Why does SpamAssassin give positive score for DMARC reject and MIME_NO_TEXT or LONG_INVISIBLE_TEXT?

Summary

SpamAssassin gives positive scores for DMARC reject (when authentication fails), MIME_NO_TEXT (missing plain text version), and LONG_INVISIBLE_TEXT (hidden text) because these characteristics are commonly found in spam emails. DMARC_REJECT is triggered when an email declares a 'reject' policy but fails SPF/DKIM checks, suggesting potential spoofing. MIME_NO_TEXT occurs because spammers often omit plain text to avoid text-based filters. LONG_INVISIBLE_TEXT identifies hidden text, a tactic used to manipulate indexing or hide links. While individual rule scores may be low, SpamAssassin's cumulative scoring means these factors, combined with others, can lead to a spam classification. Misconfigured DNS records, custom rulesets, and incorrect MIME structures can also contribute. Avoiding these practices and ensuring proper authentication are crucial for deliverability.

Key findings

  • DMARC Reject as Indicator: A positive score for DMARC reject often signifies a failed authentication, hinting at potential email spoofing or unauthorized sending.
  • Missing Plain Text as Spam Signal: The absence of a plain text version in MIME emails (MIME_NO_TEXT) is a common characteristic of spam, as spammers aim to avoid text-based filters.
  • Hidden Text as Deceptive Technique: Excessive hidden text (LONG_INVISIBLE_TEXT) is recognized as a technique used by spammers to manipulate search engine indexing and/or conceal malicious links from users.
  • Cumulative Scoring Impacts Deliverability: While individual SpamAssassin rules may have low scores, the cumulative effect of these scores, combined with other factors, can significantly impact email deliverability.
  • Custom Rulesets May Vary: Individual SpamAssassin installations might use custom rulesets (e.g., KAM_ rules) with varying weights and behaviors, affecting overall scoring.

Key considerations

  • Implement Proper Authentication: Ensure SPF and DKIM are correctly configured and validated to prevent DMARC reject-related issues.
  • Include Plain Text Versions: Always include a plain text version alongside HTML emails to improve deliverability and avoid MIME_NO_TEXT flags.
  • Avoid Hiding Content: Refrain from using techniques to hide text or links from users (small fonts, CSS display:none), as this triggers SpamAssassin's LONG_INVISIBLE_TEXT rule.
  • Validate MIME Structure: Ensure the email's MIME structure is valid and complete, with correct headers and encoding, to prevent issues related to MIME_NO_TEXT.
  • Review Custom Rules: If using a custom SpamAssassin setup, review the configuration and scoring weights to understand how specific rules affect deliverability.

What email marketers say
12Marketer opinions

SpamAssassin assigns positive scores for DMARC reject, MIME_NO_TEXT, and LONG_INVISIBLE_TEXT based on factors indicating potential spam. A positive score for DMARC_REJECT can occur when emails fail authentication (SPF, DKIM) despite a 'reject' policy, suggesting a potential forgery. MIME_NO_TEXT flags emails lacking a plain text version, which is a spam indicator and a deliverability best practice. LONG_INVISIBLE_TEXT identifies hidden text (small fonts, CSS hiding) used to manipulate content visibility. These scores are cumulative, and even low individual scores can lead to a spam classification when combined with other factors. Proper authentication, valid MIME structures, and avoiding hidden text are crucial for avoiding spam filters.

Key opinions

  • DMARC Reject Scoring: SpamAssassin assigns positive scores to emails that fail authentication (SPF, DKIM) despite having a DMARC reject policy, as this indicates a potential spoofing attempt.
  • MIME_NO_TEXT Issue: The MIME_NO_TEXT rule is triggered when emails lack a plain text version, a factor that contributes to spam classification.
  • Hidden Text Detection: LONG_INVISIBLE_TEXT detects hidden text using CSS or small fonts, a common tactic employed by spammers to conceal content.
  • Cumulative Scoring: SpamAssassin utilizes a cumulative scoring system, meaning low scores for individual rules can combine to push an email into the spam folder.

Key considerations

  • Authentication: Ensure proper email authentication setup (SPF, DKIM) to prevent DMARC_REJECT issues.
  • Plain Text Versions: Include a plain text version of your emails to avoid MIME_NO_TEXT flags and enhance compatibility.
  • Avoid Hidden Text: Refrain from using CSS or small fonts to hide text, as this triggers LONG_INVISIBLE_TEXT and reduces deliverability.
  • MIME Structure: Verify the MIME structure of your emails is correct and complete, including proper headers and encoding.
Marketer view

Email marketer from Reddit explains that SpamAssassin scoring is cumulative. Even if the individual score for DMARC_REJECT is low, if combined with other factors like missing plain text or hidden text, it can push the overall score into spam territory.

