Email deliverability checklist
A complete email deliverability checklist covering authentication (SPF, DKIM, DMARC), list hygiene, content and spam triggers, sender reputation and IP warmup, and the monitoring metrics to watch, with a printable summary at the end.

Email deliverability is the rate at which the messages you send reach the inbox instead of the spam folder or a hard rejection. It is not a single setting but the sum of several independent signals: how your domain is authenticated, how clean your recipient list is, what your content looks like to a spam filter, and what reputation your sending domain has earned. This checklist works through each of those in the order that matters, and ends with a printable summary.
What affects email deliverability
Before the checklist itself, it helps to know what a mailbox provider is actually deciding when a message arrives. Every inbound email is scored, not simply accepted or rejected, and the score draws on a handful of independent inputs. Get one badly wrong and strong scores elsewhere will not save the message.
Five factors carry most of the weight, and the rest of this article is one section per factor:
- Authentication. Whether SPF, DKIM, and DMARC prove the message genuinely comes from your domain.
- List quality. Whether the recipients are real, engaged, and asked to hear from you.
- Content. Whether the subject line, body, and image-to-text balance resemble wanted mail or spam.
- Sender reputation. The track record the sending domain and IP have built over time.
- Engagement. Whether recipients open, reply, and avoid marking the mail as spam.
The ordering is deliberate. Authentication is a prerequisite that either passes or fails on day one, while reputation and engagement build slowly and are the parts no setup step can shortcut. Work top to bottom.
Authentication setup (SPF, DKIM, DMARC)
Authentication is the foundation, because a message that fails it is discounted no matter how good everything else is. Gmail and Yahoo both require all three records for bulk senders, and providers increasingly reject unauthenticated mail rather than filing it in spam. These three DNS records are the first thing to get right.
- SPF is a DNS TXT record listing the servers allowed to send for your domain. A
receiver checks the sending IP against that list. Publish exactly one SPF record, include every
service that sends on your behalf, and end it with
~all. - DKIM attaches a cryptographic signature to each message, so the receiver can verify the content was not altered in transit and genuinely came from your domain. The signature survives forwarding, which SPF does not. The provider holds the private key and publishes the public key in DNS.
- DMARC ties SPF and DKIM to the visible
Fromaddress and tells receivers what to do when a message fails. Start it atp=nonewith a reporting address.
v=DMARC1; p=none; rua=mailto:dmarc-reports@yourapp.comThe concept that does the real work is alignment: DMARC passes only when the
domain that authenticated matches the domain a recipient sees in the From field. That
match is what stops a spammer from passing SPF on their own domain while displaying yours. For the
full mechanics of how the three records fit together and how to read the headers, see SPF, DKIM, and DMARC explained for
developers.
List hygiene
A clean list is the cheapest reputation insurance there is, because every send to a dead or unwilling address is a negative signal. Mailbox providers watch how often you hit invalid addresses and spam traps, and a list that decays untouched will drag down delivery for the recipients who do want the mail. Three habits keep a list healthy.
- Remove hard bounces immediately. A hard bounce (a permanent 5xx error) means the address does not exist. Sending to it again is the single fastest way to look like a spammer, who characteristically mails stale lists. Suppress every hard-bounced address on the first failure and never retry it.
- Honor unsubscribes instantly. An unsubscribe must stop mail within a day, and a one-click unsubscribe header is now required for bulk senders at Gmail and Yahoo. A recipient who cannot leave easily clicks "spam" instead, which is far more damaging than a quiet opt-out.
- Prune disengaged recipients. Addresses that have not opened or clicked in six to twelve months lower engagement scores and sometimes turn into recycled spam traps. Run a re-engagement campaign, then drop the ones who stay silent.
The discipline that underpins all three is collecting addresses honestly in the first place. Confirmed opt-in (where a new subscriber clicks a link to verify the address) keeps typos, disposable addresses, and spam traps off the list before they can ever bounce or complain. A purchased or scraped list does the opposite, and it is the most reliable way to land on a blocklist.
Content and spam triggers
Modern spam filters lean far more on reputation and engagement than on scanning words, so content rarely sinks a well-authenticated message from a trusted sender on its own. It still matters at the margins, and a few patterns reliably hurt. The goal is mail that reads like a genuine message rather than a broadcast.
- Write honest subject lines. The subject should match the body. ALL CAPS, excessive punctuation, and bait like "RE:" on a message that is not a reply read as manipulation to a filter and to a reader.
- Keep a healthy text-to-image ratio. An email that is one large image with almost no text is a classic spam pattern, and it breaks entirely for recipients who block images. Lead with real text and use images to support it.
- Include a plain-text version. Sending a multipart message with both HTML and plain-text alternatives is a signal of legitimate mail, and some clients prefer the plain-text part outright.
The "spammy words" advice that circulates is mostly outdated. A single mention of "free" or "sale"
will not divert a message from a reputable sender. What filters actually weigh is the
whole picture: a sudden change in tone or format, links to a domain with no reputation, or
mismatched From and reply-to addresses. Consistency from one send to the next is worth
more than avoiding any particular word.
