be correct and properly configured for the DMARC to work efficiently.

For more information about how these work in conjunction to secure your emails, how we have implemented these in our servers, troubleshooting and other information, feel free to contact us and we will gladly help you clarify your doubts.

Email or electronic mail is one of the most widely use medium of communication across the globe. This is a versatile medium that can transmit any type of content – text, images, documents, videos, audio files, the list is endless. Each of these are available in a plethora of formats for various systems and platforms.

Majority of the email protocols were developed many years ago when there were limited email service providers and users. Hence, basic security was considered as sufficient. With time and increasing number of users, criminals have discovered several loopholes, coupled with user ignorance or lack of knowledge, that can be easily exploited. To add to this, emails are a “cheap” or cost-effective medium of communication with high success or hit rates.

Today, there are billions of internet and email users with differing interests. Widespread use of this versatile and flexible medium of communication makes it an easy target for a variety of attacks, some of these are as listed below.

• Malware or malicious software, that includes viruses, worms, trojan horses, spyware, and many more can cause catastrophic damage in multiple ways. These can attack workstations and servers to gain access to sensitive information, change privileges and other damages.
• Spam emails are unsolicited commercial email that can be generally used to transmit malware. An extension of these are phishing emails that can trick individuals to disclosing sensitive personal information.
• Social engineering is a mechanism in which emails are used to gather personal information from an organization’s users or get them to perform actions that trigger an attack.
• Spoofing is a form of social engineering in which the email is used as a “mask” to cover the underlying malicious entity or individual.
• Unintentional acts by authorized users are a cause of human error, ignorance or improper training or guidance. They may send personal or sensitive information via email causing unwanted damage.

Existing protocols need to be revamped and reimplemented with radical changes, especially for security. However, this is a mammoth task that may take a long time. Fortunately, there are preventive measures and remedies available. Remedies can be in the form of anti-virus software, firewalls, anti-malware, and many more that can be implemented in conjunction with strict email monitoring policies and robust junk filters on email servers. For details on how these can be implemented for your organization, feel free to reach us and we will be more than happy to help you.

There are several mechanisms and tools that can crawl the internet for email addresses, contact numbers and other information. Some of the popular methods are as listed below.

• Using sophisticated tools to crawl the web, especially social media sites to scan for email patterns and using the “@” symbol.
• Using tools to “guess” and generate usernames based on the domain names.
• Formulating and purchasing data lists – there are some companies that are actively involved in harvesting individual contact info and building databases. These are then segregated and sold for a price to the interested buyers. The buyers could be potential scammers.
• Some still use the old fashioned techniques such as participating in events to collect visiting cards and then scanning them to collect email addresses and other contact info.

Thanks to the advancements in technology, it is difficult to keep spammers and marketers away from getting your email address. However, there are several precautionary measures that can be taken from getting spam emails. Refer to the answer for question, “What precautions need to be taken while opening emails and attachments?” For further help and assistance with this, contact us.

Let us first understand the term “phishing”. Thanks to advancements in technology, this is an evolved or derived term that refers to a type of online scam. In this, criminals or fraudsters pose as legitimate organizations via emails, text messages, other advertisements, to steal personal or sensitive information.

Phishing emails refer to emails that are crafted to appear legitimate. They are drafted to induce fear or urgency in the recipient to act. This is a type of specialized phishing attack in which criminals use the recipient’s vulnerability to gain access to sensitive information, financial transactions, privileged network access, and much more. This can have catastrophic consequences for the individual victim, or the entity that he/she represents. Listed below are some ways to identify phishing emails:

• The salutation will be generic such as “Dear Valued Customer”, “Dear Network User”, “Dear Customer”, and many more.
• There could be spelling and/or grammatical errors or repetitive phrases or words, for example, “reset account your account”, “Pantry your monthly grocery e-store up to 50%”, missing or misplaced punctuations, and more.
• The from email address is not a legitimate one from the same domain.
• The links provided are malformed to “imitate” the original.

These tell-tale signs are easy to identify phishing emails from authentic emails. Before clinking on any links within any email, we strongly recommend that you take the time to go through the contents of the email, look at the sender, verify the authenticity of the email, and other precautionary measures before clicking on any embedded links or opening any attachments. For more info about phishing emails and precautions, feel free to contact us and we will be more than happy to guide.

Email spoofing refers to the technique of forging email headers to make the recipient “believe” that the email came from a legitimate source or person. The reason why spoofing happens is it uses the outgoing server’s SMTP (Simple Mail Transfer Protocol) service. This service lacks authentication, hence, an email can easily “spoofed” to appear as someone else. Listed below are some of the reasons why emails are spoofed.

• Hiding or masking the identity of the sender.
• Avoiding spam or junk filters and block lists.
• Impersonating someone the recipient knows.
• Impersonating a business or entity that the recipient has dealings with.
• Spoiling the reputation of the sender.
• Identity theft.

