Email deliverability is the percentage of sent emails that successfully land in the recipient’s inbox — not their spam folder, not their promotions tab, not a silent discard. A campaign with 100% delivery rate can still have a 30% inbox placement rate if your sender reputation is poor.
That distinction matters for anyone running cold email at scale. Your open rates, reply rates, and ultimately your pipeline are a function of where your emails land. A 10% improvement in inbox placement on a 500-email campaign is 50 additional people who actually see your message.
In 2026, email deliverability is harder than it was two years ago. Google and Yahoo introduced bulk sender requirements in 2024 that changed the rules for anyone sending to Gmail and Yahoo addresses at volume. AI-based spam filters have become more sophisticated at pattern recognition. And the infrastructure required to run clean cold email has gotten more specific.
This guide covers the complete system — technical authentication, sender reputation, email warmup, infrastructure setup, content signals, and list hygiene — with actionable guidance at each layer. It’s written from an outbound cold email perspective, not marketing email, because the rules are different.
The 4 Pillars of Email Deliverability
Deliverability is not a single setting. It’s a system with four interdependent layers. A failure at any one layer limits what the other three can achieve.
| Pillar | What It Controls | Primary Risk If Missing |
| Technical Authentication | Proves your domain is who it says it is | Emails rejected or flagged before reaching inbox |
| Sender Reputation | Your domain/IP’s trust score with email providers | Systematic inbox placement degradation over time |
| Email Content & Structure | How spam filters evaluate message content | Individual emails flagged regardless of reputation |
| List Quality & Hygiene | Validity and engagement of your contact data | High bounce rates and spam complaints that damage reputation |
Most deliverability failures come from weaknesses in layers 1 and 2 — technical setup and reputation. Content and list hygiene matter, but they cannot compensate for a domain that isn’t properly authenticated or a sender reputation that’s been degraded by poor sending practices.
| In short: Think of deliverability as a system where the 4 pillars must all function. Authentication gets you in the door. Reputation keeps you there. Content determines individual email fate. List quality protects reputation from your own mistakes. |
Technical Authentication: SPF, DKIM, and DMARC
Authentication is the foundation. It tells receiving email servers that your emails are legitimately from your domain, haven’t been tampered with, and have a defined policy for what happens when they’re not. In 2026, SPF, DKIM, and DMARC are required infrastructure — not optional best practices.
SPF: Sender Policy Framework
SPF is a DNS record that specifies which mail servers are authorized to send email on behalf of your domain. When an email arrives claiming to be from yourcompany.com, the receiving server checks your SPF record to see if the sending server is on the approved list.
How SPF works:
1. You add a TXT record to your domain’s DNS (e.g.: v=spf1 include:_spf.google.com ~all)
2. When someone receives an email from your domain, their mail server does a DNS lookup
3. If the sending IP matches your SPF record, the check passes
4. If not, the receiving server applies the policy in your record (~all = soft fail, -all = hard fail)
Critical SPF mistakes to avoid:
• Exceeding 10 DNS lookups — SPF has a hard limit of 10 DNS lookup mechanisms. Exceed it and SPF fails permanently, regardless of configuration. Common in companies with multiple sending tools (marketing email, CRM, transactional email) all using include: statements.
• Missing secondary senders — if you use a cold email tool, ESP, or CRM that sends on your behalf, their sending infrastructure must be included in your SPF record. Missing a sender means those emails fail SPF.
• Using -all prematurely — hard fail (-all) rejects any email that doesn’t match your SPF record. Use ~all (soft fail) while you’re still confirming all legitimate senders are covered.
| 2026 requirement: Google and Yahoo require that bulk senders (sending 5,000+ emails/day to their users) have valid SPF records. Non-compliance results in delivery failures to Gmail and Yahoo addresses. |
DKIM: DomainKeys Identified Mail
DKIM adds a cryptographic signature to every outgoing email. This signature proves two things: (1) the email was authorized by the domain it claims to be from, and (2) the email content hasn’t been modified in transit. Unlike SPF, which authenticates the sending server, DKIM authenticates the message itself.
