Help ensure your emails
hit the inbox
Stop guessing why your messages end up in spam. Follow this 26-point checklist to achieve technical compliance, enhanced sender reputation, and delivery success.
Deliverability is the ability to ensure that a very high percentage of the emails you send are not only accepted by receiving servers but also placed directly into the inbox rather than rejected or filtered into spam. Achieving strong deliverability is essential for maximizing the impact of your email program.
Unfortunately, many senders struggle because their emails are either blocked outright or relegated to junk folders. This often happens when they overlook technical requirements, neglect sender reputation, or adopt mailing practices that trigger filtering systems.
To succeed, you must consistently meet both technical standards and reputation benchmarks. That means implementing proper authentication protocols, maintaining a trustworthy sending history, and aligning your practices with recipient expectations.
Here are the key areas to consider so you can meet current sender authentication requirements, protect your reputation, and achieve consistently high delivery rates:
Purchased Lists
The use of purchased mailing lists presents significant compliance and reputational risks. Addresses included may not reflect valid opt-in consent, and in some cases may have been harvested from websites in contravention of data protection principles.
Sending to such lists can undermine domain and IP reputation, elevate spam complaint and bounce rates, and result in blocking or blacklisting by mailbox providers. Organizations are strongly advised to rely solely on organically acquired, permission-based subscription lists to ensure compliance and preserve deliverability.
Adding Recipients
You should only email individuals who have explicitly opted in and expect to hear from you. Always use a confirmed (double) opt-in process:
Send a single confirmation email and require the recipient to click a link in that message to verify their subscription.
This extra step ensures the address is valid, prevents accidental or fraudulent sign-ups, and helps you maintain a high-quality, engaged list — reducing complaints and improving deliverability.
List Quality
Emailing recipients after extended periods of inactivity should be approached with caution. Best practice dictates consistent engagement, as subscribers who have not been contacted within 6–12 months may fail to recall their original consent, thereby increasing the risk of complaints.
Organizations are advised to maintain comprehensive subscription records, including date and method of opt-in, and to implement segmentation strategies that separate inactive recipients. Re-engagement initiatives should be used to validate continued interest, and unresponsive addresses should ultimately be removed to preserve deliverability and compliance.
Use Own Domain
You should always send email from your own domain rather than a free address, as it looks more professional, builds trust, and gives you full control over authentication and reputation.
Free domains like Gmail or Yahoo may strictly enforce DMARC policies that block third-party servers from sending on their behalf, meaning messages you send using @gmail.com from your own web host are often rejected or marked as spam.
Using an address @your-domain-name.com lets you configure SPF, DKIM, and DMARC records correctly, build a positive sending reputation, and present a consistent, professional identity. It also ensures long-term deliverability, as your domain’s reputation and branding remain fully under your control instead of relying on the policies of a free provider.
One Email Per Recipient
When sending to a mailing list, each recipient should receive their own individual email. Do not send single messages with a large number of recipients on the 'To:', 'Cc:', or 'Bcc:' lines.
Privacy & Compliance — Using 'To:' or 'Cc:' exposes recipient email addresses to everyone else on the list, which is a major privacy breach and a violation of data protection laws like GDPR.
Spam Filters — Mailbox providers (like Gmail, Outlook, AOL, Yahoo, etc.) are highly suspicious of single messages addressed to large numbers of recipients at once. This behavior is a hallmark of low-quality bulk mail and often leads to immediate rejection or placement in the spam folder.
Personalization — Professional delivery requires sending individual messages so you can personalize content (e.g., "Hi Name") and accurately track engagement or manage unsubscribes for each specific user.
Avoid 'No Reply' Addresses
Using a no-reply@ sender address can reduce email success and harm your reputation.
Weaker Deliverability — Positive engagement helps maintain sender reputation. A no-reply address prevents this interaction and may block useful feedback such as bounces or security filter responses.
Failed Sender Verification — Some email systems / security gateways may attempt SMTP recipient or sender-domain verification during filtering. If your sender address cannot accept mail, these checks or automated responses can fail, reducing trust signals and making blocking or spam placement more likely.
More SPAM Complaints — When recipients can’t reply to resolve an issue or request removal, many hit 'Mark as SPAM' instead, directly damaging domain reputation.
Less Trust & Insight — No-reply addresses feel impersonal and discourage communication, cutting off support requests and delivery problem reports.
Best practice is to use a real, monitored address such as support@, hello@, or notifications@ that accepts replies. If the email is automated, explain that in the email body, and reassure users the inbox is monitored.
Bounces
When an email generates a failure notice (bounce), it’s important to determine whether the cause is hard (permanent) or soft (temporary).
Hard bounces (for example, non-existent addresses) indicate permanent delivery failures. These addresses should be removed from your mailing list immediately. Hard bounces should typically account for no more than 0.5–1% of your total send volume.
