Emails end up in spam for four main reasons: poor list management (sending to unengaged or unconsented addresses), low-quality or keyword-stuffed content, weak DNS authentication (missing or misconfigured SPF, DKIM, DMARC, and BIMI records), and poor sender reputation monitoring. Fix all four and your deliverability improves substantially, even without any content changes.

Every day, approximately 350 billion emails are sent and received. Of those, more than 45% end up in spam. That’s a massive hit for businesses: marketing emails don’t reach subscribers, transactional emails don’t inform customers, and teams struggle to communicate effectively.

Email deliverability is something of a black box, much like SEO. The rules change often and aren’t fully disclosed by major Email Service Providers (ESPs) like Google, Apple, and Microsoft.

Sometimes they are disclosed, as with Google and Yahoo’s enforcement of stricter sender authentication requirements starting in February 2024 and tightened further since. More often, the rules stay opaque.

The good news: even with that uncertainty, you can significantly improve your email deliverability. If your messages are getting lost in the spam folder, read on; we’ll cover why emails end up there and how to prevent it.

What is email deliverability?

Before we dive into why your emails end up in spam, let’s start with a distinction that trips up most people:

Just because your emails show as “delivered” in your sending tool (bounce rate, delivery rate) doesn’t mean they’re actually reaching the recipient’s inbox.

Email deliverability is the odds that your email makes it to the inbox and not to spam. “Delivered” just means the recipient’s server accepted it; spam filtering happens after that.

Why do emails end up in spam?

Emails trigger spam filters for many reasons, but the story usually comes down to four pillars:

1. List management: Sending emails to unsubscribed or dormant addresses is a major red flag. Your list should be built organically with permission-based opt-ins. If you’re still emailing old, inactive accounts that keep bouncing, your reputation takes a hit.
2. Content and engagement: Excessive exclamation points, ALL CAPS, misleading subject lines, or irrelevant keywords can trigger spam filters and route your email to no man’s land.
3. DNS configuration: Not implementing email authentication protocols like SPF, DKIM, and DMARC is another red flag for ESPs. These act like digital IDs, verifying that you’re who you say you are and preventing impersonation by spammers.
4. Monitoring and optimization: Not regularly tracking deliverability metrics like spam rate, open rate, and click-through rate means you’ll miss signals about what needs to change, whether that’s content, list hygiene, or technical setup.

Avoid these red flags and your emails will land in the inbox far more often.

Best ways to prevent emails from going to spam

List management

Opt-in

How you collect emails and build your subscriber list matters a lot. If you use a deceptive method to grab email addresses and then send unsolicited messages, those recipients will be unhappy, and unhappy recipients mark you as spam.

Use an opt-in form that clearly tells users they’ll receive content from you by checking a box or a similar mechanism. Be clear, not sneaky.

Unsubscribe

Make it easy to unsubscribe. Don’t hide the link in gray-on-white at the bottom of your template. People who can’t unsubscribe flag your email as spam, which damages your reputation.

Google and Yahoo now require an unsubscribe button directly in the header of bulk email. Here’s what it looks like:

Cleaning your lists

Deprecated emails

Use a third-party tool to remove deactivated or banned accounts from your list. Those create hard bounces, and hard bounces hurt your reputation.

We like Neverbounce for this.

Sunset policy

If a group of subscribers hasn’t opened a single email in the last six months, send them a message asking if they’re still interested. Emails that consistently get ignored are likely to be flagged as spam, which isn’t good for your sender reputation and isn’t a great final touchpoint with your brand either. Be kind and warm about it; let them sail into the sunset if that’s their wish.

Content

The content you send matters more than almost anything else. People’s time is valuable, so when you ask for their attention, make sure what you’re sending is worth the read.

A quick checklist before hitting send:

• Is the content relevant and interesting?
• Is it well-written and to the point?
• Is it well-designed and easy to scan?
• Is it actually meant for my audience?
• Does it use any words that could trigger a spam filter?
• Would I want to receive this email if I were the reader?

Infrastructure configuration

Authenticating and securing your emails is a crucial step in making sure they reach the inbox. It’s often overlooked and one of the easiest wins for deliverability.

There’s a tight link between security and compliance here. ESPs want to reduce spam, scams, and phishing. To support that, they favor domains with well-configured security and authentication protocols in their DNS.

This part is tricky to set up but incredibly valuable. It can mean the difference between a +39% open rate and a +34% purchase likelihood.

So what are these authentication and security protocols?

Understanding DNS

DNS is the address book of the internet. Computers use DNS to look up domain names and find the corresponding IP addresses needed to connect to websites, servers, and other resources.

DNS is also where ESPs like Google, Apple, and Microsoft check how your emails are secured and authenticated:

• Who is authorized to send emails on behalf of your domain? (SPF)
• What signature should they look for to confirm the content is authentic? (DKIM)
• Is your domain protected by a policy? (DMARC)
• Is your sender identity verified with a logo? (BIMI)

Let’s go through each one.

Authorized senders list (SPF record)

SPF records are like a guest list for sending emails. An SPF record is a line of text that specifies which domains or IP addresses are permitted to send emails on behalf of your domain. It lives in your DNS manager, under TXT records.

Here’s an example SPF record:

v=spf1 ip4:192.0.2.0/24 ip6:2001:db8::/32 include:_spf.example.com ~all

If an email from your domain is sent to a recipient server from an IP not on your SPF list, deliverability takes a hit.