How DKIM works:
1. You generate a public/private key pair. The private key is stored on your mail server.
2. The public key is published as a TXT record in your DNS.
3. When your server sends an email, it creates a hash of the message and signs it with the private key. This signature goes in the email header.
4. The receiving server retrieves your public key from DNS and uses it to verify the signature. If the signature matches, DKIM passes.
DKIM best practices:
• Use 2048-bit keys — Google requires a minimum of 1024-bit DKIM keys, but explicitly recommends 2048-bit for security. Most cold email platforms default to 2048-bit. Verify your key length and upgrade if you are on 1024-bit.
• DKIM selector alignment — the domain in your DKIM signature (d= tag) must align with your From: address domain for DMARC to pass. Misalignment causes DMARC failures even when DKIM itself validates.
• Rotate keys periodically — DKIM key rotation (every 6-12 months) is good practice. If a private key is ever compromised, rotation limits the damage window.
DMARC: Domain-based Message Authentication, Reporting and Conformance
DMARC ties SPF and DKIM together and tells receiving servers what to do when a message fails authentication. It also provides reporting — you get data back on authentication failures, which is how you discover configuration problems.
DMARC policy levels:
• p=none — Monitor mode. Emails that fail authentication are still delivered. You receive reports on failures. Use this when first setting up DMARC to identify gaps before enforcing.
• p=quarantine — Emails that fail authentication go to spam/junk. A significant enforcement step — use only after confirming all legitimate senders pass authentication.
• p=reject — Emails that fail authentication are rejected outright. The strictest policy, appropriate after full verification that all legitimate sending passes SPF and DKIM.
Recommended DMARC ramp-up:
1. Start with p=none and add rua= (aggregate reporting email) to receive reports: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
2. Monitor reports for 2-4 weeks to identify any legitimate sending sources that aren’t passing authentication
3. Fix any authentication gaps found in reports
4. Move to p=quarantine with a percentage rollout (pct=10, then pct=50, then pct=100)
5. Advance to p=reject once you have confidence all legitimate mail passes
| 2026 requirement: Google requires that bulk senders have a DMARC policy of at least p=none. Yahoo requires p=none or stricter. Operating without DMARC as a bulk sender risks systematic delivery failure to both providers. |
BIMI: Brand Indicators for Message Identification
BIMI is not a deliverability requirement, but an increasingly relevant trust signal. It allows your brand logo to appear next to your email in supported inboxes (Gmail, Yahoo, Apple Mail). The visual brand presence improves recipient recognition and trust — which influences engagement signals that feed back into sender reputation.
BIMI requires: a DMARC policy of p=quarantine or p=reject, a Verified Mark Certificate (VMC) from an approved provider, and a DNS record pointing to your SVG logo file. VMC costs $1,000-$1,500/year — relevant for established brands, less so for early-stage cold email operations.
| In short: Authentication is table stakes in 2026. SPF + DKIM + DMARC must all be properly configured before running cold email at any meaningful volume. Missing or misconfigured authentication results in systematic delivery failures that volume and content quality cannot compensate for. |
Sender Reputation: The Most Important Deliverability Variable
Technical authentication proves you are who you say you are. Sender reputation determines whether email providers trust you enough to deliver your mail to the inbox. A domain with perfect authentication and poor sender reputation will land in spam. A domain with strong sender reputation can survive minor content issues that would filter a low-reputation sender.
Sender reputation has two components: domain reputation (your domain’s history across all mail it sends) and IP reputation (the sending IP’s history across all domains it sends for). For cold email, domain reputation is the primary variable — most modern cold email platforms send via shared IPs, so domain reputation is what you build and protect.
How Email Providers Evaluate Sender Reputation
Google, Microsoft, and Yahoo use engagement data to build sender reputation scores. The signals they weight most heavily:
• Open rate — what percentage of your emails to their users get opened. Low open rates signal that recipients don’t want your mail.
• Spam complaint rate — what percentage of your emails get marked as spam. This is the most damaging signal.
