WillItInbox
Back to blog
Content··2 min read·WillItInbox Team

Reading SpamAssassin rules — and how to defuse the top 20

SpamAssassin's rule corpus is enormous, but a small handful of rules account for most of the points your campaigns lose.

ContentSpamAssassin

SpamAssassin has thousands of rules. In practice, twenty or so account for the bulk of the points legitimate senders lose. Knowing them by name turns "my email is spammy" into a checklist.

How to read a SpamAssassin output

A report fragment looks like:

2.5  HTML_IMAGE_ONLY_28      BODY: HTML: images with 1600-2400 bytes of words
0.8  MIME_HTML_ONLY          BODY: Message only has text/html MIME parts
1.2  MISSING_HEADERS         Missing To: header

Three columns: score, rule name, description. Rules in the report panel of WillItInbox come straight from this.

The top 20 rules legitimate senders trip on

  1. MIME_HTML_ONLY — HTML part with no plain-text alternative. Add a text/plain part.
  2. HTML_IMAGE_ONLY_* — Mostly images, very little text. Add real copy.
  3. HTML_MESSAGE — Informational; contributes a little but unavoidable for HTML mail.
  4. HTML_FONT_LOW_CONTRAST — Text color too close to background. Often a hidden-text indicator.
  5. HTML_SHORT_LINK_IMG_* — Links wrapped around small images, often invisible.
  6. MISSING_HEADERS — Missing required header (To, From, Subject, Date).
  7. MISSING_DATE — No Date header at all.
  8. DATE_IN_FUTURE_* — Date header is in the future.
  9. DATE_IN_PAST_* — Date header is more than a few days old.
  10. MISSING_MID — No Message-ID header.
  11. NO_RECEIVED — No Received header. Strange in normal mail flow.
  12. NO_RELAYS — No Received headers at all.
  13. TVD_SPACE_RATIO_* — Excessive whitespace, often used to hide content.
  14. HK_RANDOM_FROM — Random-looking From local part.
  15. URIBL_* — A link in the body resolves to a domain on a blacklist.
  16. SUBJ_ALL_CAPS — All-caps subject line.
  17. TVD_SUBJ_FREE — Subject contains "free" prominently.
  18. HELO_DYNAMIC_IPADDR — HELO hostname looks like a residential dynamic IP.
  19. RDNS_NONE — No reverse DNS for the sender IP.
  20. SPF_FAIL / DKIM_INVALID — Authentication failures, scored heavily.

How to fix the most common ones

  • MIME_HTML_ONLY: every modern mail library lets you add a text alternative. Even an auto-generated plain-text from your HTML is enough.
  • HTML_IMAGE_ONLY_*: add at least 100 words of real copy. Aim for an image area smaller than 50% of total content area.
  • MISSING_ / DATE_**: these are usually a misconfigured mail library. Check that your sender is setting them.
  • URIBL_*: one of your links is on a blacklist. Even shared link shorteners can trigger this. Use your own domain for tracking.
  • HELO_DYNAMIC_IPADDR / RDNS_NONE: see the rDNS post.

If you only do one thing

Get your SpamAssassin score below 2.0 on a clean message. Once you're there, normal content variation won't push you into spam territory.

Keep reading

2 min read

Image-to-text ratio: the rule that breaks newsletter design

Read

2 min read

Accessible HTML email: structure, contrast, and the screen-reader test

Read

1 min read

Agency deliverability audit template

Read