Church Emails Flagged as Spam in Gmail

How to Fix the Problem

What happened: On June 11, 2019, the web server that our church website and email is hosted on was victim of an attack that used a previously unknown vulnerability in the Exim mail server program, and was exploited for a DDoS attack. This has happened to literally thousands of servers on June 10 and 11; 80% of the servers in the US were using this specific version of Exim. The exploit, which was previously unknown, allowed malware to run on an otherwise secure server. Major systems such as Ancestry.com and WordPress.com were also affected.  For a brief period (about 15 minutes) this server was spewing spam emails that were part of a Distributed Denial of Service (DDoS) attack.  The problem was immediately noted and the server shut down.  We migrated all files to a new server with patched Exim and higher security settings.  Unfortunately, that brief period caused Gmail and some other systems to flag our IP number as a possible source of spam.  Since then, many Gmail customers have reported that emails from the church are flagged as spam.  Intervention by the end user is required to have the emails recognized as legitimate.

Solving the Problem

Report Not Spam:

  1. Log in to your Gmail account, and on the left side of the screen scroll down until you see the "MORE" selection.  Click on this, and you will be able to see the SPAM bin.
  2. Scroll down until you see SPAM.  Open the SPAM bin.
  3. Find an email from the church (office@trinitymoravian,org, pastor@trinitymoravian.org, or john@johnjackman.com - Pastor John's home office).
  4. Click on REPORT NOT SPAM

Add Email Addresses to CONTACTS

  1. In the upper right hand corner of the Gmail screen, select the G-APPS icon (a square of nine dots).
  2. Select CONTACTS
  3. Add the following email addresses to your CONTACTS:
    - office@trinitymoravian.org
    - pastor@trinitymoravian.org
    - john@johnjackman.com (Pastor John's home office

Please note that BOTH actions (Flag As Not Spam) and adding email addresses to your CONTACTS are required to reliably whitelist our emails as legitimate.  Doing one or the other works a certain percentage of the time, but in our tests BOTH actions were required in most cases.