• Delete without opening rate — a negative engagement signal, though weighted less than spam complaints.
• Move to inbox — a positive signal when recipients move your mail from spam to inbox.
• Reply rate — positive engagement signal indicating recipients actively want to interact with your mail.
Spam complaint rate benchmarks (2026):
| Spam Rate | Status | Action Required |
| < 0.08% | Healthy — maintain current practices | None |
| 0.08% – 0.10% | Approaching Google’s threshold | Audit list quality and sending frequency |
| 0.10% – 0.30% | Above Google’s guideline threshold | Immediate list hygiene and pause high-risk segments |
| > 0.30% | Google’s hard limit — delivery impacted | Stop campaigns, full deliverability audit required |
Monitor spam complaint rate via Google Postmaster Tools. It’s the only free, authoritative data source on how Gmail sees your sending domain — and it’s the leading indicator of incoming delivery problems.
Domain Age and Reputation Building
New domains start with zero reputation. Email providers have no signal on which to assess your trustworthiness, so they default to skepticism. This is why warmup exists — it’s the process of building a reputation from zero.
Recommended domain age before cold email campaigns: minimum 3 months. For high-volume cold email, 6 months of warmup history is preferable. A domain aged less than 30 days that suddenly starts sending hundreds of emails per day will trigger spam filters regardless of content quality.
Protect your main domain. If your primary business domain (company.com) gets damaged reputation from cold email, the consequences extend beyond outreach — your transactional email, customer communication, and partner correspondence all go through the same domain. Use dedicated sending domains for cold email (getcompany.com, trycompany.com, company-outreach.com).
| In short: Domain reputation is the single most important deliverability variable. A new domain with perfect authentication will still land in spam — reputation takes 4-8 weeks of proper warmup to establish. Protecting your main domain from cold email is non-negotiable. |
Email Warmup: How It Works and Why It’s Ongoing
Email warmup is the process of gradually increasing sending volume on a new domain or mailbox while simultaneously building engagement history — opens, replies, and inbox interactions — that signals to email providers that your account is a legitimate, active correspondent.
Warmup is not a one-time activity before launching your first campaign. It’s ongoing infrastructure maintenance. Most deliverability failures we see in outbound operations come from teams that ran warmup for 4 weeks before launch and then turned it off. Without continuous warmup, sender reputation degrades over time.
How Modern AI Warmup Works
Traditional warmup tools connected your account to a network of email accounts that exchanged messages using generic placeholder text (“This is a warmup email”). Email providers learned to recognize and discount this pattern.
Modern AI warmup (used by Smartlead, Instantly, and others) generates contextually relevant, varied content for each warmup exchange. The emails look and read like real correspondence — they’re unique per interaction, vary in topic and length, and produce engagement patterns that more closely resemble genuine email activity.
The mechanism: your sending account is connected to a warmup pool of real inboxes. These inboxes automatically send emails to your account, open them, reply to them, and occasionally rescue emails from spam. Your account does the same for others in the pool. The progressive volume increase and engagement pattern trains email provider algorithms to associate your domain with legitimate, wanted email.
Warmup Timeline and Volume Guidelines
| Week | Warmup emails/day | Cold campaign sends/day | Notes |
| 1-2 | 5-15 | 0 | Foundation period — do not send campaigns yet |
| 3-4 | 20-35 | 0 | Building reputation — still no campaigns |
| 5-6 | 35-50 | 5-15 | Conservative campaign start alongside warmup |
| 7-8 | 40-50 | 20-40 | Normal ramp — monitor Postmaster Tools closely |
| 8+ | 40-50 ongoing | 30-50 max | Warmup continues permanently in background |
Warmup rules that don’t change:
• Never exceed 40-50 cold email sends per day per mailbox — this is the safe ceiling for cold outreach regardless of how warmed the account is
• Never turn warmup off — run background warmup at 20-30 emails/day permanently once campaigns are active
• Monitor spam rescue rate — if warmup emails are landing in spam and being rescued, that’s a warning signal about your domain’s current reputation state
• Separate warmup from campaign sends — some platforms mix warmup and campaign traffic from the same account. Track these separately to get accurate performance data.