November 2022 - Reddit
Marketer view

Email marketer from Email Marketing Forum suggests MIME_NO_TEXT can be triggered if the MIME structure is incorrect or incomplete. Ensure proper MIME headers and the correct encoding are used to avoid this issue.

June 2023 - Email Marketing Forum
Marketer view

Email marketer from Mailjet suggests avoiding techniques that hide content from users, such as using small font sizes or placing text behind images. These practices are often associated with spam and can trigger rules like LONG_INVISIBLE_TEXT in SpamAssassin.

June 2023 - Mailjet
Marketer view

Email marketer from StackOverflow cautions that even if hidden text is meant for SEO and not directly for spamming email recipients, it can still raise flags with spam filters like SpamAssassin if the email looks suspicious. It is recommended to avoid this practice completely.

July 2024 - StackOverflow
Marketer view

Email marketer from Email Geeks shares experience with a web host using SpamAssassin and notes that DMARC rules are triggered if the email doesn’t pass underlying checks, such as DKIM signing, and the DMARC policy is reject. Mentions KAM_DMARC_REJECT rules, which are custom rules from The McGrail Foundation, and links to McGrail's website for more details.

November 2022 - Email Geeks
Marketer view

Email marketer from Reddit shares that including a plain text version of your email is generally good practice for deliverability. While not always a direct cause for SpamAssassin to mark as spam, it helps ensure compatibility across different email clients and reduces the likelihood of being flagged due to incomplete MIME structure.

November 2023 - Reddit
Marketer view

Email marketer from Email Geeks explains to identify the reason for invisible text being flagged in SpamAssassin, you need to check the rule regex. There are rules looking at body font sizes and colors that trigger this.

November 2023 - Email Geeks
Marketer view

Email marketer from Litmus shares that while a DMARC reject policy itself shouldn't directly cause a high spam score, the absence of proper authentication (SPF, DKIM) combined with a reject policy can lead to increased scrutiny from spam filters like SpamAssassin.

May 2024 - Litmus
Marketer view

Email marketer from Email on Acid indicates while HTML emails are visually appealing, failing to include a plain text version can raise red flags with spam filters. Ensure your emails have both versions to avoid MIME_NO_TEXT or similar rules.

January 2024 - Email on Acid
Marketer view

Email marketer from SendPulse shares that positive scores from rules like DMARC_REJECT and MIME_NO_TEXT contribute to the overall spam score. Focusing on authentication and providing clear, accessible content (avoiding hidden text) helps reduce the likelihood of emails being flagged as spam.

January 2025 - SendPulse
Marketer view

Email marketer from Webmaster Forum mentions that using CSS to hide text (e.g., `display:none` or `visibility:hidden`) can easily trigger the LONG_INVISIBLE_TEXT rule. They advise avoiding such techniques and instead focusing on providing valuable content in a visible and accessible format.

September 2023 - Webmaster Forum
Marketer view

Email marketer from StackExchange explains that sometimes legitimate emails can trigger the DMARC_REJECT rule if there are misconfigurations in DNS records or temporary issues with authentication. It's important to verify the SPF and DKIM records are correctly set up and that the sending server is authorized.

December 2022 - StackExchange

What the experts say
4Expert opinions

SpamAssassin's positive scoring for DMARC reject, and issues like invisible text, arises from identifying patterns indicative of spam or malicious activity. The default DMARC_REJECT score might be minimal, primarily to register the occurrence, but custom rulesets can adjust the weighting. Invisible content, achieved through techniques like small fonts or CSS hiding, is penalized for its deceptive intent. Ultimately, SpamAssassin aims to flag emails exhibiting characteristics commonly found in spam, even if individual rules seem counterintuitive when viewed in isolation.

Key opinions

  • DMARC_REJECT Basic Score: The base DMARC_REJECT score is minimal, acting more as a log entry.
  • Custom Scoring Variations: Custom SpamAssassin rulesets may alter DMARC_REJECT scoring based on specific configurations.
  • Intent-Based Scoring: SpamAssassin identifies characteristics commonly used in spam, and penalizes practices that hide content or mislead recipients.
  • Pattern Identification: The system focuses on identifying patterns and characteristics associated with spam, rather than individual rule violations in isolation.

