Most deliverability problems are preventable. They tend to come from the same set of failure points — authentication gaps, blacklist listings, list quality issues, or configuration mistakes that send the wrong signals to spam filters.
This checklist covers all of them. Work through items 1–4 first. Authentication and blacklist status are responsible for the majority of serious deliverability failures, and no amount of subject line optimisation will overcome a broken SPF record or a Spamhaus listing.
Bookmark this and run through it before any significant send.
Authentication & Domain Health
These four items are the foundation. If any of them fail, everything else in this checklist becomes secondary.
1. SPF Record Is Valid and Under 10 DNS Lookups
Your SPF record lists every server authorised to send email from your domain. If it's missing, incorrectly formatted, or exceeds the 10 DNS lookup limit, emails from your domain will fail authentication.
Check: Run a free SPF checker on your domain. It will show whether the record exists, validate the syntax, and count your DNS lookups.
Common issue: Every include: statement in your SPF record uses DNS lookups. Add enough sending tools — Mailchimp, HubSpot, Salesforce, SendGrid — and you'll approach the limit quickly. See the guide on managing your SPF lookup count if you're close to or over the limit.
2. DKIM Signing Is Enabled and Passes Verification
DKIM adds a cryptographic signature to outbound email that receiving servers use to verify the message wasn't altered in transit. A missing or failing DKIM signature is a common cause of email being routed to spam.
Check: Send a test email to a Gmail address and view the original message headers. Look for DKIM-Signature: v=1; a=rsa-sha256; d=yourdomain.com. If it's there, DKIM is active.
Common issue on Microsoft 365: DKIM signing is not enabled by default. You must activate it manually in the Microsoft 365 Defender portal.
3. DMARC Policy Is in Place at Minimum p=none
DMARC tells receiving servers what to do when email fails SPF and DKIM authentication. Without it, receivers make their own decisions — and those decisions aren't in your favour when sender reputation is unknown.
Check: DNS lookup for _dmarc.yourdomain.com. Confirm a TXT record exists with v=DMARC1 and a p= value.
Even p=none (monitor mode) is better than no record. It signals to receivers that you're aware of authentication and actively monitoring. See the DMARC policy guide if you need to progress beyond monitoring.
4. Domain and Sending IP Are Not on Any Email Blacklist
If your domain or sending IP is listed on a major DNSBL (DNS-based Blackhole List), a significant portion of your emails will bounce or go to spam — regardless of authentication status.
Check: Run a free blacklist check across all major zones. An email blacklist check takes seconds and shows listings across 12 DNSBL zones simultaneously.
If listed: Don't send until you've identified the cause and requested removal. Sending while listed worsens your reputation further.
Sender Identity
5. From Address Domain Matches Your Authenticated Domain
Your From address should use the same domain you've set up SPF and DKIM for. Sending from yourname@gmail.com on behalf of your business, or using a subdomain that isn't covered by your authentication records, weakens your authentication alignment.
Check: Confirm your From address domain matches your DKIM signing domain and your SPF envelope-from domain.
6. Reply-To Address Is a Real, Monitored Inbox
A Reply-To address pointing to a dead inbox or a different domain raises flags with spam filters. It also means you miss responses — including spam complaints filed via the "reply" path.
Check: Send yourself a test, reply to it, and confirm the reply arrives at an inbox someone reads.
Content & Formatting
7. Subject Line Avoids Spam-Trigger Patterns
Spam filters analyse subject lines for patterns associated with bulk spam. High-risk patterns include:
- ALL CAPS subject lines or random CAPITALISATION mid-sentence
- Excessive punctuation (!!!, ???)
- Heavy use of isolated words like "FREE", "WIN", "GUARANTEED", "URGENT"
- Dollar signs and percentage symbols in isolation
Check: Read your subject line out loud. Would a trusted colleague send this? If it sounds like a late-night infomercial, rewrite it.
8. Email Body Doesn't Contain Spam-Trigger Phrases
Content filters score your entire email body — not just subject lines. Context matters: "free trial" in an onboarding email is fine; a page full of "FREE" in large font is not.
Check: Look for overuse of capitalised promotional language, excessive exclamation marks, and aggressive urgency framing throughout the body.
9. Plain Text Version Is Included Alongside HTML
Sending HTML-only email without a plain text alternative is a pattern associated with spam. Most email platforms generate a plain text version automatically if you configure them to do so.
Check: View the raw source of a test email and confirm you see both Content-Type: text/plain and Content-Type: text/html parts.
List Quality
10. Unsubscribe Link Is Present and Functional
Required by CAN-SPAM in the US and equivalent legislation in other jurisdictions. More importantly, a missing or broken unsubscribe link drives spam complaints — recipients who can't unsubscribe hit "report spam" instead.
Check: Click the unsubscribe link in a test email. Confirm it works and processes the removal.
11. List Has Been Cleaned: Bounces and Unsubscribed Contacts Removed
Sending to hard-bounce addresses and unsubscribed contacts damages your sender reputation and risks blacklist listings.
Check: Confirm your sending platform is suppressing hard bounces automatically. Run a manual review of unsubscribed contacts if you're switching platforms and importing lists.
12. Unengaged Subscribers Are Segmented or Suppressed
Sending to contacts who haven't opened or clicked in 12+ months inflates your list size while driving down engagement rates. Low engagement signals to email providers that your email isn't wanted.
Check: In your email platform, identify contacts with zero opens in the past 6–12 months. Either run a re-engagement campaign before your main send, or suppress them.
Sending Infrastructure
13. Send Volume Is Ramping Up Gradually for New Domains or IPs
Sending high volumes from a new domain or a freshly configured sending IP — before building a reputation — is a reliable way to trigger spam filters and blacklist listings.
Check: If you're using a new domain or recently switched email providers, confirm you're following an IP/domain warm-up schedule: start with hundreds of emails per day to your most engaged contacts, and increase over 4–6 weeks.
14. Test Email Has Been Reviewed in Multiple Email Clients
Rendering issues — broken layouts, missing images, garbled formatting — increase delete rates, which damages sender reputation over time.
Check: Send a test to Gmail, Outlook, and at least one mobile client. Confirm the layout renders correctly and all links work.
15. DMARC Aggregate Reports Are Being Monitored
DMARC reports tell you if a new sending tool, a misconfigured platform, or a spoofing attempt is affecting your domain. They're your early warning system.
Check: Confirm the rua tag in your DMARC record points to an active inbox. Check reports at least once a week.
The Items That Matter Most
Authentication (items 1–4) is where the majority of serious deliverability problems originate. A broken SPF record or a blacklist listing will override everything else on this list.
Run a free Full Audit first. It checks items 1–4 simultaneously and tells you exactly what's configured, what's missing, and what to fix — in under 60 seconds.
If your emails are already going to spam, see the full email spam diagnosis guide for a systematic troubleshooting approach.
For a deeper understanding of SPF, DKIM, and DMARC and why all three are needed, see the authentication overview.
Run a free Full Audit to verify items 1–4 instantly — no account required at EmailAudit.io