THE COMPLETE GUIDE TO IMPROVE INBOX AND DELIVERABILITYThe very first condition of great marketing is to make sure your message actually reaches your audience. We know that many companies struggle to land their emails in their customers’ inboxes. If you're one of them, you will find this guide to be a lifesaver. We used our knowledge and experience to create a complete set of guidelines to help you achieve a better email deliverability and maintain a healthier sending reputation.
Here are our guidelines:
- Separate the types of emails you send. If your company sends "Transactional Emails" and "Newsletters, Receipts, Reminders, etc." use a dedicated IP and domain name for each type. For regular corporate transactional emails, use the domain "your_company_name.com" and for all other emails use a different domain but similar with the main one such as "your_company_namenews.com". Each domain needs to mail out on separate dedicated IPs. When different types of mailings are mixed, Google and other ISPs will tend to combine/group your corporate emails under the "Promotional" and "Other" tabs.
- Use reCAPTCHA from Google on your registration screen. Google's reCAPTCHA is used to prevent automated bots from signing up or registering on your site, subscribing to your newsletters and so on. Sending e-mails to bot registrations or to people that exist but have been registered by a bot can hurt your emailing metrics. For example, if you email 100 bot registrations to an ISP and none of them are opened and/or clicked through, this tells the ISP that overall not too many people are interested in your emails, hence your emails are seen as junk/spam.
- Use double opt-in confirmation for all of your emails. This requires the user's confirmation that he has actively joined your email list. When a user registers on your site or subscribes to your newsletter, you need to send them an email. The subscriber needs to click a link in the email in order to confirm that he is the owner of the email address and does want to receive emails from you. Remember, we talked about how bots can sign up real people in step #2? Emailing people who didn't confirm to receive emails from you will very possibly get your email marked as spam, and that will hurt your inbox rate.
- Use a real-time API that verifies emails on registrations and signups. Remember, we talked about how bots can sign up real people in step #2? Emailing people who didn't confirm to receive emails from you will very possibly get your email marked as spam, and that will hurt your inbox rate.
Here's an example of a place that provides "disposable" e-mail addresses.Learn more about ZeroBounce Real-Time API here: Real-Time API Documentation
- Use SPF authentication. Also known as "Sender Policy Framework", this is an authentication protocol that states whether an IP is authorized or not to send emails for a domain. Here are a few places with useful resources about SPF:Here's an easy wizard to help you create your SPF Record:Here are some SPF Testing tools:
- Use DKIM authentication. Also known as "DomainKeys Identified Mail", this is a protocol that allows other mail servers to verify whether the email you sent has been tampered with or not. Basically, it verifies whether the email received from a specific domain was indeed authorized by the owner of that domain. Here are a few places with useful resources about DKIM:
Here's an easy wizard to help you create your DKIM Record:
Here are some DKIM tools that will sign your emails. Most mail servers have this feature built in and you just need to enable it:
Here are some DKIM testing tools:
- Use DMARC authentication. Shortcut for "Domain-based Message Authentication, Reporting & Conformance", this is an authentication method that prevents phishing attacks and reduces spam. It enforces a policy that tells the ISP what to do when it receives emails, apparently from your company, that fail either SPF or DKIM.
Here are a few places with useful resources about DMARC:
Here's an easy wizard to help you create your DMARC Record:
Here are some DMARC testing tools:
Here are some places that analyze the RAU and RAF reports you receive from ISPs pertaining to your DMARC Policy. These places transform the reports you receive into something that's human readable and they will also let you know if bad actors are abusing your domain.
- Use a reputable DNS Provider. Mail delivery depends a lot on being able to retrieve records from DNS.ISP's also check the reputation of your nameservers. Here are a few DNS Providers:
- DYN Managed DNS - Provides a lot of tools and options to secure your DNS Properly.
- Cloudflare - Provides DNS Management and a suite of optimization tools.
- DNS from large registrars should be fine, although we have seen slowness in some registrars applying DNS changes.
- Use a reputable CDN for static content. Also known as "Content Delivery Network", it caches versions of your content around the world.
There are four main reasons to use a CDN:
- To provide faster load times for images included in the emails you send.
- ISP Providers won't block them since they are known and reputable.
- You will also benefit from DDOS protection which keeps your website online even if it`s attacked.
- You will benefit by default from an advanced firewall that can help mitigate some of the classic attacks looking to exploit your website.