Sender reputation and IP warmup
Reputation is the part of deliverability that cannot be configured, only earned. Mailbox providers keep a running score for every sending domain and IP, built from delivery history, complaints, and engagement. Correct authentication proves who is sending; reputation is what proves the sender is trusted, and a brand-new domain starts with none.
The way a new domain or IP earns a reputation is warmup: raising daily volume gradually so providers can build a track record before full-scale sending. A new domain that sends fifty thousand messages on its first day looks exactly like a spammer who just registered, and a large share of that mail will be deferred or filtered.
- Start small and ramp over weeks. Begin in the low hundreds per day and roughly double every few days, taking two to six weeks to reach target volume depending on how high that target is.
- Send to the most engaged recipients first. Early sends carry outsized weight, so they should go to people who open and click reliably. High open rates at the start build the foundation; low ones tell providers the mail is unwanted.
- Warm up each sending stream separately. A new subdomain or a switch to a provider with different IPs starts at zero again, even when the parent domain is established.
Reputation is also why separating transactional and marketing email onto different subdomains pays off: a marketing campaign that draws complaints then cannot drag down the password resets and receipts that recipients are actively waiting for. For the full ramp schedules and the signals that mean pause, see how to warm up a new sending domain.
Monitoring
Deliverability is not a setup task that stays done, because reputation is re-evaluated continuously and a single bad sending day can undo weeks of good ones. Monitoring is what turns a silent decline into an alert while there is still time to act. Three numbers cover most of it, and all three should be watched per mailbox provider, not just as an overall average.
- Bounce rate. Track hard bounces (permanent) and soft bounces (temporary) separately. A hard bounce rate above roughly 2% points to a list-quality problem and calls for cleaning the list before sending more.
- Complaint rate. The share of recipients who mark the mail as spam. Gmail's published threshold is 0.3%, and staying an order of magnitude below it is the goal. This is the single most damaging signal, so any spike needs an immediate diagnosis.
- Inbox placement. Delivery to the server is not the same as landing in the inbox. A message can be accepted and then filed in spam, which produces no error at all, so placement has to be measured directly with seed-list tests or provider dashboards.
The tooling for this is mostly free. Google Postmaster Tools reports domain and IP reputation, spam rate, and authentication results for mail sent to Gmail, and feedback loops at Yahoo and Microsoft report complaints from their users. Set these up before the first large send, because a ramp run without them is run blind.
The deliverability checklist
Here is the whole thing in one place, grouped by section. It is built to copy into a runbook or print straight from the browser, so it can serve as the pre-send checklist before any large campaign.
Authentication
- ✓Exactly one SPF record published, including every sending service, ending in
~all. - ✓DKIM signing enabled, with the public key published under your provider's selector.
- ✓DMARC record live at
_dmarc.yourdomain.comwith a reporting address. - ✓DMARC moved past
p=nonetop=quarantineorp=rejectafter reviewing reports. - ✓SPF, DKIM, and DMARC all aligned with the visible
Fromdomain.
List hygiene
- ✓Addresses collected through confirmed opt-in, never purchased or scraped.
- ✓Hard bounces suppressed automatically on the first failure.
- ✓Unsubscribes honored within a day, with a one-click unsubscribe header on bulk mail.
- ✓Disengaged recipients pruned or re-engaged on a regular schedule.
Content
- ✓Subject line honest and matching the body, with no bait or ALL CAPS.
- ✓Real text leading the message, images supporting rather than replacing it.
- ✓A plain-text alternative included alongside the HTML.
- ✓Consistent
Fromname and address from one send to the next. - ✓Rendering and placement tested across Gmail, Outlook, and Yahoo before a large send.
Reputation and warmup
- ✓New domains and IPs warmed up gradually over two to six weeks.
- ✓Early sends directed at the most engaged recipients.
- ✓Each new sending stream or subdomain warmed up on its own.
- ✓Transactional and marketing mail separated onto different subdomains.
Monitoring
- ✓Hard bounce rate watched and kept under roughly 2%.
- ✓Complaint rate watched and kept well under 0.3%.
- ✓Inbox placement measured directly, not assumed from delivery.
- ✓Google Postmaster Tools and Yahoo and Microsoft feedback loops configured.
- ✓Alerts set on the key metrics so a decline surfaces before customers notice.
FAQ
What is a good email deliverability rate?
Why do my emails go to spam even with SPF, DKIM, and DMARC set up?
What bounce rate is too high?
What complaint rate causes deliverability problems?
How long does it take to fix bad email deliverability?
Bottom line
Deliverability comes down to a sequence: authenticate the domain, keep the list clean, send content that reads as wanted, build reputation slowly, and monitor the result. None of the steps is difficult alone, but they are easy to let slip, which is why a checklist run before each large send is worth more than any single optimization.
Lettr operationalizes most of this list directly. Authentication is generated and verified during domain setup, bounces and complaints stream through webhooks in real time, and the deliverability metrics above are tracked for every send. Create a free account and verify a domain before your next campaign goes out.