Blog
/
Email deliverability best practices: the complete guide to inbox placement
Articles
Email deliverability best practices: the complete guide to inbox placement
Covers the full deliverability stack -- from SPF/DKIM/DMARC authentication (now mandatory under Google and Yahoo's 2024 requirements) through sender reputation, list hygiene, sending behavior, and content optimization. Aimed at B2B teams running cold outbound who need to diagnose and fix inbox placement issues.

Email deliverability best practices: the complete guide to inbox placement

You can write the perfect cold email. If it lands in spam, nobody reads it.

Email deliverability is the percentage of your emails that reach the recipient's inbox — not their spam folder, not a black hole, not a bounce. For B2B outbound teams, deliverability is the invisible variable that multiplies or destroys every campaign. A 95% deliverability rate means your messages get through. A 75% rate means one in four emails disappears.

Since February 2024, Google and Yahoo have enforced new sender requirements that make authentication non-optional. If you haven't configured SPF, DKIM, and DMARC, you're already losing inbox placement — and you may not know it.

This guide covers the core variables affecting deliverability, the authentication setup that's now mandatory, list management, sending behavior, content best practices, monitoring tools, and the advanced considerations for high-volume senders.

Core variables affecting deliverability

Email deliverability is determined by four factors, in order of impact:

  1. Sender reputation: Your domain and IP address have a reputation score maintained by ISPs. High bounce rates, spam complaints, and spam trap hits degrade reputation. Good engagement (opens, replies, clicks) builds it.
  2. Authentication: SPF, DKIM, and DMARC verify that you are who you claim to be. Without authentication, ISPs treat your emails as potentially fraudulent.
  3. List quality: Sending to invalid addresses, spam traps, or unengaged contacts degrades every other metric. List hygiene is the foundation.
  4. Content and engagement: Subject lines, body content, HTML structure, and recipient behavior (open, reply, delete, mark as spam) all influence where future emails land.

Authentication setup: SPF, DKIM, and DMARC

Since February 2024, Google and Yahoo require bulk senders (5,000+ messages/day) to authenticate with all three protocols. Even if you send fewer emails, authentication is the single highest-impact deliverability action.

SPF (Sender Policy Framework)

What it does: Publishes a DNS record listing the IP addresses authorized to send email on behalf of your domain.

How to set it up:

  1. Identify every service that sends email from your domain (ESP, CRM, outbound tools, transactional email)
  2. Create a TXT record in your DNS: v=spf1 include:_spf.google.com include:sendgrid.net ~all
  3. Include every sending service. Missing one means those emails fail SPF.
  4. Limit to 10 DNS lookups (SPF specification limit). Use include statements strategically.

Common mistake: Forgetting a sending service. If your outbound tool (Apollo, Outreach, SalesLoft) sends from your domain and isn't in the SPF record, those emails fail authentication.

DKIM (DomainKeys Identified Mail)

What it does: Adds a cryptographic signature to every outgoing email. The receiving server verifies the signature against a public key in your DNS, confirming the email wasn't altered in transit.

How to set it up:

  1. Generate a DKIM key pair through your ESP or email provider
  2. Publish the public key as a DNS TXT record
  3. Configure your sending service to sign outgoing emails with the private key
  4. Verify with a test email to a service like mail-tester.com

Common mistake: Not setting up DKIM for every sending service. Each service needs its own DKIM key.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

What it does: Tells receiving servers what to do when an email fails SPF or DKIM: nothing (monitor), quarantine (spam folder), or reject (don't deliver). Also generates reports showing who is sending email from your domain.

How to set it up:

  1. Start with a monitoring policy: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
  2. Review DMARC reports for 2-4 weeks to identify legitimate senders failing authentication
  3. Fix SPF/DKIM issues for legitimate senders
  4. Escalate to quarantine: p=quarantine
  5. After confirming all legitimate email passes, move to reject: p=reject

Critical: Don't skip straight to p=reject. Monitor first. A reject policy with misconfigured SPF/DKIM blocks your own emails.

February 2024 Gmail/Yahoo requirements summary

Requirement Threshold Impact
SPF or DKIM authentication All senders Required for inbox delivery
DMARC with at least p=none Bulk senders (5,000+/day) Required
One-click unsubscribe header Bulk senders Required
Spam complaint rate Below 0.3% Exceeding triggers throttling
Valid forward and reverse DNS All sending IPs Required

List management

Build clean lists from the start

  • Double opt-in for marketing lists. Confirms the email address is valid and the person wants to hear from you. Adds friction but eliminates bad addresses at the source.
  • Verify on import. Run every purchased, scraped, or partner-sourced list through an email verification service (ZeroBounce, NeverBounce, Findymail) before sending. Remove invalid, catch-all, and disposable addresses.
  • Segment by engagement. Divide your list into active (opened/clicked in last 90 days) and inactive segments. Send to active contacts at full cadence. Reduce frequency or re-engage inactive contacts before they become deadweight.

Remove these contacts immediately

  • Hard bounces. The address doesn't exist. Remove after first hard bounce. Continuing to send degrades sender reputation.
  • Spam complainers. Anyone who marks your email as spam. One complaint per 1,000 emails is the target maximum; above 0.3% triggers ISP penalties.
  • Spam traps. Email addresses created by ISPs or anti-spam organizations to catch senders with poor list hygiene. They look like real addresses. The only defense: never send to unverified addresses.
  • Role-based addresses. info@, sales@, support@ — these are shared inboxes with low engagement and high complaint rates.

Re-engagement campaigns

Before removing inactive contacts, try a re-engagement sequence:

  1. Send a "still interested?" email with clear opt-out
  2. If no response in 14 days, send one final email
  3. If still no response, move to a suppression list

Don't keep emailing people who don't open. ISPs interpret sustained non-engagement as a signal that your emails aren't wanted.

Sending behavior

Warm up new domains and IPs

New sending domains and IPs have no reputation — ISPs treat them as unknown. Sending 10,000 emails from a new domain on day one will trigger spam filters.

Warm-up protocol:

  • Week 1: 50 emails/day to your most engaged contacts
  • Week 2: 100 emails/day
  • Week 3: 250 emails/day
  • Week 4: 500 emails/day
  • Continue doubling weekly until target volume is reached

Focus warm-up sends on contacts most likely to open and reply. Positive engagement during warm-up establishes reputation faster.

Maintain consistent sending volume

Sudden spikes in volume trigger ISP scrutiny. If you normally send 500 emails/day and jump to 5,000 for a campaign, expect deliverability to drop. Smooth out volume fluctuations.

Throttle by provider

Gmail, Outlook, and Yahoo have different rate limits and reputation systems. Sending tools that throttle delivery by provider (spreading sends across the day rather than batching) avoid hitting rate limits.

Monitor bounce rates in real time

  • Soft bounce rate target: Below 2%
  • Hard bounce rate target: Below 0.5%
  • Action: If hard bounces spike above 1% on any send, stop the campaign. Investigate the list segment. Clean before resuming.

Content best practices

Subject lines

  • Keep under 50 characters for mobile display
  • Avoid spam trigger words: "free," "guaranteed," "act now," "limited time" in isolation
  • Personalization (first name, company name) improves open rates and signals legitimacy to ISPs
  • A/B test subject lines on 10% of the list before full send

Body content

  • Text-to-image ratio: Keep HTML emails primarily text. Heavy image emails with minimal text trigger spam filters.
  • Link hygiene: Don't use link shorteners (bit.ly, tinyurl) — they're associated with phishing. Use full domain URLs.
  • Unsubscribe link: Mandatory. Place it visibly. Hiding the unsubscribe increases spam complaints, which is worse for deliverability than unsubscribes.
  • Plain text alternative: Always include a plain text version of HTML emails. Some spam filters penalize HTML-only messages.

For cold outbound specifically

  • Keep emails short (under 150 words)
  • One link maximum (your calendar link or website)
  • No images or HTML formatting in initial outreach — plain text reads as personal
  • Personalize beyond {first_name} — reference something specific to the recipient
  • Reply-to address must be monitored. Replies improve sender reputation.

Monitoring and testing

Tools to monitor deliverability

  • Google Postmaster Tools: Free. Shows domain reputation, spam rate, authentication status, and delivery errors for Gmail. Essential for any B2B sender.
  • Microsoft SNDS: Smart Network Data Services shows delivery data for Outlook/Hotmail.
  • Mail-tester.com: Send a test email, get a deliverability score with specific issues flagged.
  • MXToolbox: DNS and email diagnostic tools. Check SPF, DKIM, DMARC, blacklist status.

Key metrics to track

Metric Target Action if below target
Deliverability rate >95% Audit authentication, list quality
Open rate >20% (cold), >30% (warm) Test subject lines, check spam placement
Bounce rate (hard) <0.5% Clean list immediately
Spam complaint rate <0.1% Review content, add unsubscribe
Reply rate >2% (cold outbound) Revise messaging, check targeting

Inbox placement testing

Deliverability rate (emails accepted by the server) isn't the same as inbox placement (emails reaching the inbox vs. spam). Use seed testing tools (GlockApps, Inbox Tracker) to check actual inbox placement across providers.

Advanced considerations for high-volume senders

Dedicated sending IPs

Shared IPs pool reputation across all senders on the IP. If another sender on your shared IP gets flagged, your deliverability drops. High-volume senders (10,000+ emails/day) should use dedicated IPs with carefully managed reputation.

Subdomain isolation

Separate transactional email (order confirmations, password resets) from marketing/outbound email by using subdomains:

  • mail.yourdomain.com for transactional- outbound.yourdomain.com for cold outreach- marketing.yourdomain.com for newsletters

This prevents cold outbound reputation issues from affecting transactional delivery.

Feedback loops

Register for ISP feedback loops (Yahoo, Outlook, AOL) to receive real-time notifications when recipients mark your emails as spam. Use this data to immediately suppress complainers and identify content patterns that trigger complaints.

DNS configuration checklist

  • [ ] SPF record includes all sending services
  • [ ] DKIM configured for every sending service
  • [ ] DMARC published (start at p=none, escalate to p=reject)
  • [ ] Reverse DNS (PTR record) configured for sending IPs
  • [ ] MX records point to active mail servers
  • [ ] No blacklist listings (check via MXToolbox)

Quick-reference checklist

  • [ ] SPF, DKIM, DMARC configured and passing
  • [ ] DMARC reports reviewed weekly
  • [ ] Email verification run on every imported list
  • [ ] Hard bounces removed after first occurrence
  • [ ] Spam complaint rate below 0.1%
  • [ ] Warm-up completed for new domains/IPs
  • [ ] Sending volume consistent day-to-day
  • [ ] Unsubscribe link visible and functional
  • [ ] Google Postmaster Tools monitored weekly
  • [ ] Inbox placement tested quarterly

FAQ

What is email deliverability?

Email deliverability is the percentage of your emails that reach the recipient's inbox (not spam, not bounced, not blocked). It's determined by sender reputation, authentication (SPF/DKIM/DMARC), list quality, and content.

What's the difference between delivery rate and deliverability?

Delivery rate is the percentage of emails accepted by the receiving server (not bounced). Deliverability is the percentage that actually reach the inbox. An email can be "delivered" to the spam folder — delivery rate looks fine while deliverability is terrible.

How do I fix emails going to spam?

Check authentication first (SPF, DKIM, DMARC). Then check sender reputation (Google Postmaster Tools). Then clean your list (remove bounces, complainers, inactive contacts). Then review content (spam trigger words, image-heavy emails, missing unsubscribe). Fix in this order — authentication issues are the most common cause.

How long does it take to warm up a new email domain?

4-8 weeks for a full warm-up. Start with 50 emails/day to engaged contacts and double weekly. Don't rush — ISPs are watching the pattern. A domain that goes from 0 to 10,000 emails in a week gets flagged.

Do SPF, DKIM, and DMARC really matter?

Since February 2024, Gmail and Yahoo require authentication for all senders. Without it, your emails are increasingly likely to be rejected or spam-foldered. Authentication is the single highest-impact deliverability action you can take.

Deliverability is infrastructure, not optimization. Get authentication right, keep your lists clean, send consistently, and monitor the metrics. For teams doing outbound to local businesses, remember that deliverability problems often start upstream — with the contact data itself. When your enrichment provider returns personal-domain emails for local business owners, no amount of authentication setup will fix the structural challenge of reaching buyers who don't operate on corporate email.

ZoomInfo alternatives: an honest guide for revenue teams (2026)
Profiles ZoomInfo alternatives through a 5-criteria evaluation framework, with in-depth vendor comparisons matched to specific use cases and target segments. Explains the structural reason teams cycle through providers annually without improving coverage, particularly in local business and SMB verticals.
Articles
What is data enrichment? A practical guide for revenue and data teams
Introduces the two enrichment models (append vs. discovery), six types of enrichment data, and the step-by-step process for evaluating whether your current approach is leaving revenue on the table. Clarifies the distinctions between enrichment, cleansing, and enhancement, and explains why the sequence matters.
Articles
TAM vs SAM vs SOM: what they mean, how to calculate them, and how to actually use them
Goes beyond definitions to provide three calculation methods (top-down, bottom-up, value-theory), a worked example with specific numbers, and guidance on how investors scrutinize these metrics. Shows how TAM/SAM/SOM should drive territory planning, hiring, and GTM resource allocation rather than just populating a pitch deck slide.
Articles
SAM vs SOM: what's the difference and why it matters for your business
Isolates the SAM-to-SOM relationship as the operationally critical layer of market sizing, correcting three common mistakes teams make when calculating each metric. Shows how SAM and SOM should directly inform territory design, headcount planning, and data investment decisions rather than serving as static figures in a fundraising deck.
Articles