Tools for email warmup:
• Smartlead AI Warmup — built into all plans, Premium tier available on Smart and Prime plans
• Instantly warmup — large proprietary warmup pool, included with all plans
• lemwarm (Lemlist) — Lemlist’s dedicated warmup tool, included with all Lemlist plans
| In short: Warmup is infrastructure maintenance, not pre-launch setup. Running warmup for 4 weeks and stopping is one of the most common causes of deliverability decline in cold email operations. Set it up permanently in the background and leave it running. |
Cold Email Infrastructure: Setting Up for Scale
Infrastructure is the physical architecture of your cold email operation — which domains you send from, how many mailboxes per domain, how volume is distributed, and what kind of sending servers you use. Getting infrastructure right doesn’t guarantee deliverability, but getting it wrong almost guarantees problems.
Sending Domain Strategy
The first rule of cold email infrastructure: never send cold email from your primary business domain. If your business is company.com, do not run cold outreach from @company.com addresses.
Why: cold email carries inherent deliverability risk. High bounce rates from unverified lists, spam complaints from recipients who didn’t want your email, and aggressive sending volumes can all damage domain reputation. If that damage happens to your primary domain, it affects your transactional email, customer communication, and everything else you send from that domain.
Use dedicated sending domains instead. Common patterns: getcompany.com, trycompany.com, company-hq.com, heycompany.com. Set up SPF, DKIM, and DMARC on each sending domain before use. Age these domains for 3+ months with warmup before campaign use.
Mailbox and Volume Architecture
| Rule | Safe Limit | Why |
| Mailboxes per domain | 2-3 max | More mailboxes per domain increases per-domain sending density, raising spam risk |
| Cold sends per mailbox/day | 30-50 max | Per-mailbox send volume cap — exceeding this damages individual mailbox reputation |
| Warmup sends per mailbox/day | 20-50 | Background warmup running continuously alongside campaigns |
| Domain age before use | 3 months minimum | New domains lack reputation history; rushing warmup increases spam rate |
Scaling Sending Volume
The math for scaling cold email:
• 10,000 emails/month = ~7-10 mailboxes (at 35-45 sends/mailbox/day across ~30 active days)
• 30,000 emails/month = ~20-30 mailboxes
• 50,000 emails/month = ~35-50 mailboxes
• 150,000+ emails/month = 100+ mailboxes across 40-50+ domains
Both Smartlead and Instantly automate mailbox rotation — distributing sends across all connected accounts within a campaign automatically. This is the practical reason unlimited mailboxes matter: you can build the infrastructure your volume requires without per-account cost constraints.
Shared vs. Dedicated Infrastructure
Most cold email platforms send via shared IP infrastructure — your emails go through IP addresses shared with other customers. This is fine for most use cases; modern platforms manage shared IP reputation carefully and segment customers by behavior.
Dedicated IPs (SmartServers in Smartlead’s case, at $39/server/month) are relevant when: (a) you’re sending at high enough volume that shared infrastructure creates variability, (b) compliance requirements mandate infrastructure separation, or (c) you’ve experienced deliverability issues that point to shared IP reputation as the cause.
For most cold email operations running under 50,000 emails/month, dedicated IPs are not required. They become relevant at 100,000+ monthly sends or in enterprise compliance contexts.
| In short: Infrastructure setup is a one-time cost amortized across your entire outreach operation. Getting it right (dedicated sending domains, proper domain aging, correct mailbox-to-domain ratios, continuous warmup) removes a class of deliverability problems that no amount of content optimization can fix. |
Email Content and Spam Triggers
Content matters less than reputation, but it matters more than most cold email practitioners acknowledge. A strong sender reputation can carry a mediocre email into the inbox. A weak reputation cannot be rescued by great content. But content is the variable you control most easily per-campaign.
