Your email service provider says you have a 98% delivery rate. But your click rates are declining, replies are drying up, and you suspect something is off.
Here's the gap most senders miss: delivery and deliverability are not the same thing. Delivery means the receiving server accepted your message. Deliverability means it actually reached the inbox, not the spam folder, not the promotions tab, not a black hole where it quietly disappears.
The difference matters more than you'd think. According to Validity's 2023 Email Deliverability Benchmark Report, roughly one in six legitimate marketing emails never reach the inbox. Send a newsletter to 1,000 subscribers, and around 160 of them may never see it.
The financial stakes are real too. According to the State of Email 2025 report, for every $1 marketers spend on email, 35% earn $10-36 in return, 30% earn $36-50, and 5% earn over $50.
For best results, those emails need to reach the inbox. But research shows that 10.5% of permission-based emails land in spam, while another 6.4% vanish entirely.
Below, we'll walk through what keeps your emails in the inbox: authentication, provider requirements, sender reputation, domain warm-up, list hygiene, content, and monitoring.
Email authentication
If you only do one thing for deliverability, make it this. Without authentication, mailbox providers have no way to verify your emails are legitimate, and they'll treat them accordingly.
Three protocols work together to prove your identity. Think of them as answering three different questions:
SPF (Sender Policy Framework) answers where did this come from? You publish a DNS record listing the servers authorized to send email on your behalf. When a receiving server gets your message, it checks that list. If the sending server isn't on it, the email fails SPF.
DKIM (DomainKeys Identified Mail) answers has this been tampered with? It adds a cryptographic signature to your outgoing messages. The receiving server uses a public key in your DNS records to verify the message arrived intact.
DMARC (Domain-based Message Authentication, Reporting & Conformance) answers is this really who they say they are? DMARC ties SPF and DKIM together by requiring that the domain in your "From" header aligns with the domain used in SPF or DKIM checks. It also lets you set a policy (monitor, quarantine, or reject) and receive reports on authentication failures.
SPF checks where, DKIM checks what, DMARC checks who. You need all three.
How much does this matter? After Google began requiring email authentication, unauthenticated messages reaching Gmail users dropped by 75%. Yet only 33.4% of the top 1 million websites have valid DMARC records. If you set up authentication properly, you're already ahead of most senders.
Setting up DMARC
You set up DMARC by adding a TXT record to your DNS at _dmarc.yourdomain.com. The record specifies your policy level and where to send reports.
DMARC has three policy levels. Progress through them gradually:
- p=none - Monitor mode. Emails are delivered normally, but you receive reports on authentication failures. Start here.
- p=quarantine - Failed emails go to the spam folder.
- p=reject - Failed emails are blocked entirely.
Begin with p=none and analyze your DMARC reports for a few weeks. This lets you catch legitimate email sources that aren't properly authenticated (like a third-party tool sending on your behalf) before you start enforcing. Once your reports are clean, move to p=quarantine, then eventually p=reject.
Sendfully handles SPF, DKIM, and DMARC configuration during domain setup, guiding you through the DNS records you need to add so your emails are authenticated from your first send.
What Gmail, Yahoo, and Microsoft require
The three largest mailbox providers now enforce authentication for bulk senders, and non-compliant emails are rejected before they reach a mailbox.
Gmail
Google's email sender guidelines classify anyone sending 5,000 or more messages per day to Gmail accounts as a bulk sender. That classification is permanent, so once you hit the threshold, you can't go back by reducing volume.
Bulk senders must:
- Authenticate with SPF, DKIM, and DMARC (at minimum
p=none) - Keep spam complaint rates below 0.10%, and never exceed 0.30%
- Support one-click unsubscribe for marketing emails (via
List-UnsubscribeandList-Unsubscribe-Postheaders) - Use TLS for sending
Enforcement has been fully active since November 2025. Non-compliant mail is rejected with permanent 5xx error codes, meaning it bounces before it ever reaches a mailbox.
Yahoo
Yahoo's sender requirements mirror Gmail's: SPF, DKIM, and DMARC with at least p=none. Spam complaint rates must stay below 0.30%. One-click unsubscribe is required for marketing messages. Yahoo hasn't published a specific volume threshold but applies these rules to anyone sending at "significant volume."
Microsoft Outlook
Microsoft has the same requirements for domains sending over 5,000 emails per day to Outlook.com, Hotmail.com, or Live.com. SPF, DKIM, and DMARC must be in place, and non-compliant messages are rejected.
The common thread
All three providers require the same core setup: SPF + DKIM + DMARC, one-click unsubscribe for marketing emails, and spam complaint rates below 0.30%. If you're sending newsletters, these are the baseline requirements.
