Email Deliverability 101: Why Your Emails Land in Spam and How to Fix It

Leave a Comment / Digital Marketing

Last quarter, one of our clients came to us frustrated. They were sending 15,000 emails per month through a major email platform. Their open rate had dropped from 28% to 11% over six months. They assumed their content was the problem. It was not. Nearly 40% of their emails were landing in spam folders, and they had no idea.

We fixed their authentication records, cleaned their list, and adjusted their sending patterns. Within three weeks, their inbox placement rate went from roughly 60% to 94%. Open rates climbed back above 25%. Same content, same audience, same platform. The only thing that changed was deliverability.

This is a story we see repeated constantly. Businesses invest hours crafting the perfect email, agonize over subject lines, and obsess over open rates, while completely ignoring the foundational issue: whether their emails actually reach the inbox at all.

Why Deliverability Matters More Than Open Rates

Here is a truth that most marketers overlook: your open rate is meaningless if a large percentage of your emails never reach the inbox.

Consider two scenarios:

  • Scenario A: You send 10,000 emails. 95% reach the inbox (9,500). Your open rate is 22%. That is 2,090 people reading your email.
  • Scenario B: You send 10,000 emails. 60% reach the inbox (6,000). Your open rate is 30%. That is 1,800 people reading your email.

Scenario B has a higher open rate but fewer actual readers. The business in Scenario A, despite a “worse” open rate, is reaching 16% more people. Deliverability is the multiplier that determines whether your email marketing produces results or just produces reports that look acceptable on the surface.

According to recent industry data, approximately 1 in 6 legitimate marketing emails never reaches the inbox. For businesses with poor sending practices, that number can climb to 1 in 3 or worse. If you are spending money on email marketing, fixing deliverability is the highest-ROI improvement you can make.

The Three Authentication Protocols Every Business Needs

Email authentication is the single most important factor in deliverability, and it is the one most small and mid-size businesses get wrong. There are three protocols you need, and all three work together. Think of them as a three-part ID check that proves to receiving mail servers that your emails are legitimate.

SPF (Sender Policy Framework)

SPF is a DNS record that lists every server authorized to send email on behalf of your domain. When Gmail or Outlook receives an email claiming to be from your domain, it checks your SPF record to see if the sending server is on the approved list. If it is not, the email gets flagged.

How it works in plain language: You publish a text record in your domain’s DNS settings that says, “These specific mail servers are allowed to send email as @yourdomain.com. Reject or flag anything from other servers.”

A basic SPF record looks like this: v=spf1 include:_spf.google.com include:amazonses.com ~all. That record authorizes Google Workspace and Amazon SES to send on your behalf and tells receiving servers to soft-fail anything else.

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to every email you send. The receiving server uses a public key published in your DNS records to verify that the email was not altered in transit and that it genuinely came from your domain.

How it works in plain language: Your email platform stamps each outgoing email with a unique digital signature. The receiving server checks that signature against a key published in your DNS. If the signature matches, the email is verified as authentic and unmodified.

Most email service providers (Mailchimp, Klaviyo, HubSpot, etc.) generate DKIM keys for you. Your job is to add the provided DNS records to your domain. This typically involves creating one or two CNAME records.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

DMARC ties SPF and DKIM together and tells receiving servers what to do when authentication fails. It also gives you reporting so you can see who is sending email using your domain, including unauthorized senders.

How it works in plain language: DMARC is a policy you publish that says, “If an email claims to be from my domain but fails SPF and DKIM checks, here is what you should do with it: nothing (monitor only), quarantine it (send to spam), or reject it outright.”

A starting DMARC record looks like this: v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com. The p=none policy means you are in monitoring mode. Once you have confirmed that all your legitimate email sources are properly authenticated, you should move to p=quarantine and eventually p=reject.

Important note: As of February 2024, Google and Yahoo require SPF, DKIM, and DMARC for any sender sending more than 5,000 emails per day. But even if you send far fewer, having all three dramatically improves your inbox placement rate. We consider these non-negotiable for any business doing email marketing.

How Spam Filters Actually Work

Modern spam filters are not just looking for the word “free” in your subject line. They are sophisticated systems that evaluate multiple signals simultaneously. Understanding these signals helps you avoid triggering them.