Why Plain Text Performs Better Than HTML
Marketing email uses HTML templates because visual formatting drives engagement for newsletters and promotional content. Cold email is a different context — it’s one person reaching out to one other person. HTML templates with logos, formatted headers, and image-heavy layouts signal bulk commercial email, not personal outreach.
Plain text or minimal HTML (basic font styling, occasional bold) performs better in cold email for three reasons: (1) it avoids content pattern recognition associated with bulk mail, (2) it renders reliably across all email clients without display issues, and (3) it reads as more personal and effortful, which is the impression you want a cold email to create.
Spam Trigger Signals
Content elements that increase spam scoring:
• Spam trigger words in subject line — “free”, “guarantee”, “limited time”, “no obligation”, “winner”, “urgent”. More precisely: patterns associated with commercial promotional content.
• ALL CAPS in subject line or body — a pattern associated with promotional email and phishing
• Multiple exclamation marks — “Limited offer!!!” reads as commercial promotional content to spam filters
• Excessive links — more than 1-2 links in a cold email body is a spam signal. Every link adds pattern risk.
• Tracked links and redirect URLs — link tracking (e.g., via click.sendingplatform.com) is a recognized pattern. Some platforms allow sending direct links; test both approaches.
• Images in cold email — images increase HTML complexity and can trigger spam filters. If images are necessary, keep the text-to-image ratio high (more text than images).
• Attachment in first cold email — attachments in cold email are a significant spam signal. Don’t send attachments in initial outreach; follow up with them after a reply.
Personalization as a Deliverability Signal
Each email in a cold campaign that is identical to every other email is a pattern that spam filters are trained to recognize. Personalization — not just first name insertion, but varied intro lines, different value propositions, adapted references — makes each email statistically distinct.
This is the practical deliverability argument for AI-generated personalization (Lemlist’s approach) or per-contact variable fields: unique content per email is harder for pattern-based spam detection to flag than identical content sent at volume.
At minimum: vary your subject lines across sequences, vary your intro lines across contact segments, and avoid sending the same email body verbatim to thousands of contacts.
| In short: Content matters most when reputation is marginal. For high-volume cold email, the key content rules are: plain text or minimal HTML, no spam trigger words in subject lines, 1-2 links maximum, no attachments in first contact, and varied content across contacts to avoid pattern detection. |
List Quality and Email Hygiene
Every email you send to an invalid address is a hard bounce. Every hard bounce is a signal to email providers that you’re sending to unverified lists. A bounce rate above 2% is a reputation risk; above 5%, on a new domain, can cause permanent sender reputation damage within weeks.
Hard Bounce vs. Soft Bounce
• Hard bounce — permanent delivery failure. The address doesn’t exist, the domain doesn’t exist, or the receiving server has permanently rejected your email. Every hard bounce counts against your sender reputation.
• Soft bounce — temporary delivery failure. The mailbox is full, the server is temporarily unavailable, or there’s a transient network issue. Most platforms retry soft bounces; they don’t count as heavily against reputation as hard bounces.
Target bounce rates: under 2% for overall bounces, under 1% for hard bounces specifically. If you’re pulling contacts from unverified data sources (scraped lists, old databases, purchased lists), expect higher bounce rates without verification.
Email Verification Before Sending
Verify your entire contact list before loading it into your cold email platform. Email verification services check whether an address is valid without actually sending to it. They reduce your hard bounce rate and protect your sender reputation from bad data.
Recommended email verification tools:
• NeverBounce — high accuracy, bulk verification, API available, pay-per-verification
• ZeroBounce — bulk verification with additional data appending features, subscription and pay-per-credit models
• Smartlead Email Verifier — built into the Smartlead platform, available as a credits-based add-on
• Hunter Email Verifier — good for small volume; integrated into prospecting workflow
Verification cadence: verify before any new list is imported. For ongoing prospecting, verify contacts at point of collection, not at point of campaign launch. Old lists (6+ months) should be re-verified — email addresses decay at roughly 22-30% per year.
List Segmentation and Re-engagement
Not every contact on your list is equally likely to engage. Segmenting by engagement history — who opened, who clicked, who replied, who never engaged — lets you adjust sending frequency and targeting to protect reputation.