Let us describe an example of email spoofing. One day, you may receive an email that has a from line, “”

On close observation, this email has originated from . It has “” to fool the recipient into believing that this is a trusted email. Some email clients only show the quoted part and not the actual email address. This is the work of a hacker indicating your personal or company’s info has been compromised. Report this issue to the fraud and security teams to initiate precautionary and other security measures for additional data protection.

There are several protection mechanisms that have been developed to combat email spoofing. One approach is to filter the incoming messages by applying an authentication framework using SPF (Sender Policy Framework) , DKIM (Domain Key Identified Mail), and DMARC (Domain Based Message Authentication, Reporting and Conformance). These are described in detail in question – “What are the DNS records for email?” For additional guidance on how to implement preventive measures for spoofing, get in touch and we will be more than happy to help.

Masked emails are pseudo email or fake email addresses that are used to hide the real email address of the sender. This is particularly useful for protection against misuse and identity theft. These pseudo email addresses are configured to forward the received emails to the true email address.

Masked email addresses are used by some as an additional security or precautionary measure. These are particularly useful when giving out your email address for newsletter or marketing email subscriptions. Your true email address is not revealed. These masked or pseudo email addresses can be disabled at any time without hampering normal flow of emails to and from your true email.

Attachments transmitted in an email is a common mechanism to spread malware, trojans, virus, malicious code, and many more. Recipients tend to open the attachments without realizing the associated dangers. An embedded virus could attack your computer and run malicious code, steal sensitive data and information, invade the company’s network and systems, and cause more damage. These can be prevented by exercising caution and being alert. Some of the below listed points need to be borne in mind before opening an attachment in an email.

• Call the sender and confirm if he/she is aware of the email and the attachment. It is a good idea to take a brief of the attachment, especially its contents. Hence, it is imperative that emails and attachments are opened from trusted and verified senders.
• Avoid sending sensitive information such as bank account info, credit card info, personal details, and other info. Apart from being unsafe, in some countries, this can be considered a crime. Hence, it is best to avoid.
• Avoid clicking on links embedded in the body of the email. These could lead to phishing websites leading to further damage including data, financial and reputation losses.
• Use appropriate security software from reputed makers such as antivirus, spam blockers, malware protectors, email scanners, to name a few. These generally monitor and scan emails for virus, malware, and other dangers. Once detected, they warn you in addition to blocking malicious content, moving the suspicious email to the junk/spam/quarantine folder, alerting the administrator, and other precautionary measures.
• Be wary of connecting to the internet using open, unsecure, and public Wi-Fi networks. Keep the privacy settings of your computer to keep you “invisible” or “non-discoverable” on the network when connected to these types of networks. Keep the firewall turned on and configured to block any type of unwanted connection requests.

These are some of the many precautions that need to be taken before opening any email or attachment that you receive. For more help and assistance about these and other precautionary measures, contact us and we will gladly help you protect yourself from malware and malicious content.

Yes, you can send blast emails to several recipients using a variety of dedicated service providers for sending blast emails. If you are looking to send blast emails to several hundreds of email recipients, we would recommend that you look for a suitable service provider to fulfil this requirement. Some of the names that readily come to mind are MailBluster, MailChimp, SendGrid, SendinBlue, the list is endless.

We are an email service provider in which we ensure that you have an active email address using which, you can send and receive emails with individuals. We recommend that you select the email service provider as per your requirements. If you are looking for basic email services, we will be more than happy to fulfil your requirements. For more help on how to effectively use your email address without blacklisting it, contact us and we will be more than happy to advise you.

Yes, you can use your email address to register for online subscriptions. By doing so, you could be inviting a flurry of emails in your inbox, some of these may go to your junk/spam folder. We recommend signing up only for newsletters or services for which you have absolute use for. Else, you would land up with too many emails in your inbox, which would be tedious to clean.

We do not place restrictions for signing up for subscriptions such as newsletters, marketing, or promotional emails, and many more, that you would want to sign up for using your email. Every subscription service provider has their own email policies, which we honour with certain rules and regulations from our side. We too have junk and spam filters to protect our customers.

We strongly recommend that you check the credibility of the subscription service provider for the authenticity of the information conveyed. For more details about the risks involved and the precautionary measures to be taken, contact us and we will be more than happy to explain them to you.

Email transport and delivery mechanism has been setup in a way that every email pass through varying networks and different servers before landing in the intended recipient’s mailbox. Hence, emails are subject to attack en route to the recipient, especially in the weaker (or networks with lower security) networks. Fortunately, there are several methods to secure the emails and its contents from attacks. Some of these are listed below.

• Check the encryption level provided by your email service provider. For example, Gmail implements Transport Layer Security (TLS) for automatically encrypting emails. This prevents others from reading your email or attacking the contents or attachments.
• Set expiration dates on your messages – this is particularly useful for time-bound messages. For example, notifications for an event can be set to auto-delete within a week after the event is over.
• Use MFA (Multi Factor Authentication) when logging in to your email accounts from any system. This ensures an additional layer of security for your emails and other information.

We implement appropriate industry standard encryption methods for our emails to ensure an additional layer of security. Our client data is sensitive and important to us, for which we take adequate precautionary measures. For more information of the security measures and other information, feel free to reach us.