Sender Reputation

Every sending IP address and domain builds a reputation over time, similar to a credit score. Internet Service Providers (ISPs) track metrics like bounce rates, spam complaint rates, and engagement levels. A strong reputation means your emails are more likely to reach the inbox. A poor reputation means they are more likely to be filtered.

Your sender reputation is tied to both your IP address and your domain. This is why switching email platforms does not automatically fix deliverability problems. Your domain reputation follows you.

Content Analysis

Spam filters analyze the content of your emails for patterns commonly associated with spam. This includes excessive use of capital letters, too many exclamation points, specific trigger phrases, image-to-text ratios, and the quality of your HTML code. Modern filters use machine learning, so they are much more nuanced than the keyword-based filters of a decade ago.

Engagement Signals

Gmail, Outlook, and Yahoo all track how recipients interact with your emails. High open rates, clicks, replies, and forwards signal that your emails are wanted. Low engagement, frequent deletions without opening, and spam complaints signal the opposite. Over time, poor engagement trains these systems to filter your emails more aggressively.

Authentication Results

As discussed above, SPF, DKIM, and DMARC results are checked for every incoming email. Passing all three is now essentially table stakes for inbox placement.

The Most Common Reasons Emails Go to Spam

Based on the hundreds of email audits we have conducted for clients, here are the issues we encounter most frequently, ranked roughly by how often we see them.

1. Missing or Broken Authentication

This is the number-one issue. Either SPF, DKIM, or DMARC is not set up at all, or the records are misconfigured. A common mistake is having an SPF record that does not include all of your sending sources. If you send email through Google Workspace, Mailchimp, and a transactional email service like SendGrid, all three must be included in your SPF record.

2. Sending to Purchased or Scraped Lists

Purchased email lists are deliverability poison. These lists contain high rates of invalid addresses, spam traps (addresses specifically created to catch spammers), and people who have never consented to receive your emails. Even a single send to a purchased list can damage your sender reputation for months.

3. Poor List Hygiene

If you have not cleaned your list in years, it is full of dead addresses. Every bounce hurts your sender reputation. Industry best practice is to remove hard bounces immediately and remove subscribers who have not engaged in 6 to 12 months. We recommend running your list through a verification service like ZeroBounce or NeverBounce at least twice per year.

4. Spammy Content Patterns

Certain content patterns still trigger spam filters. Excessive use of words like “FREE,” “GUARANTEED,” “ACT NOW,” or “LIMITED TIME” in subject lines can be problematic. So can emails that are entirely images with no text, emails with broken HTML, and emails with misleading subject lines that do not match the body content.

5. Inconsistent Sending Volume

If you send 500 emails per month for six months and then suddenly blast 15,000, spam filters notice. Dramatic spikes in sending volume look like the behavior of a compromised account or a spammer. Consistent, predictable sending patterns build trust with ISPs.

6. Bad HTML Code

Emails built with sloppy HTML, excessive inline CSS, broken tags, or code copied from Microsoft Word are more likely to be flagged. Spam filters can detect the difference between properly structured email HTML and the messy output that spammers typically produce. Always use your email platform’s built-in editor or tested, clean templates.

Step-by-Step Fixes for Better Deliverability

Here is the exact process we follow when a client comes to us with deliverability problems. You can work through these steps yourself.

Step 1: Set Up Authentication (Day 1)

  1. Check your current status. Use a tool like MXToolbox (mxtoolbox.com) to check your domain’s existing SPF, DKIM, and DMARC records. You can also send a test email to mail-tester.com for a quick overall score.
  2. Configure SPF. Log into your domain registrar’s DNS settings. Create or update a TXT record for your domain that includes all of your email sending services. Remember, you can only have one SPF record per domain.
  3. Configure DKIM. Go to each email service you use (your ESP, your transactional email provider, Google Workspace, etc.) and find their DKIM setup instructions. They will give you DNS records to add. Add them.
  4. Configure DMARC. Start with a monitoring policy: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com. After 2 to 4 weeks of monitoring, review the reports and move to p=quarantine.