Contacts who haven’t engaged after 3-4 sequence steps should be moved to a re-engagement sequence or removed. Continuing to send to chronically unengaged contacts increases your soft negative engagement signals (deleted without opening) and wastes send volume.
For lists older than 12 months: run a re-engagement campaign before launching new sequences. Or simply re-verify and remove non-engaging contacts before importing into a new campaign.
| In short: List hygiene is reputation protection. Every invalid email is a bounce, every bounce damages reputation, and damaged reputation costs you inbox placement on valid contacts. Verify before you send, segment by engagement, and remove contacts who have never engaged after a full sequence. |
Monitoring Deliverability: Google Postmaster Tools and Beyond
You can’t improve deliverability you’re not measuring. Most cold email practitioners wait until they notice a drop in reply rates to investigate deliverability. By that point, the problem has typically been building for weeks.
Google Postmaster Tools
Google Postmaster Tools is the authoritative data source for how Gmail sees your sending domain. It’s free, provided directly by Google, and shows data that third-party tools can only approximate.
Setup:
1. Go to postmaster.google.com
2. Add your sending domain(s)
3. Verify ownership via DNS TXT record
4. Data populates once you’re sending 100+ emails/day to Gmail addresses from that domain
Key metrics to monitor:
• Domain Reputation — rated as High, Medium, Low, or Bad. High means strong inbox placement. Bad means Gmail is actively filtering your mail.
• Spam Rate — percentage of your emails that Gmail users mark as spam. The most critical metric to watch.
• Authentication — shows SPF, DKIM, and DMARC pass rates. Should be close to 100%.
• Delivery Errors — shows rejected and temporarily failed delivery attempts
Interpretation benchmarks:
| Metric | Healthy | Concerning | Critical |
| Domain Reputation | High | Medium | Low or Bad |
| Spam Rate | < 0.08% | 0.08-0.10% | > 0.10% |
| SPF Pass Rate | ~100% | < 95% | < 90% |
| DKIM Pass Rate | ~100% | < 95% | < 90% |
Microsoft SNDS
Microsoft’s Smart Network Data Services (SNDS) is the equivalent tool for Outlook/Hotmail deliverability. If a significant portion of your contact list uses Microsoft email addresses, SNDS provides IP-level reputation data and spam complaint rates for your sending infrastructure. Access via sender.office.com.
Inbox Placement Testing Tools
Postmaster Tools shows you how Gmail views your domain history. Inbox placement testing tools show you where a specific email would land right now, before you send a campaign.
• GlockApps — sends test emails to a panel of real inboxes across Gmail, Outlook, Yahoo, and others. Reports inbox, spam, and promotions placement rates. Most accurate pre-send testing available.
• Mail-Tester — free basic tool that scores your email on spam indicators. Useful for quick content checks.
• Smartlead SmartDelivery — Smartlead’s built-in placement testing tool. Tests campaigns against real inboxes and provides placement-optimised copy recommendations (Pro and Export tiers).
| In short: Set up Google Postmaster Tools on every sending domain before campaigns start. Check it weekly, not when you suspect problems. The data it provides — especially spam rate and domain reputation — is the leading indicator that tells you whether deliverability issues are building before they impact reply rates. |
Deliverability for Cold Email vs. Newsletter and Marketing Email
The rules for cold email deliverability are different from marketing email deliverability, and conflating them leads to misapplied advice.
| Cold Email (B2B Outreach) | Marketing Email / Newsletter | |
| Consent | No prior opt-in (legitimate interest / B2B) | Opted-in subscriber list required |
| Volume pattern | Low-volume per sender, many senders | High-volume from single or few senders |
| Content type | Personal, one-to-one tone | Branded templates, promotional content |
| Unsubscribe requirement | Recommended (CAN-SPAM / GDPR) | Required, one-click (Google 2024 mandate for bulk) |
| Warmup approach | Per-mailbox, per-domain warmup | IP warming for dedicated sending IPs |
| Authentication | SPF, DKIM, DMARC on sending domain | SPF, DKIM, DMARC on sending domain |
| Primary reputation risk | Spam complaints from uninterested recipients | Hard bounces, unsubscribes, inactive list segments |
The 2024 Google bulk sender requirements (sending 5,000+ emails/day to Gmail addresses) introduced one-click unsubscribe as a mandatory feature for bulk sending. For cold email operations that distribute sends across many mailboxes — keeping per-sender volume below bulk sender thresholds — these requirements apply differently than they do to traditional newsletter sending.