Sendfully meets all three providers' requirements out of the box, including authentication, one-click unsubscribe headers, and complaint rate monitoring.
Sender reputation
Even with authentication in place, mailbox providers use your sender reputation to decide whether your emails land in the inbox or the spam folder. Your reputation carries more weight than your subject line, your email content, or your sending volume.
It has two components:
IP reputation is tied to the sending server's IP address. On shared infrastructure, other senders on the same IP can affect your reputation. Dedicated IPs give you full control but require enough volume to maintain.
Domain reputation is tied to your domain name. Unlike IP reputation, domain reputation follows you even if you switch email providers. It's harder to reset and takes longer to build. This is the one that matters most.
Sendfully uses a shared IP pool but actively manages the reputation of all senders on the platform, so the shared infrastructure works in your favor rather than against you.
What affects your reputation
Mailbox providers watch seven key signals:
- Spam complaints - The single most important signal. When a recipient clicks "Report Spam," that's a direct negative signal to the provider. Gmail requires senders keep complaint rates below 0.10%, and exceeding 0.30% can result in your emails being blocked.
- Bounce rates - High hard bounce rates suggest poor list quality. Keep bounce rates below 2-3%.
- Engagement - Opens, clicks, replies, and forwards all signal that your emails are wanted. If recipients consistently ignore or delete your emails without opening them, providers take note.
- Sending patterns - Sudden spikes in volume are a red flag. Mailbox providers trust senders who increase volume gradually and send on a consistent schedule.
- Spam trap hits - Spam traps are email addresses that don't belong to real people. Some are old addresses that were abandoned and later repurposed by mailbox providers to catch senders with stale lists. Others are placed on websites to identify scrapers and list buyers.
- Blocklist presence - Landing on a major blocklist means a portion of the internet's email infrastructure will block or filter your messages. You can monitor your status with tools like MXToolbox.
- Unsubscribe rates - Consistently high rates suggest your content isn't matching what subscribers signed up for.
How to check your reputation
Check your reputation every few months, or weekly if you're troubleshooting a deliverability dip. Our guide to checking your domain reputation walks through several free tools and how to interpret their results.
Domain warm-up
If you're just getting started with a small list (a few hundred contacts or fewer), you can skip ahead to list hygiene. At that volume, warm-up isn't a concern. Focus on authentication and good list practices, and you'll build reputation naturally as your audience grows.
For senders migrating an established list to a new domain or email service provider, warm-up matters. Mailbox providers have no sending history for a new domain, and unknown senders don't get the benefit of the doubt, even on shared infrastructure with a solid IP reputation.
A practical warm-up schedule
The goal is simple: start small, send to your best subscribers, and ramp up gradually.
Week 1: Send 100-200 emails per day to your most engaged subscribers, people who have opened or clicked in the last 15-30 days. These recipients are the most likely to engage, which builds positive reputation signals from day one.
Weeks 2-4: Increase daily volume by 15-20% each week. Continue prioritizing engaged subscribers, then gradually expand to your broader list.
Weeks 5-8: By now, you should have enough sending history to reach your normal volume. Continue monitoring your metrics during this stretch.
If bounces or spam complaints spike at any point, slow down and investigate before increasing volume again.
Separate your sending streams
Don't send marketing newsletters and transactional emails (password resets, account confirmations) from the same domain. If your marketing reputation takes a hit, you don't want that affecting delivery of your transactional messages.
Use a subdomain (like news.yourdomain.com) for marketing email to isolate reputation risk from your primary domain.
Sendfully lets you set up multiple sending domains, making it straightforward to separate marketing and transactional email.
List hygiene
A list with stale addresses drags down your sender reputation over time. About a quarter of any email list degrades every year as people change jobs, abandon addresses, or switch providers, yet many senders never clean their lists at all.
Bounce rate benchmarks
Keep your bounce rate below 4%. Above that, email service providers may pause or restrict your sending.
Hard bounces are permanent failures, like sending to an address that no longer exists. Remove these right away. Soft bounces are temporary (a full mailbox, an overloaded server) and often resolve on their own. But if the same address keeps soft bouncing across several campaigns, remove it.
Spam complaint thresholds
Gmail recommends keeping your spam complaint rate below 0.10%, roughly 1 complaint per 1,000 emails. The hard ceiling is 0.30%. Go above that, and your deliverability drops across your entire list, not just for the subscribers who complained. Remove contacts who file a spam complaint right away.
Practical list hygiene steps
Use double opt-in. When someone subscribes, send a confirmation email asking them to verify. This filters out typos, fake addresses, and bots. A lot of senders skip this step, but it's one of the most effective ways to keep spam traps and invalid addresses off your list.
