Email Deliverability Checklist: Why Your Email Goes to Spam (and How to Fix It)

Getting an email sent is easy. Getting it into the inbox rather than the spam folder is the hard part. Mailbox providers like Gmail, Outlook, and Apple score every message on authentication, sender reputation, and content, and they quietly route the doubtful ones to spam. This checklist walks through the factors that decide your placement, in priority order, with the checks to run on your own domain. Most of the authentication checks can be run with the SPF Check, DKIM Check, and DMARC Check tools.

If these are not set up correctly, you will struggle no matter how good your content is, and major providers now require authentication for bulk senders, so this is table stakes. SPF publishes which servers may send mail for your domain, so verify yours with the SPF Check tool and make sure every legitimate sending service is included and you are not exceeding the ten-lookup limit. DKIM cryptographically signs your messages so receivers can confirm they were not altered, which you can check with the DKIM Check tool.

DMARC tells receivers what to do with mail that fails SPF or DKIM and gives you reports, so check your policy with the DMARC Check tool. Start at a monitoring policy of p=none, then move to p=quarantine and ultimately p=reject once you have confirmed all legitimate mail passes. Finally, confirm your domain's mail servers are correct with the MX Lookup lookup, since wrong MX records break replies and bounce handling.

Providers track how trustworthy your domain and sending IP are over time. If your sending IP lands on a DNS blocklist, mail gets rejected or spam-foldered, so test it with the IP Blacklist Check check and, if listed, find the cause (often a compromised account or a poor list) and follow the delisting process. Your sending IP should also resolve back to a hostname that matches your domain, because many receivers reject mail from IPs with no PTR record, which you can confirm with the Reverse DNS (PTR) tool.

Beyond the technical signals, warm up new domains and IPs by ramping volume gradually rather than blasting thousands of messages on day one, which looks like spam. And keep complaint rates low, since rates above roughly 0.3 percent seriously hurt reputation; make unsubscribing easy and only mail people who opted in.

Who you send to matters as much as what you send. Only email people who opted in, because purchased or scraped lists generate complaints and spam-trap hits that wreck reputation. Remove hard bounces immediately, since repeatedly hitting dead addresses signals poor list quality, and prune inactive subscribers, because sending to people who never open trains filters to treat you as unwanted.

Good opt-in practice also keeps you clear of spam traps, which are addresses that exist only to catch senders with bad hygiene. Clean, engaged lists are one of the strongest positive signals you can send.

Once authentication and reputation are solid, content becomes the tiebreaker. Keep a balanced text-to-image ratio, since all-image emails with little text are a classic spam signal, and avoid spammy patterns such as all-caps subject lines, excessive exclamation points, and misleading subjects. Use a consistent, authenticated From address on a domain you control rather than a free webmail address for bulk mail.

Always include a clear unsubscribe link and a physical mailing address, which anti-spam laws require, and check the domains you link to, because linking to a blacklisted domain can sink an otherwise clean email. You can vet a linked domain's sending IP with the IP Blacklist Check tool.

For higher-volume senders, MTA-STS enforces TLS for inbound mail to your domain, which you can check with the MTA-STS Check tool, and TLS-RPT gives you reports on TLS delivery problems. BIMI can display your brand logo in the inbox once you have strong DMARC enforcement, which is a nice trust and recognition boost.

For a ten-minute self-audit, run the SPF Check, DKIM Check, and DMARC Check checks on your domain and confirm all three are found and valid, verify your MX Lookup records are correct, check your sending IP against the IP Blacklist Check tool and confirm it has Reverse DNS (PTR), then send a test to a Gmail and an Outlook account and confirm it lands in the inbox with SPF, DKIM, and DMARC all passing in the message's original headers.

Why do my emails suddenly go to spam when they did not before? Common causes are a new sending IP or domain without warm-up, a blacklist listing, a spike in complaints, or broken authentication after a provider change. Re-run the authentication and IP Blacklist Check checks first.

Do I really need all of SPF, DKIM, and DMARC? Yes. Major providers now require authentication for bulk senders, and DMARC depends on SPF and DKIM to work. Together they are the foundation of inbox placement.

My SPF passes but mail still fails DMARC. Why? DMARC also requires alignment, meaning the domain in SPF or DKIM must match the visible From domain. A service can pass SPF on its own domain yet fail alignment with yours, so check the From domain and your DKIM signing domain.

How do I know if my IP is blacklisted? Run the IP Blacklist Check check. If listed, identify and fix the root cause before requesting delisting.