Step 2: Clean Your List (Day 2 to 3)

  1. Remove all hard bounces. Export your bounce list and remove every hard-bounced address permanently.
  2. Run a verification pass. Upload your full list to a verification service. Remove any addresses flagged as invalid, disposable, or role-based (like info@ or admin@).
  3. Segment inactive subscribers. Identify everyone who has not opened or clicked an email in the past 6 months. Move them to a re-engagement segment. Send a re-engagement campaign. Anyone who still does not engage after 2 to 3 attempts should be removed.
  4. Implement double opt-in. For all new subscribers going forward, require email confirmation before adding them to your active list. This adds a small amount of friction but dramatically improves list quality.

Step 3: Warm Up Your Sending (Week 1 to 4)

If your deliverability has been poor or you are sending from a new domain or IP, you need to warm up gradually. Do not go from zero to full volume immediately.

  1. Week 1: Send only to your most engaged subscribers (those who opened or clicked in the last 30 days). Keep volume under 1,000 per day.
  2. Week 2: Expand to subscribers who engaged in the last 60 days. Increase volume by 30 to 50%.
  3. Week 3: Expand to 90-day engaged subscribers. Increase volume again.
  4. Week 4: Resume normal sending to your full active list.

The goal is to generate strong engagement signals (opens, clicks, replies) early in the warmup period, which builds your reputation with ISPs before you increase volume.

Step 4: Follow Content Best Practices (Ongoing)

  • Keep your text-to-image ratio balanced. Aim for at least 60% text and no more than 40% images by area.
  • Write subject lines that are honest and specific. “Your March newsletter” is fine. “You WON’T BELIEVE this INCREDIBLE offer!!!” is not.
  • Include a clear, visible unsubscribe link. Making it hard to unsubscribe does not retain subscribers. It just makes them hit the spam button instead, which is far worse for your reputation.
  • Use a consistent “From” name and address. Changing your sender name or address frequently confuses both subscribers and spam filters.
  • Personalize where possible. Emails that include the recipient’s name and are relevant to their interests generate higher engagement, which improves your reputation over time.
  • Always send a plain-text version alongside your HTML version. Most ESPs do this automatically, but verify that yours does.

How to Monitor Your Deliverability

Fixing deliverability is not a one-time project. It requires ongoing monitoring. Here are the key metrics and tools to track.

Key Metrics to Watch

  • Bounce rate: Keep it under 2%. Anything above 5% is a serious problem. Hard bounces should be near zero if you are cleaning your list properly.
  • Spam complaint rate: Google requires this to be under 0.3%. We recommend keeping it under 0.1%. One complaint per 1,000 emails is the threshold where you should investigate.
  • Inbox placement rate: This is the percentage of sent emails that land in the primary inbox rather than spam or promotions. You need a dedicated tool to measure this accurately.
  • Unsubscribe rate: A healthy range is 0.1% to 0.5% per campaign. If it spikes above 1%, your content is missing the mark or you are emailing too frequently.

Tools for Monitoring

Google Postmaster Tools is free and essential. It shows you your domain’s reputation with Gmail, spam rate, authentication success rates, and delivery errors. If Gmail is a significant portion of your audience (and it almost certainly is), this tool is mandatory.

Inbox placement testing tools like GlockApps, Litmus, or EmailOnAcid let you send test emails to seed addresses across major ISPs and see exactly where your emails land: inbox, spam, promotions, or missing entirely. We run these tests for clients before every major campaign.

Your ESP’s built-in analytics provide bounce rates, complaint rates, and engagement metrics. Review these after every send, not just monthly. Look for trends, not just individual data points.

DMARC reporting tools like DMARCian or Postmark’s free DMARC monitoring parse the XML reports that ISPs send to your DMARC reporting address and present them in a readable dashboard. These show you every source sending email as your domain, including unauthorized ones.

When to Switch Email Service Providers

Sometimes the problem is not your list, your content, or your authentication. Sometimes it is your ESP.

Shared IP addresses are a common issue with lower-tier plans on many email platforms. If you are on a shared IP with other senders who have poor practices, their bad reputation drags yours down. This is like being in an apartment building where one tenant keeps setting off the fire alarm. Eventually, the fire department stops responding urgently to calls from that address.

