Improving Email Deliverability: Preventing Blocks & Spam Placement

How Email Delivery Works

When you send an email, your mail server uses SMTP to hand off the message to the recipient’s mail server. That server checks:

• Your sending IP’s reputation and reverse PTR record
• DNS-based authentication (SPF, DKIM, DMARC)
• Message content and headers
• Blacklists and spam filter rules

Common Delivery Issues

• Soft bounces (temporary failures like mailbox full)
• Hard bounces (invalid addresses)
• Spam folder placement due to missing or misconfigured authentication
• Blocked by blacklists or ISP filters

SPF (Sender Policy Framework)

SPF lets you declare which mail servers may send on behalf of your domain. Add a TXT record in DNS like:

v=spf1 ip4:1.2.1.2/24 include:mail.example.com -all

• ~all (soft fail) or -all (hard fail) at the end
• Use include: for third-party senders (e.g., newsletter services)
• Keep the record under 512 bytes to avoid truncation

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to outgoing messages. Steps:

1. Generate an RSA key pair on your mail server.
2. Publish the public key in a TXT record (e.g., default._domainkey.yourdomain.com):

v=DKIM1; k=rsa; p=PUBLIC_KEY_STRING

3. Configure your MTA (Postfix, Exim, etc.) to sign outgoing mail with the private key.

DMARC (Domain-based Message Authentication)

DMARC builds on SPF and DKIM to give you control and reporting. Create a TXT record at _dmarc.yourdomain.com:

v=DMARC1; p=quarantine; rua=mailto:reports@yourdomain.com; pct=100

• p=none (monitor), p=quarantine (move to spam), p=reject (block)
• rua address receives aggregate reports
• pct percentage of messages to apply policy against

Best Practices

• Maintain consistent sending IPs and ensure reverse PTR is set.
• Warm up new IP addresses gradually before high-volume sends.
• Use double opt-in and provide clear unsubscribe links.
• Monitor bounce rates and remove invalid addresses promptly.
• Rotate DKIM keys periodically and keep them secure.
• Review DMARC reports to adjust policies and identify sources.

Additional Tips

• Check blacklists regularly (tools like MXToolbox).
• Use TLS encryption for SMTP (STARTTLS) to protect in-transit data.
• Avoid spammy content in subject lines and body (all-caps, excessive links).
• Ensure your HELO/EHLO hostname matches your domain.
• Implement feedback loops with major ISPs to catch complaints quickly.