Remove inactive subscribers. If someone hasn't opened or clicked in 6 months, they're likely pulling down your metrics. Send a re-engagement email first ("Do you still want to hear from us?"), then remove anyone who doesn't respond.
Never buy or rent email lists. Purchased lists are full of spam traps, addresses designed to catch senders with poor practices. Hitting a spam trap can get your domain blocklisted, and recovering from that takes a long time.
Clean on a regular schedule. Quarterly cleaning (removing bounces, suppressing unengaged contacts, verifying addresses) keeps your list in good shape.
Sendfully handles list hygiene automatically. Hard bounces are suppressed immediately, soft bounces are removed after repeated failures, and contacts who report spam are excluded from future sends.
How to avoid the spam folder
Authentication and reputation matter more than content for deliverability. But once those foundations are solid, your email content can still trip spam filters if you're not careful.
Most recipients who mark emails as spam do so because the email "looks like spam." Your formatting choices send signals to both readers and automated filters.
Formatting guidelines
Maintain a 60/40 text-to-image ratio. SpamAssassin and similar filters flag emails that are image-heavy with little text. An email that's just one big image with a link is likely to get flagged.
Include a plain-text version. Sending both HTML and plain-text versions signals legitimate intent.
Sendfully generates a plain-text version of every email automatically, so you don't need to think about it.
Limit links. Too many links in a single email can trigger filtering. Keep it reasonable, and avoid URL shorteners. They mask the destination, which is a technique associated with phishing and spam.
Subject line rules
Skip the tricks. Misleading RE: or FW: prefixes, ALL CAPS, excessive punctuation, and emoji-heavy subject lines all correlate with spam filtering. Write subject lines that accurately describe your content.
Watch your word choice when combined with other spam signals. Words like "Free," "Buy now," "Act fast," and "Limited-time offer" don't trigger spam filters on their own, but they add to an overall spam score. If your authentication is weak or your reputation is low, these words can push you over the threshold.
Make unsubscribe easy
This sounds counterintuitive, but making it easy to unsubscribe improves your deliverability. When someone can't find the unsubscribe link, they hit "Report Spam" instead, and that's far more damaging to your reputation than an unsubscribe.
Place your unsubscribe link clearly in the footer, and make sure your emails include List-Unsubscribe headers for one-click unsubscribe.
Sendfully provides an unsubscribe link for your footer and adds the required headers to every broadcast automatically.
Maintaining email deliverability
Deliverability isn't something you set up once and walk away from. It requires ongoing attention, but most senders never check their inbox placement after the initial setup.
Metrics to track
- Inbox placement rate - The percentage of emails that reach the inbox (not just get accepted by the server). You can't measure this from your sending data alone. Tools like GlockApps test your placement across major providers. If this drops below 90%, investigate.
- Bounce rate - Track hard and soft bounces separately. A sudden spike in hard bounces means something is wrong with your list.
- Spam complaint rate - Monitor via feedback loops. Stay below 0.08%.
- Open and click rates - Declining engagement is often the first sign something is off. If your click rate drops without a change in content or list size, dig into it.
- Unsubscribe rate - A gradual increase may signal content fatigue. A sudden spike after a specific campaign tells you something went wrong.
Sendfully gives you a real-time view of every broadcast's performance: delivery counts, open rates, click rates, bounces, and spam complaints, all in one place. You can spot problems the moment they appear instead of piecing together data from multiple tools.
Send consistently
Spammers send in unpredictable bursts. Sending at consistent intervals (weekly, biweekly, monthly) signals to mailbox providers that you're legitimate. If you normally send once a week and suddenly send three campaigns in a day, expect filtering.
Pick a cadence that matches your content capacity and stick to it. Your subscribers will develop expectations around your schedule, and mailbox providers will develop confidence in your sending patterns.
Putting it all together
Email deliverability comes down to a few things done consistently:
- Authenticate your domain with SPF, DKIM, and DMARC.
- Meet provider requirements from Gmail, Yahoo, and Microsoft. Support one-click unsubscribe and keep spam complaints low.
- Build and protect your sender reputation. Check it regularly with free monitoring tools.
- Warm up new domains gradually. Start small, send to engaged subscribers, and ramp up over weeks, not days.
- Maintain list hygiene. Use double opt-in, remove bounces immediately, and remove inactive subscribers after a re-engagement attempt.
- Write clean, clear emails. Keep a healthy text-to-image ratio, skip the spam tricks, and make unsubscribing easy.
- Monitor continuously. Track inbox placement, bounce rates, and engagement. Catch problems before they snowball.
None of this is complicated, but it does require regular attention. Set it up, check on it regularly, and fix things when they drift.