Soft bounces (such as full mailboxes, temporary server issues) are usually transient and may resolve without intervention. However, if an address continues to generate soft bounces across multiple campaigns, it should be flagged for review and eventually suppressed. Soft bounces should generally remain below 2–3% of your send volume.
Continuing to send mail to invalid or unresponsive addresses increases costs, degrades list quality, and can negatively impact sender reputation. Mailbox providers monitor delivery attempts to problematic addresses, and sustained issues may result in throttling, filtering, or outright blocking. As a best practice, aim to keep your overall bounce rate (hard + soft) below 2%, with 0–1% being ideal for maintaining a strong sending reputation.
SPAM Complaints
If a spam complaint is received, you should immediately cease sending any further messages to the affected recipient. Investigate the cause of the complaint and, if it appears to be a misunderstanding, you may reach out through another verified communication channel (such as phone or direct account contact) to clarify and confirm their preferences.
Always treat complaints seriously — continuing to send after one can escalate complaint rates, harm sender reputation, and result in blocking or blacklisting by ISPs and mailbox providers. Regularly monitor your feedback loops and unsubscribe data to identify potential issues early.
Aim to maintain a complaint rate below 0.1% (no more than one complaint per 1,000 emails sent). Consistently staying under this threshold helps preserve deliverability and ensures compliance with industry standards.
ESP
The use of a dedicated Email Service Provider (ESP) is strongly recommended in preference to transmitting directly from a local internet-connected server. ESPs typically ensure compliance with DNS, IP reputation, and authentication standards, while providing bounce handling, reputation monitoring, and delivery analytics. Such features reduce administrative burden and enhance overall deliverability.
Visit AuthSMTP — for organizations seeking a compliant, authenticated SMTP solution with strong delivery performance.
rDNS / PTR / HELO
The DNS configuration and HELO / EHLO banner of the sending IP address must be valid and accurate. Invalid or mismatched hostnames may result in message rejection or increased filtering. In addition, ensure that reverse DNS (PTR) records are in place and that SPF, DKIM, and DMARC records are correctly published. These measures are essential for authentication and for maintaining strong deliverability.
SSL / TLS
Sending servers are required to support current TLS protocols. Non-compliance may result in rejection or negative scoring by recipient systems. Proper TLS configuration not only safeguards message integrity and confidentiality but also contributes to maintaining a positive sending reputation and ensuring reliable delivery.
SPF
Sender Policy Framework (SPF) defines the authorized IP addresses, hosts, and services permitted to send email for a given domain. Each sending domain must have an accurate SPF record published in DNS.
A properly configured SPF record is critical for authentication, mitigating spoofing, and maintaining strong delivery reputation.
DKIM
DomainKeys Identified Mail (DKIM) provides cryptographic authentication by attaching a digital signature to each outbound message, verifying that it is authorized for the sending domain.
A properly implemented DKIM record is essential to protect against spoofing, ensure message integrity, and support compliance with modern email authentication standards.
DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) is a DNS policy record that leverages SPF and DKIM authentication results. It enables domain owners to define how unauthenticated messages should be treated and provides detailed reporting to enhance visibility, strengthen protection against spoofing, and improve the overall security of legitimate email traffic.
Dedicated IP
Sending your emails from a dedicated, static IP address is generally recommended once you reach volumes of 50,000 messages per month or more. A dedicated IP lets you build and maintain your own sending reputation, without being affected by other senders who share an IP.
Feedback Data
Enrolment in reputation monitoring services, including Microsoft Smart Network Data Services (SNDS) and Google Postmaster Tools, is recommended to track domain and IP performance. These services provide reporting on reputation, delivery, and authentication issues.
Certain ESPs may supply SNDS data directly; however, a minimum send volume — typically 100 or more messages per day to Microsoft recipients — is required before reports are produced.
Send Consistently
Mailbox providers generally favor consistent traffic patterns over irregular, high-volume bursts. Concentrating transmission activity into one or two days per month may trigger anomaly detection systems, which can interpret such spikes as indicators of compromise or unsolicited activity.
To mitigate this risk, organizations should implement scheduling practices that distribute outbound traffic more evenly, gradually ramping up sending volume when initiating new campaigns or IP/domain usage. This phased approach allows reputation systems to adjust and recognize the traffic as legitimate. Once an appropriate baseline has been established, maintaining consistent sending patterns is key to promoting reputation stability and improving the likelihood of sustained inbox placement.
Avoid Domain-Based Sorting
With mailing lists, avoid sorting or batching recipients by email domain (for example, grouping all @gmail.com or @yahoo.com addresses together). Sending large numbers of messages to the same mailbox provider in rapid succession can create short-term volume spikes, even if overall sending volume remains moderate.
Many mailbox providers monitor not only total traffic, but also per-domain and per-minute sending patterns. Concentrated delivery to a single provider may resemble automated or abusive activity and can lead to temporary throttling, deferred messages, or reputation impact.