Key considerations

  • Review Custom Rules: Check custom SpamAssassin rulesets for potentially altered DMARC_REJECT scoring.
  • Avoid Deceptive Practices: Refrain from using techniques to hide or obscure content, as this raises red flags.
  • Consider Overall Spam Score: Understand that individual rule scores are assessed in the context of the overall SpamAssassin score.
Expert view

Expert and Email marketer from Email Geeks discuss DMARC_REJECT rules in SpamAssassin. Steve clarifies DMARC_REJECT is a standard rule in SpamAssassin, whereas Crystal indicates her host uses a custom set potentially overriding the standard rules with a KAM_ prefixed version from McGrail Foundation. Steve suggests the custom rules may have different weighting or simply be included in the custom set, but the behavior sounds identical.

July 2024 - Email Geeks
Expert view

Expert from Spamresource.com explains that SpamAssassin's scoring system is designed to identify characteristics commonly associated with spam. Even if a particular rule seems counterintuitive (like DMARC reject getting a positive score), it's because the rule is intended to identify potential abuse patterns when combined with other indicators.

September 2021 - Spamresource.com
Expert view

Expert from Email Geeks explains that the default DMARC_REJECT score for non-bayesian scoring is 0.001, a score to simply record the event.

March 2024 - Email Geeks
Expert view

Expert from Word to the Wise responds that invisible content triggers spam filters because it attempts to deceive the reader and/or the filter. This includes text in small font, hidden with CSS, or the same color as the background. It's a common spam technique to hide links or keywords.

August 2023 - Word to the Wise

What the documentation says
4Technical articles

SpamAssassin assigns positive scores to emails matching patterns common in spam. DMARC_REJECT triggers when an email with a DMARC 'reject' policy fails authentication, suggesting potential forgery. MIME_NO_TEXT flags missing plain text versions, common in spam to evade filters. LONG_INVISIBLE_TEXT detects hidden text used to manipulate indexing or hide links. While individual rule scores might be low, they contribute to an overall spam score.

Key findings

  • DMARC_REJECT Rationale: DMARC_REJECT indicates a potential forgery attempt when an email fails authentication despite having a 'reject' policy.
  • MIME_NO_TEXT Rationale: MIME_NO_TEXT identifies emails lacking plain text versions, a common tactic among spammers to evade text-based filtering.
  • LONG_INVISIBLE_TEXT Rationale: LONG_INVISIBLE_TEXT identifies hidden text, a tactic used by spammers to manipulate search engine indexing and hide unwanted links.
  • Cumulative Scoring Effect: SpamAssassin's overall spam score is the result of combining many individual rule scores.

Key considerations

  • Authentication Is Critical: Enforce proper email authentication (SPF, DKIM) to prevent triggering the DMARC_REJECT rule.
  • Provide Plain Text Alternatives: Ensure emails have a plain text version for compatibility and to avoid MIME_NO_TEXT flags.
  • Avoid Hiding Text: Refrain from using hidden text via font sizes or CSS to evade LONG_INVISIBLE_TEXT penalties.
Technical article

Documentation from Apache SpamAssassin Wiki explains that the DMARC_REJECT rule is triggered when an email has a DMARC policy of reject but fails authentication checks like DKIM or SPF. A positive score is assigned because the sender is explicitly telling the recipient to reject unauthenticated mail, and the fact that it's being evaluated means it might be a forgery attempt.

November 2022 - Apache SpamAssassin Wiki
Technical article

Documentation from MailChannels explains SpamAssassin assigns scores based on a variety of rules, with higher scores indicating a higher likelihood of being spam. While a single rule like DMARC_REJECT may have a low score, it contributes to the overall score which determines if an email is flagged as spam.

November 2023 - MailChannels
Technical article

Documentation from SpamAssassin Source Code explains that the MIME_NO_TEXT rule checks for multipart MIME emails that lack a plain text part. This can be a sign of spam, as legitimate emails usually include a plain text version for compatibility. A positive score is assigned because spammers often prioritize HTML content and neglect plain text alternatives to evade text-based spam filters.

February 2025 - SpamAssassin Source Code
Technical article

Documentation from SpamAssassin Source Code explains that the LONG_INVISIBLE_TEXT rule detects excessive amounts of text hidden using techniques like small font sizes or colors matching the background. A positive score is assigned because this is a common tactic used by spammers to hide keywords or links from users while still being indexed by search engines.

May 2023 - SpamAssassin Source Code