A quick tip: to check whether your DNS is configured properly and your email has a good chance of reaching the inbox, use Palisade’s free Email Deliverability Score tool. It audits your DNS configuration and suggests improvements.

Digital signature (DKIM records)

DKIM records add a digital signature to your emails that proves they’re authentic when they arrive at the recipient server. Think of it like the signature on the back of your credit card.

Each third-party service you use with your domain typically needs its own DKIM key and record.

Here’s an example DKIM record:

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAS4QZzH+/iM5ilpxexFK7uVnX5OasDMW61p7IvUjM+488QnpLqDTlsvGdJtG/oHgwRpXcNSxKKhtX3R4zg0MoSdLJYTEMiirr8UdeuGng/ZKM2XtLa+qGve6kp3H5NBx2uYHVj+E0WANeRT3bK5sMVRTYSAywN/m9ugX5T5PkbvJ2HRTmrX00ov4/VoVFSbfHZzaA/FDX/hyFnWEiOb1JihArP2+cMs+CYgIi7u8t+p0FqR/37kuEh5PLxOct/fnhqjn35XPn8C1s2fAC5J2WZjmmC5QM2qYV90isu03jeCI7Vap9ocKj5P+qJAlooYNujICd84ZmcHeA2UJqj22QIDAQAB

Defended domain (DMARC)

DMARC protects your domain from people trying to send fake emails (phishing, spam) on your behalf.

The DMARC policy is central to deliverability and security. It tells recipient servers what to do if the emails they receive from you aren’t authenticated properly through your SPF or DKIM (often called alignment).

Here’s an example DMARC record:

v=DMARC1; p=none; rua=mailto:dmarc@palisade.email; ruf=mailto:dmarc@palisade.email; fo=1;

Google and Yahoo have been enforcing DMARC policies for bulk senders since early 2024, and their requirements have continued to tighten since. If you’re sending any volume of email, DMARC alignment is non-negotiable.

Brand display and verified checkmark (BIMI)

BIMI was adopted by Google, Apple, Yahoo, and most major ESPs (still waiting on Outlook) back in May 2023. It’s now the standard way to verify your identity via email, display your brand logo in the inbox, and get a verified checkmark. You’ll see this rolled out by large brands like LinkedIn and Google:

Here’s an example BIMI record:

v=BIMI1;l=https://images.palisade.email/brand/bimi-logo.svg;a=https://images.palisade.emai/brand/certificate.pem

Monitoring

Monitoring your sender reputation is a big part of keeping deliverability high. Sender reputation is like a person’s reputation: it takes time to build and is easy to damage.

There’s no single tool that does it all, but several tools can give you partial visibility into your deliverability health.

Domain reputation, IP reputation, and spam rates

One of the best tools available, even if it only monitors your reputation from Google’s perspective, is Google Postmaster.

It gives you three key data points on sender reputation:

• Domain reputation: How Google views your domain holistically. All emails from all apps combine into one reputation.
• IP reputation: How the third-party app’s IP reputation affects your sender reputation.
• Spam rate: The number of users reporting your emails as spam.

Wrapping up

Email deliverability isn’t set-and-forget; it’s ongoing work, but worth it.

Many companies spend significant time A/B testing funnels and producing content but skip the critical step of making sure their emails actually reach the inbox. If your users aren’t seeing your content, what’s the point of investing so much in creating it?

It’s not easy. List management best practices change. Content engagement shifts with trends. DNS compliance evolves. Reputation monitoring is sensitive. After reading this, you should have a better understanding of email deliverability basics (and the difference between “delivered” and “in the inbox”), and know where to focus your attention first.

FAQ

Why do my emails keep going to spam?

The most common causes are missing or misconfigured SPF, DKIM, and DMARC records; sending to a dirty list with unengaged or invalid addresses; using content patterns spam filters flag (all caps, misleading subject lines, spam-trigger words); and poor domain or IP reputation. Start with DNS authentication; it’s the most impactful fix and often the most overlooked.

What’s the difference between delivered and inbox placement?

“Delivered” means the recipient’s email server accepted the message. Inbox placement means the message actually made it to the inbox instead of spam, Promotions, or other filtered folders. Your ESP will typically show you delivered rates but not inbox placement. For that you need deliverability tools like Palisade or Google Postmaster.

Do SPF, DKIM, and DMARC really matter?

Yes. Since Google and Yahoo’s 2024 enforcement changes, bulk senders (over 5,000 emails a day to Gmail or Yahoo addresses) that don’t have proper SPF, DKIM, and DMARC alignment see their messages quietly dropped into spam or rejected outright. Even for smaller senders, proper authentication measurably improves inbox placement.

How do I check if my email is set up correctly?

Free tools like Palisade’s Email Deliverability Score, MXToolbox, and Google Postmaster will audit your DNS configuration, flag missing records, and highlight issues with SPF, DKIM, DMARC, and BIMI. Run a check before you send any big campaign.

Does BIMI actually improve open rates?

Early data suggests yes, in the +10% to +39% range for open rates, because a verified logo in the inbox increases trust at a glance. The tradeoff is that BIMI requires a Verified Mark Certificate (VMC) from a certifying authority, which costs several hundred dollars per year and requires a trademarked logo.

Can I improve deliverability without changing my content?

Often yes. Proper DNS authentication (SPF, DKIM, DMARC), list cleaning (removing hard bounces and long-inactive subscribers), and consistent sending volume can all improve inbox placement without any content changes at all. If your content is reasonable and your deliverability is bad, the technical setup is usually the culprit.