Outgoing emails going to spam (HestiaCP) — best practice to fix deliverability?

Community Support Mail
1

Hi everyone,

I’m using HestiaCP and I’m having a deliverability issue: emails sent from my server (contact forms + regular mailbox) are landing in spam, especially in Gmail/Outlook.

Current setup

  • HestiaCP version: v1.9.4

  • Server OS: Ubuntu 24.04

  • Mail service: Exim + Dovecot (default Hestia setup)

What I already checked / configured

  • SPF: configured

  • DKIM: enabled in Hestia

  • DMARC: configured

  • rDNS / PTR record: configured

  • SSL certificate for mail: yes

  1. What’s the recommended configuration checklist in HestiaCP to improve deliverability?
  2. Are there common Hestia-specific settings (Exim/DKIM/HELO/hostname) that usually cause spam issues?
  3. Any tools/logs you recommend to diagnose this properly (Exim logs paths, mail-tester, etc.)?
2

Hi,

As you didn’t provide the domain name, we can’t test the DNS records but you should check this:

1.- Use mail-tester.com and send a mail from your server to the email provided in that page (AFAIK there is a limit of 5 tests per day). It provides a lot of useful info.

2.- Check whether your server’s IP is in a blacklist mxtoolbox.com/blacklists

3.- Add your domains to:

3

Nowadays is it all about ip reputation. If that reputation is too low, you will not win the battle.

Unfortunately we came to this point after numerous insecure servers that are nog being well maintained and misused for sending spam.

You can overcome the bad ip reputation by using a smtp relay provider with good reputation.

4

Using an SMTP Relay means that the relay will have access to the outgoing emails. If privacy and confidentiality is a matter, you will need to pay special attention here.

One more thing to consider is the domain’s age. If it is a newly registered domain, you will need patience and of course good email hygiene. For starters:

  • stick to one-to-one emails
  • avoid the use of BCC
  • ask partners, friends, etc to unmark/white each and every email that went to spam
  • ask partners, friends, to whitelist your email address and your domain name
  • set low limits on the email server (few emails per hour), so that even if someone tries to send mass-mails the system will stop them from ruining your reputation
  • join programs like those mentioned by @sahsanu
  • steer clear of VPS/Cloud providers with “dirty” IP ranges. You can use services like https://www.abuseipdb.com/ so check IP subnet reputation based on abuse reports
  • monitor, monitor, monitor how and how much your email servers is used
1 Like
5

Actually, check your HELO/EHLO hostname in Exim because Hestia sometimes defaults to the system hostname instead of the mail domain. If that doesn’t match your rDNS, Gmail will nukes your deliverability instantly even with perfect SPF/DKIM. You might also want to run a quick test on https://unspam.email/ just to see if your IP is sitting on a specific blocklist you missed… It’s usually more thorough than manual checks.

6

Basicly this, I personaly do not host any mailservices anymore. Even when you got stable and good ip reputation, they will still drop you from time to time without any logic.

1 Like