Use PTR records (Reverse DNS Lookups) for your sending IPs. This is mandatory. Most ISPs require FCrDNS (Foward Confirmed Reverse DNS). It sounds complicated, but it's really not.
For Example in DNS: A Record (126.96.36.199) > "Points To" > PTR Record > "Points to" > Hostname (example.com) (Forward) Hostname (example.com) > "Points To" > PTR Record > "Points to" > A Record (188.8.131.52) (Reverse)
Here are a few resources on FCrDNS:
Here are a few places to test FCrDNS at:
Warming up IPs is important. Don’t send too many emails at once. If your sending platform supports it, use limits per hour or per day for each of the IPs per domain. If you send too many mails at the beginning, you can get bounces and/or deferrals.
Here are some limits, per provider, that you should follow in the first 30 days:
- Yahoo: 200 emails/day/IP (for at least 5 days), then you can double every day.
- Gmail: 200 emails/day/IP (for at least 5 days), then you can double every day.
- Hotmail: 200 emails/day/IP (for at least 5 days), then you can double every day.
- AOL: 200 emails/day/IP (for at least 5 days), then you can double every day.
- Cloudmark (all domains): 50 emails/day/IP
- Time Warner: 100 emails/hour/IP
- Cox: 100 emails per connection per IP, up to 5 IPs
You should always visit the postmaster website of the domains you are trying to send to in bulk. A lot of times you'll find the sending limits published within their bulk sender guidelines.
A good example on how you should warm up your IPs is listed below:
- Start a new warm up for the existing IP.
- Send only to subscribers who have opened at least one of your emails in the past 30 days.
- Limit your starting volume to 3,000 subscribers.
- Keep sending to those subscribers only, for the first 3 days, before increasing the volume.
- Increase the volume by 1,500 subscribers with opens in the last 30 days. Your new total volume should be 4,500 subscribers.
- Keep sending to the new volume of 4,500 for two more days.
- Follow this strategy to increase the volume every two or three days by 50% of the actual volume.
- After 10 days, you can start increasing the volume by doubling it.
Register to all FBLs. Also known as complaint feedback loop, it is a service offered by some ISPs that report back complaints (when a subscriber hits the spam or junk button in their inbox) to the sender. It's provided to aid senders in keeping a clean list and preventing the subscriber from getting unwanted mail.
A list on all feedback loops can be found below:
Gmail has a feedback loop that is only available for ESPs who are MAAWG members and are approved by Google as good senders.
Delivery Monitors and IP/Domain Health monitors. Some of the largest ISPs provide tools to monitor your IPs, domain health and delivery.
Sign up to the places listed below and start monitoring the health of your emailing. Google Postmaster
- Spam Rate
- IP Reputation
- Domain Reputation
- FeedbackLoop Identifiers
- Authentication (DKIM/SPF/DMARC) rates
- Encryption (e.g. if you send emails using TLS) rates
- Delivery Errors (for example, if you retry to fast)
- IP Reputation
- Complaint Rate per IP
- Traps per IP and the date
- Ehlo/Helo and mail from used when sending emails.
- Make sure your domain/IPs are not on any blacklists before you send. Many companies use the same blacklist providers, so being listed on a single blacklist can affect your delivery to many different ISPs.There are a few different types of blacklists.
Some ISPs use multiple blacklists, so it's very important to monitor all aspects of your sending using the different tools available.Here are our favorite tools for checking if your domain/IP is on a public blacklist:For automated blacklist monitoring, use:
- Public - These blacklists are published so any ISP can use them. They are the easiest ones to monitor using automated tools.
- Private - These are paid blacklists - The only way to actively monitor these is to use inbox testing tools to check your delivery.
- Internal - These are maintained by the ISPs directly. They can be monitored with inbox testing tools, as well.
Here are a few places you can check your IPs that are not included in the automated blacklist checks mentioned above:
How to delist at non-obvious places
- CenturyLink - [C10] RBL restriction: Blacklisted by Internal Reputation Service - Send an email to "postmaster [at] embarqmail.com" with the subject line "Please investigate for spamlike qualities" and list your Ips
- Hotmail - Fill out this form
- United Online (Netzero/Juno/Bluelight) - Fill out this form
- Whitelist your IPs after 90 days of sending. The reason you have to wait 90 days, is that some whitelisting services require to see your sending history.