The practical implication: cold email sequences should always include a clear, functional way for recipients to opt out. Even if you’re not technically required to include it, the absence of an opt-out option increases spam complaints from recipients who want off your list but can’t find an easy way to do it.
| In short: Cold email and marketing email have different deliverability rules. Cold email infrastructure is designed to keep per-mailbox volume low, distribute sending across many accounts, and maintain personal email patterns. Don’t apply marketing email sending logic (high volume, single IP, HTML templates) to cold email outreach. |
Top 10 Cold Email Deliverability Mistakes
1. Sending from your main business domain — a single deliverability incident can damage your brand’s primary email channel. Always use dedicated sending domains.
2. Exceeding per-mailbox send limits — sending 200+ emails/day from a single mailbox is a pattern spam filters recognize. Cap at 30-50 per mailbox.
3. Stopping warmup after the first month — warmup is ongoing. Stopping it after launch is one of the most common causes of delayed deliverability degradation.
4. SPF/DKIM/DMARC misconfiguration — over 10 DNS lookups in SPF, misaligned DKIM selectors, no DMARC record. Run authentication diagnostics on every domain before use.
5. HTML-heavy email templates — cold email is personal outreach. Branded HTML templates signal bulk commercial mail to spam filters.
6. Sending to unverified lists — bounces from invalid addresses damage sender reputation. Verify every list before importing.
7. No unsubscribe mechanism — recipients who want off your list and can’t find a way will hit the spam button instead.
8. Ramping send volume too quickly — a new domain going from 0 to 500 sends/day in week two triggers spam filters. Follow the warmup timeline.
9. Spam trigger words in subject lines — “free”, “guarantee”, “limited time offer”, “urgent”. These are pattern matches that add spam score regardless of your domain reputation.
10. Not monitoring Google Postmaster Tools — spam rate and domain reputation problems build over days and weeks before they become visible in reply rate data. Monitor proactively.
Email Deliverability Setup Checklist (2026)
Use this checklist before launching any cold email campaign on a new domain or mailbox setup.
| Status | Checklist Item | Priority |
| ☐ | SPF record configured correctly (under 10 DNS lookups, all senders included) | Critical |
| ☐ | DKIM 2048-bit key configured and aligned with From: domain | Critical |
| ☐ | DMARC record in place (minimum p=none with rua= reporting address) | Critical |
| ☐ | Sending domain is separate from main business domain | Critical |
| ☐ | Domain is minimum 3 months old OR warmup has run for 6+ weeks | Critical |
| ☐ | Email warmup active on all sending accounts (20-50 emails/day, ongoing) | Critical |
| ☐ | Contact list verified via email verification tool (bounce rate < 2%) | High |
| ☐ | Google Postmaster Tools configured and monitoring active | High |
| ☐ | Per-mailbox daily send limit set to max 30-50 cold emails | High |
| ☐ | Email template: plain text or minimal HTML (no images, max 1-2 links) | Medium |
| ☐ | Unsubscribe option included in all cold email sequences | Medium |
| ☐ | Subject lines checked for spam trigger words | Medium |
| ☐ | Mailbox rotation configured across sending accounts in campaign | Medium |
Recommended Deliverability Tools (2026)
| Category | Tool | Use Case |
| Warmup | Smartlead AI Warmup | Built into Smartlead; Premium tier on Smart/Prime plans |
| Warmup | Instantly Warmup | Included with Instantly plans; large warmup pool |
| Warmup | lemwarm (Lemlist) | Included with all Lemlist plans |
| Monitoring | Google Postmaster Tools | Domain reputation, spam rate, authentication for Gmail — free |
| Monitoring | Microsoft SNDS | IP and domain data for Outlook/Hotmail — free |
| Placement testing | GlockApps | Multi-provider inbox placement testing — most accurate pre-send tool |
| Placement testing | Smartlead SmartDelivery | Built-in placement testing; Pro tier includes copy optimization |
| List verification | NeverBounce | Bulk email verification; pay-per-credit |
| List verification | ZeroBounce | Bulk verification + data appending; subscription and credit models |
| Authentication check | MXToolbox | Free DNS/SPF/DKIM/DMARC diagnostics |
| Authentication check | dmarcian | DMARC record testing and reporting analysis |
Frequently Asked Questions
What is email deliverability?