Consider switching your ESP when:

  • Your authentication is perfect, your list is clean, your content follows best practices, and you still have poor deliverability.
  • Your ESP cannot provide a dedicated IP address (or charges an unreasonable premium for one).
  • Their support team cannot help you diagnose deliverability issues.
  • They do not offer detailed deliverability reporting or inbox placement testing.
  • You have outgrown their infrastructure. Some ESPs that work well for 5,000 subscribers struggle at 50,000 or above.

When you do switch, bring your clean list and your authentication records. Set up SPF, DKIM, and DMARC for the new platform before sending a single email. And always warm up on the new platform, even if your list is well-established.

The Deliverability Checklist

Here is a summary you can reference anytime. If you can check every box on this list, your deliverability will be strong.

  • SPF record configured and includes all sending sources
  • DKIM enabled for every email platform you use
  • DMARC published with at least a quarantine policy
  • No purchased or scraped email addresses on your list
  • Hard bounces removed after every send
  • Inactive subscribers removed or re-engaged every 6 months
  • Double opt-in enabled for new subscribers
  • Consistent sending volume and schedule
  • Spam complaint rate under 0.1%
  • Bounce rate under 2%
  • Clean, tested HTML templates
  • Clear unsubscribe link in every email
  • Google Postmaster Tools connected and reviewed regularly

Email deliverability is not glamorous work, but it is foundational. Every improvement to your inbox placement rate directly multiplies the effectiveness of every email you send. We have seen clients double their effective reach without adding a single new subscriber, simply by ensuring their emails actually land where they are supposed to.

If you need help auditing your current email program, setting up authentication, or developing a deliverability improvement plan, our email marketing team can walk you through the entire process.

Frequently Asked Questions

How long does it take to fix email deliverability?

Authentication setup can be completed in a day. List cleaning takes another day or two depending on list size. But rebuilding a damaged sender reputation typically takes 4 to 8 weeks of consistent, high-engagement sending. ISPs do not update reputation scores instantly. They look for sustained patterns of good behavior. The warmup process we outlined above is designed to rebuild trust as quickly as possible while being realistic about the timeline.

Can I fix deliverability without technical knowledge?

The content and list hygiene portions are completely non-technical. For the authentication setup (SPF, DKIM, DMARC), you will need access to your domain’s DNS settings and the ability to add TXT and CNAME records. Most domain registrars have straightforward interfaces for this. If your ESP provides step-by-step instructions (and most good ones do), you can follow along even without a technical background. If you get stuck, your ESP’s support team or a digital marketing agency that handles email marketing can assist.

Is it worth paying for a dedicated IP address?

It depends on your sending volume. If you send fewer than 25,000 emails per month, a dedicated IP is usually not necessary and can actually hurt you. A dedicated IP requires enough volume to build and maintain a reputation. With low volume, your IP has no established reputation, which can be worse than sharing a well-maintained IP. If you send 50,000 or more emails per month, a dedicated IP gives you full control over your sender reputation and is generally recommended.

Why did my deliverability suddenly drop?

Sudden deliverability drops usually have a specific cause. The most common triggers are: a large batch of new subscribers that included invalid addresses or spam traps, a spike in spam complaints from a poorly targeted campaign, an expired or broken DKIM key, changes to your ESP’s sending infrastructure, or a blacklisting event. Check Google Postmaster Tools for reputation changes, review your recent bounce and complaint rates, and verify that your authentication records are still correctly configured. If you recently changed anything about your sending setup, that is almost certainly the culprit.

Do Gmail’s Promotions tab and spam folder mean the same thing?

No, and this is an important distinction. The Promotions tab is not spam. Emails in Promotions are delivered and accessible. Many Gmail users regularly check their Promotions tab, and studies show that engagement rates from Promotions are lower than Primary but still meaningful. Spam, on the other hand, means your email was actively filtered out as unwanted. Most users never check their spam folder. If your emails are landing in Promotions, that is a content and engagement optimization issue. If they are landing in Spam, that is a deliverability problem requiring the fixes we discussed in this article.

Related Resources

Related Posts

Explore Our Services

Resources & Tools

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *