The Ultimate Email Deliverability Checklist [2023 Guide]

Kevin Scott

Updated

May 25, 2023

Why should I trust this guide?

As co-founder of Audienceful (an email sending platform), I see sending data from thousands of businesses on a daily basis. Prior to this, I ran an email newsletter business and worked on emails at a trillion-dollar tech giant. I also know many folks in the industry.

My goal is to offer you a "Definitive Guide" of sorts, one that can be linked to whenever someone has a question. Here's my promise:

If you do everything in this article, you will have done literally everything possible to optimize your deliverability. However a disclaimer is warranted here: nothing about email is bulletproof. Even trillion-dollar companies struggle with this.

Important stuff to know

Email is older than the web, and started as a totally open system. You used to be able to set up your own email server at home, and send anything to anybody!

By the early 2000s however, the spam problem had gotten out of hand, and email started to slowly transition into a self-regulating oligopoly of trusted inbox providers and trusted commercial senders.

As of 2023, Gmail and Outlook basically block any commercial email not coming from a server at one of these senders (called SMTP relays). These relays are largely undifferentiated and set a price floor on commercial email. This is what mostly solved the spam problem for good.

Virtually all email marketing platforms (including ours), have to send emails using these costly SMTP relays on the backend. Otherwise your emails don't get delivered. More about this in the IP section below.

Overview: The Big 3 Factors

Now that you understand how email works in 2023, let's start from first principles. Every single thing that affects deliverability falls under one of these three factors:

Your Reputation
What You Send
Who You Send To

Next, let's break down all the things that fall underneath the big 3, to exhaustively cover every possible factor.

1. Your Reputation

When troubleshooting an email deliverability problem, you should start here. Before inbox providers even see the content of your emails, they will see the following about you:

Authentication pass/fail: Every email gets checked for 3 signatures that verify your identity and prevent spoofing: SPF, DKIM, DMARC. The first two, SPF and DKIM, should be configured already if you got green checkmarks when adding your domain to Audienceful (or any other platform). The last one, DMARC, is up to you and can be a little more tricky. We usually recommend using a free outside service for this like Postmark's DMARC tool here.
Action item: Make sure all 3 are set properly.
Domain reputation: Your domain is the website your emails are coming from (eg. Business.com). Your domain acts as a point of reference for inbox providers. They keep a history of what you send, what engagement you get, if people reported spam, etc. and use this to calculate a domain reputation. I highly recommend sending from your own domain to start building your reputation. See how to improve this in (2) and (3).
IP reputation: This is the server that your emails are being sent from. This used to be a big spam factor, however is becoming less so. Gmail and groups like Spamhaus have had to adapt the fact that 98%+ of companies now send emails via SMTP relays that use the same shared commercial IPs (our customers get put on these by default). However, if you're running your own email server, good luck. We won't go into that here.
Shared vs. Dedicated IP: by default, on every email platform you'll be sharing IPs with other customers. This might sound undesirable, but its actually to your benefit. If you're not sending millions of emails, you're not big enough for inboxes to care (you're effectively an unknown). But if you're sending millions per month and have the time to manage it, a dedicated IP can provide the best reputation. With Audienceful you can add a dedicated IP to any growth or business plan.
Blacklists: If you find your emails are ending up in spam, you may want to use a blacklist monitoring service to check if you've been placed on any spam lists for your Domain or sending IP. If its your domain, you can reach out to owner of the blacklist and request to be removed. If its IP, and you're on a shared IP, this will typically resolve itself within a few days/weeks as most SMTP relays have full time employees tasked with solving this. If you're on a dedicated IP you have to stay on top of it yourself.

2. What You Send

Inbox providers don't have eyes. They also can't read images (yet). But they do speak the language of text and code contained in your emails.

Trigger words & formatting: Some of the earliest spam filters detected words/phrases and patterns. Most still do this. Avoid using spam trigger phrases, all caps formatting, non-standard formatting/characters, or broken english. Check your spam folder and you'll quickly get a hang for what type of language to avoid.
Use simple templates: Gmail knows that emails from real people and important transactional emails (receipts, password resets, etc) typically have simple designs—single column, just text and images, etc. These emails have the best chance of reaching the Primary tab. We recommend not trying to build emails that look like mini-websites. They're a guaranteed ticket to the Promotions tab, and rarely work well on mobile/dark mode.
Footers & unsubscribe: if your footer doesn't contain a physical address (required by the CAN-SPAM act) or an unsubscribe link and is coming from a mass email service, this can be a red flag. We include an unsubscribe link by default for you.
Consistency: Established and reputable businesses tend to send emails on a consistent schedule (monthly, bi-weekly, weekly, etc). Also, email lists don't typically grow that fast. If one day you're sending to 10,000 people, and the next day you're sending to a 100k, that can be a red flag that you may have purchased a 3rd party list.
No image-only emails: Inbox providers can't read images, so they get suspicious when you send an email that doesn't have much text content within it. This is a common tactic used by spammers to get around the issue with spam trigger words.
No link shorteners: Do not use any commercial link shortening service like bit.ly. These are all used by spammers to cloak links to illicit sites and are a big spam flag.
No attachments: This one's pretty obvious. If you've sending a lead magnet to subscribers (eg. like a PDF), never attach it directly to your email. Always link to an outside storage provider like Google Drive, Dropbox, etc. Audienceful blocks all attachments by default.
No outside image hosts: this typically isn't a problem if you're using a platform like ours (we host all customer images by default), but do not embed any images from a public image hosting service.
No crypto, gambling, online dating, etc: Certain industries are more plagued by spam than others. Make sure the text of your email doesn't include enough phrases to make it appear to be related to one of these industries. At Audienceful, we explicitly ban many of these businesses in our terms of service to ensure it doesn't affect the rest of our customer base. Do not use any platform that does not ban these categories, as they become magnets for spammers.

3. Who You Send To

The quality of your email list essentially tells inbox providers the quality of your business. Here's what to watch out for:

Opt-ins only: if you're following GDPR, you're already doing this, but its important you only send emails to people who have explicitly signed up to hear from you or have an existing relationship with your business. Never send mass cold emails, especially to email lists you've compiled from public sources. Otherwise you're at huge risk for being reported as spam and/or blacklisted. Our company will ban you for doing this.
Engagement: if people aren't opening, clicking, or responding to your emails, you're at risk. Due to iOS Mail Privacy this can be harder to detect these days, and it varies by industry, but if your open rate is below 15% it's a bad sign. One way to tell inbox providers your emails are important is to encourage direct replies from your readers — often in a welcome automation (side note: don't send from a 'donotreply' email address!).
Spam complaints: you should try to keep spam complaints under 0.1% on each send (1 out of a thousand people). That ratio isn't as relevant for smaller lists (eg. under 100 contacts), but if you go over this theshold for too long you're at risk of being banned by your email platform.
Spambot or spamtrap signups: a problem that has grown over the decades is spambots which search the web in automated fashion for signup forms where they can enter their fake addresses. To block this you should implement a spam honeypot on your signup forms and/or use reCAPTCHA. These email addresses will never engage with your emails and will bounce, and some blacklists use them as a signal.
Soft bounces or "temporary failures" can occur because of 15+ different reasons. The big ones are typically because your recipient has an out-of-office responder, has a full inbox, had some server downtime, or the specific content of your email triggered some blocking rules at the inbox provider. Try to keep your bounces under 2%. We recommend not re-sending the same email if it has soft bounced.
Hard bounces or "permanent failures" are more definitive. They happen for a variety of reasons, but basically mean an email address is not deliverable from a commercial sender. This is either due to a permanent block or firewall rule at the inbox, or the email does not exist. It can also result from consecutive soft bounces on earlier sends. Like all platforms, we remove hard bounced emails from your list by default.
List age & cleaning: email lists tend to rot over time. People's domains expire or they change jobs and their email address dies. Depending on industry, a good rule of thumb is if an email address hasn't opened 1 of your last 10-15 sends (especially if they've never opened a single email from you), you should remove it from your list.
Cranky IT admins: if you're sending emails to a company (especially a small and/or old one) that has their own email infrastructure, they can have firewall rules blocking any marketing emails. In one fun instance, we discovered a customer's IT department had blocked the entire IP range of an SMTP relay used by nearly 1,000,000 companies! Now that's a strict blacklist 😅

...and that's everything

I have passed this around within my group of felllow email nerds and believe this should cover literally everything without getting too deep. However, if you believe I've missed something, don't hesistate to reach out via email or twitter and I can add it to this doc! I will come back to update over time so hopefully it can remain the ultimate resource on this topic.

Small plug, if you're looking for a modern email platform designed for the 2020s, check out Audienceful. We're growing fast and so far our customers seem quite happy.

Ready to try Audienceful?

Email marketing from the future

Stop sending "campaigns." Start sending emails. Your first 1,000 subscribers are on us.

Audienceful is the first email marketing platform you'll actually enjoy using.

Join free Learn more Audienceful's minimalist UI