To maintain smoother traffic profiles, mailing lists should be randomized or evenly interleaved across domains. This helps distribute delivery more naturally over time, reducing provider-specific spikes and supporting more stable inbox placement.
Engagement
Encourage genuine engagement from your recipients. Modern email systems often track whether recipients open, read, or click within messages. If your emails are consistently ignored, deleted quickly, or marked as spam, they may be treated as unwanted in the future.
To improve engagement, send relevant, useful, and clearly written content. Avoid sending too frequently, and encourage replies and interaction.
Monitor
Sign up for accounts with major providers like Microsoft and Google so you can test whether your emails are reaching the inbox rather than the spam folder. Regularly sending test messages to these accounts allows you to monitor subject lines, content, authentication results, and formatting from the perspective of a real recipient.
Keeping a few test accounts at different providers also helps you quickly diagnose deliverability issues if they arise, since some problems may affect only specific providers. It's good practice to check both desktop and mobile apps, as rendering and filtering can vary. In addition, you can use these accounts to subscribe to your own mailing lists and verify that the opt-in, confirmation, and unsubscribe processes work as expected.
Content
Avoid using spammy content in your subject lines, such as excessive punctuation (!!!) or writing in ALL CAPS, as these can trigger filters or discourage recipients from opening your email.
Make sure your emails include meaningful text content—do not send messages that consist of a single image, as spam filters cannot interpret the content and recipients may miss important information.
It's also a good idea to maintain a healthy balance of text and images, use clear and professional language, and avoid overly aggressive marketing phrases (e.g. "Buy Now!" or "Act Immediately!"). Ensuring your content is relevant, authentic, and well-formatted improves deliverability and builds trust with your audience.
Personalize
Rather than sending the exact same email to every recipient, personalize the content where possible. Even small changes, such as addressing the recipient by name, referencing their past interactions, or tailoring offers to their interests, can improve engagement.
Showing content that is more relevant to each recipient not only increases open and click-through rates but also reduces the risk of spam filters flagging identical bulk messages.
Where possible, use segmentation to group recipients by behavior, preferences, or demographics, and send them content that fits their profile. This makes your messages feel more valuable and trustworthy to both recipients and filtering systems.
Include Address / Contact Information
Many email regulations require clear sender identification, often including a valid physical mailing address.
CAN-SPAM Act (USA): Mandates inclusion of a valid physical postal address in every commercial email.
CASL (Canada): Requires a physical address plus additional contact information (such as a phone number, email or web address) that remains valid for at least 60 days after sending.
GDPR and ePrivacy Directive (EU / UK): While they don't explicitly require a physical address, they obligate senders to clearly identify themselves and provide contact details sufficient for recipients to exercise their rights (such as withdrawal of consent or data access requests).
Best practice is to always display a registered physical address (street, city, postal code, country). Provide direct contact options (reply-to email, phone number, or support URL).
Place this information in the footer of every message in a readable, accessible format. This transparency signals legitimacy to mailbox providers and recipients alike, reduces spam complaints, and ensures compliance across multiple jurisdictions.
Unsubscribe
Always include a clear and easy-to-use unsubscribe option in the body of your emails. The process should require no more than a single click, without forcing the recipient to log in or provide extra details. Making it simple to opt out not only builds trust but also reduces the chance of recipients marking your messages as spam.
In addition, add a List-Unsubscribe header to your emails. This enables mail clients to display a built-in unsubscribe link, which many recipients find more convenient.
Ensuring both methods are available helps maintain compliance with regulations (like CAN-SPAM, GDPR, and similar laws) and demonstrates respect for subscriber choice.
It's also best practice to process unsubscribe requests immediately — or at least within the legally required timeframe — and to provide confirmation that the request was successful. You should never attempt to hide or discourage the unsubscribe process, as doing so damages trust and increases the risk of complaints or blacklisting.
Safe Sender
To help recipients recognize your messages, always send from the same domain they originally signed up with. Consistency builds trust and reduces the chance of your emails being mistaken for phishing or unwanted mail. Avoid frequently changing sender address / domains, as this can confuse subscribers and harm deliverability.
Encourage your recipients to add your sending address to their address book or “safe sender” list. This increases the likelihood of your messages reaching the inbox instead of being filtered. You can also remind them during signup or in welcome emails, and provide simple instructions for the most common email providers.
Out of Control
It is important to recognize that recipients and their Internet Service Providers (ISPs) may implement proprietary filtering criteria. Certain systems may classify any message not explicitly whitelisted by the recipient as unsolicited, irrespective of the sender’s technical compliance. Consequently, even fully authenticated and properly configured email streams may experience filtering anomalies.
Adherence to best practice — including robust authentication, consistent list management, and responsible sending behavior — remains the most effective strategy to mitigate such risks. While deliverability cannot be absolutely guaranteed, compliance with these standards will reduce the likelihood of delivery failures.