Email deliverability is the ability of an email to reach the recipient’s inbox, as opposed to being filtered to spam, rejected by the receiving server, or silently discarded. It’s measured as inbox placement rate — the percentage of sent emails that land in the inbox rather than spam. A message can be technically “delivered” (accepted by the receiving server) without being “deliverable” (landing in inbox).
What’s the difference between email delivery and email deliverability?
Email delivery refers to whether an email was accepted by the receiving mail server — a binary pass/fail. Email deliverability refers to where the email was placed after acceptance — inbox, spam, promotions, or other folders. A 98% delivery rate with 40% spam placement is a deliverability problem, not a delivery problem. Most deliverability issues are invisible in delivery rate metrics.
How do I check my email deliverability?
Three approaches: (1) Google Postmaster Tools shows domain reputation and spam complaint rate for Gmail traffic — the most authoritative free tool. (2) Inbox placement testing tools like GlockApps show where a specific email would land across multiple providers before you send a campaign. (3) Monitoring reply rates and open rates in your sending platform — a sudden drop often signals a deliverability change, though it’s a lagging indicator.
What is a good inbox placement rate?
For cold email, a healthy inbox placement rate is 85-95%+ across major providers. Anything below 80% indicates a deliverability problem that needs investigation. For marketing email to opted-in lists, 95%+ is the standard. Note: inbox placement rate is different from open rate — you need a placement testing tool to measure it directly.
Does email warmup actually work?
Yes — with caveats. Warmup builds domain and mailbox reputation by generating engagement history before campaigns start. It works most reliably when started early (4-6 weeks before first campaign), run continuously (not stopped after launch), and supplemented by clean list practices. Warmup cannot rescue a domain that has been actively damaged by high spam complaint rates or large-scale bounce events. It works as prevention and maintenance, not as repair.
How long does it take to build domain reputation?
Baseline reputation sufficient for cold email campaigns: 4-6 weeks of consistent warmup. Strong, stable reputation: 3-6 months of clean sending history. Domain age matters independently — a domain registered 3 months ago with 8 weeks of warmup is in a stronger position than a brand-new domain with 8 weeks of warmup. Reputation builds continuously; there’s no point at which it’s “complete” — it requires ongoing maintenance.
What causes emails to go to spam?
The most common causes, in order of frequency: (1) poor domain or IP reputation from prior sending behavior, (2) missing or misconfigured SPF/DKIM/DMARC authentication, (3) high spam complaint rate from recipients marking your mail as spam, (4) high bounce rate from sending to unverified contacts, (5) content patterns that match spam signatures (trigger words, HTML-heavy templates, excessive links), (6) sending from a new domain without warmup. Most spam folder landings are reputation-driven, not content-driven.
Which tools are best for email deliverability in 2026?
For cold email specifically: Google Postmaster Tools (free, authoritative monitoring), Smartlead or Instantly for AI warmup, GlockApps for pre-send placement testing, NeverBounce or ZeroBounce for list verification, and MXToolbox for authentication diagnostics. The combination of monitoring (Postmaster Tools), warmup (platform-native), and verification (NeverBounce/ZeroBounce) covers the three highest-impact deliverability levers for most outbound operations.