Whitelisting your IPs provides many different benefits at different ISPs:
- Increased inbox rates
- Increased Sending Volumes
- Less restrictive spam filtering
Free whitelisting services:
Paid whitelisting services:
- Email List Quality. Try to avoid buying and renting an email list, even if it’s from a reputable provider. ESPs have ways of detecting if a list is bought or rented and they can/will reject it when you will try to import it into their mailing platforms. No email validation company can help you here and the reason has nothing to do with the validity of the email recipients.
Try to get an open rate of at least 20% and a click-through of at least 1%.
We also recommend removing all non-opener emails after 6 months. These emails are probably valid, but not in use.
- Monitor Your Sender Score. A lot of domains use Sender Score as a determining factor to allow emails from your IPs. If your Sender Score is < 90 you should take action to improve it. You can monitor you Sender Score: Here
- Before you send, clean your list of bounces, traps, and complainers. By reducing these three components from your email lists, you will increase your list quality, your Sender Score, your domain and IP reputation. All these factors increase your delivery and inbox rates. We provide this service at an excellent price. Get your email list cleaned with us today.
- Verify your email is set up and configured correctly for sending. There's really only one way to do this accurately. You have to use Unlock The Inbox - Mail Tester. For $5 you'll get a very detailed technical report of your email server configuration highlighting any problems. We recommend getting the subscription for $10 a month because it provides unlimited email testing, unlimited inbox testing, and blacklist monitoring.
- Create abuse@ and postmaster@ email addresses at your sending domain. ISPs rely on these two addresses for feedback loops and complaints. Not having these two accounts set up is a red flag and they are also required by the RFC Standards.
- Content. Use the recipient's name in the subject line and in the header of the html (e.g.: "Dear John"). Make sure you check for spam words and domains in the HTML. (for example, if you use a domain in any of the links in the html that is present in a DBL (Domain Blacklist), your email might bounce). Inbox Test every campaign you're going to send and make adjustments where needed.
- Remove inactive emails. We recommend removing non-opening emails or non-clicking emails after 180 days. A lot of ISP algorithms are based on user engagement. The more non-openers and non-clickers, the worse the statistic gets and the worse your inbox rate becomes. After six months, you can also retry sending to these email addresses to see if the recipients open or click.
- Make sure you don't use too many connections per IP when sending your emails. Every ISP limits the number of connections per IP. Always view the Postmaster Guidelines of the different ISP regarding Rate Limiting.
Here are some safe values to use:
- AOL - 150 Connections/IP
- ATT - 5 Connections/IP
- Comcast - 35 Connections/IP
- Charter - 150 Connections/IP
- Earthlink - 150 Connections/IP
- Gmail - 150 Connections/IP
- Hotmail - 150 Connections/IP
- Italia Online - 1 Connections/IP
- Lycos - 150 Connections/IP
- Mac.com - 150 Connections/IP
- Mail.com - 150 Connections/IP
- Orange - 3 Connections/IP
- RoadRunner - 150 Connections/IP
- Swisscom - 5 Connections/IP
- TDC - 10 Connections/IP
- Telefonica - 5 Connections/IP
- Telenor - 5 Connections/IP
- United - 5 Connections/IP
- USA.net - 150 Connections/IP
- Yahoo - 150 Connections/IP
- Verizon - 150 Connections/IP
For all small domains, we recommend using no more than 2 connections/IP.
- Make sure you retry temporary errors. One of the most common ways that ISPs use to reduce spam is called "Greylisting" or Temporary Errors, also known as SMTP 451. When these conditions occur, the ISP expects your mail server to re-attempt delivery of that email at a later time. When attempting to send the email again, you must use the same IP as rotating the IP will just get the email greylisted again.
Retry times should be configured by the schedule below:
- First Retry - 15 Minutes
- Second Retry - 45 Minutes
- Third Retry - 2 Hour
- Forth Retry - 6 Hours
- Fifth Retry - 12 Hours
This will also help if you have a configuration issue, so you won't have too many retries. If you have too many, this can affect your sender score in an adverse way.
- Use a functional unsubscribe method. ISPs love unsubscribe links and use of the list-unsubscribe header. Using these options will help reduce the number of SPAM Complaints because the recipient can easily unsubscribe.
- Include a physical address in your email. This complies with the CAN-SPAM act and it's also a good practice which increases trust.
Here is an example of how a footer should look:
Example LLC Example address, CA, US PR Manager: John Doe Phone: +1800… Email: email@example.com Want to change how you receive these emails? You can update your preferences or unsubscribe.
- Monitor your brand for compliance. For larger companies, it's worth looking into using tools like Lashback that specializes in brand protection and compliance.
- Use SSL for your domain and links to your website. When sending emails ensure that all the links to your site are under SSL. Modern browsers alert the user when the connection is unsecure. When your customers see these alerts they get alarmed and that can cause them to mistakenly mark your emails as spam, affecting your deliverability.
- Use a Reply-To header that is valid. We all receive emails from noreply@, but it's actually better to have a functional Reply-To that's monitored and customers enquiries are responded to. The more engagement between you and your customers, the better your deliverability.
- Send 1 email per connection. You should only send emails to 1 person. You've seen those emails where you have a large number of "CC" or "TO" recipients. This is a huge spam flag. When sending out bulk emails, ensure each email is addressed to a single person and not multiple contacts at once.
- Enable outgoing TLS connections. Mail servers are supposed to be opportunistic in nature and what that means is they all prefer to use the most secure protocol when accepting mail - TLS 1.2, TLS 1.1, TLS 1.0, NO TLS in that order. Some mail servers will refuse all non-TLS transmissions, so in order to achieve maximum deliverability, you should always enable TLS when sending email.
- Ensure that your abuse/complaint rates remain low. Once you sign up to the FBLs (Feedback Loops), as discussed earlier in this document, you need to actively remove those subscribers from your mailing list when you receive the alerts, in order to keep your abuse/complaint rate low. When these metrics get too high, they will affect your deliverability.
Here are some guidelines to keep your abuse/complaint rates below per destination ISP:
- Hotmail < 0.1%
- Yahoo < 0.2%
- AOL <= 0.3%
- Comcast <= 0.5%
- Do not use private WHOIS for your domains. All registered domains are required to have accurate information by ICANN. Hiding behind private WHOIS can hurt your domain reputation and, in some cases, it is even illegal (CAN-SPAM Act).
- Use DNSSEC. DNSSEC is a technology that was created to protect the hijacking of DNS Lookups. This is not a requirement. However, it's a good security procedure.
- Remain consistent in your sending behavior. Send your newsletters, promotional, marketing materials on the same day, every week/month. Being consistent proves you have a real business and keeps your IPs warm.
- Do not segment emails per destination ISP. Separating your e-mails based on destination, unless under special circumstances, has a detrimental effect. Some domains will use SenderScore for reputation lookups, but those IPs will never get their sender score increased because they don't report back to Return-Path.
- Do not send affiliate email marketing. Most ISPs blacklist the subject lines and content for this type of email. Remember, everyone is sending the same affiliate promotion. ISPs have AI that learn subject links and content, and your IPs will get blacklisted or are going to be limited to only being able to send to the spam folder. Normally, ISPs will accept and won’t complain if you add an advertisement to your normal newsletter.
- Use dedicated IPs, never shared ones. While shared IPs will have certain advantages in the beginning (e.g. no warm-up period), you will not be able to whitelist them and you will inherit the reputation of other senders using the same IPs.
- Honor all unsubscribe requests. Whether it's through an automatic unsubscribe link or manually requested, honor it. The sooner you honor it, the better. Never wait more than 10 days to do so, this is a requirement of the CAN-SPAM law.
- Comply with the law: CASL for CA, CAN-SPAM for US, DPEC for EU and other local anti-spam laws. When you're in compliance with the law, everything becomes much easier to whitelist and managing your reputation will be free of obstacles.
Here are the links to some of the major e-mail laws:
- Your domain has to have valid MX records. Although the RFC states that if the MX record is missing, one should use the A record as the mail server. We noticed that many ISPs don't follow the standard and they check the validity of your MX Record before allowing email from your domain. If you're looking for a good mail service provider (ISP) for your domain, we recommend using G-Suite from Google.
- Inbox testing. We mentioned this before and we cannot stress enough how important it is. Different ISPs use different spam filters, and what might inbox at Yahoo, might land in the spam folder on Gmail. Without inbox testing you can ruin your reputation and not get your emails delivered to the inbox with certain ISPs.
The best tool for inboxing testing is Unlock The Inbox - Inbox Tester. For just $10 a month, you get unlimited testing.
This information was provided to you by several experts with many years of experience in email deliverability. If you would like to contribute, please contact us and let us know.
We also offer professional help in implementing all of the above, please contact us for details.