Email Deliverability main header background

The Guide to Email Deliverability

Email Marketing Done Right

The very first condition of great marketing is to make sure your message actually reaches your audience. We know that many companies struggle to land their emails in their customers’ inboxes. If you're one of them, you will find this guide to be a lifesaver. We used our knowledge and experience to create a complete set of guidelines to help you achieve a better email deliverability and maintain a healthier sending reputation.

Basic Email Deliverability Guidelines

Separate the types of emails you send

If your company sends "Transactional Emails" and "Newsletters, Receipts, Reminders, etc." use a dedicated IP and domain name for each type. For regular corporate transactional emails, use the domain "" and for all other emails use a different domain but similar with the main one such as "". Each domain needs to mail out on separate dedicated IPs. When different types of mailings are mixed, Google and other ISPs will tend to combine/group your corporate emails under the "Promotional" and "Other" tabs.

Use reCAPTCHA from Google on your registration screen.

Google's reCAPTCHA is used to prevent automated bots from signing up or registering on your site, subscribing to your newsletters and so on. Sending e-mails to bot registrations or to people that exist but have been registered by a bot can hurt your emailing metrics. For example, if you email 100 bot registrations to an ISP and none of them are opened and/or clicked through, this tells the ISP that overall not too many people are interested in your emails, hence your emails are seen as junk/spam.

Group 5

Can sign up real people. Emailing people who didn't confirm to receive emails will hurt your inbox rate

Use double opt-in confirmation for all of your emails.

This requires the user's confirmation that he has actively joined your email list. When a user registers on your site or subscribes to your newsletter, you need to send them an email. The subscriber needs to click a link in the email in order to confirm that he is the owner of the email address and does want to receive emails from you.

Use a real-time API that verifies emails on registrations and signups

Remember, we talked about how bots can sign up real people in step #2? Emailing people who didn't confirm to receive emails from you will very possibly get your email marked as spam, and that will hurt your inbox rate.

Here's an example of a place that provides "disposable" e-mail addresses:

Learn more about ZeroBounce Real-Time API here: Real-Time API Documentation Real-Time API Documentation


Use SPF authentication

Also known as "Sender Policy Framework", this is an authentication protocol that states whether an IP is authorized or not to send emails for a domain.

Here are a few places with useful resources about SPF:

Use DKIM Authentication

Also known as "DomainKeys Identified Mail", this is a protocol that allows other mail servers to verify whether the email you sent has been tampered with or not. Basically, it verifies whether the email received from a specific domain was indeed authorized by the owner of that domain.

Here are a few places with useful resources about DKIM:
Here's are easy DKIM generators to help you create your DKIM Record
Here are some DKIM tools that will sign your emails. Most mail servers have this feature built in and you just need to enable it
Here's a good DKIM testing tool:

Use DMARC authentication

Shortcut for "Domain-based Message Authentication, Reporting & Conformance", this is an authentication method that prevents phishing attacks and reduces spam. It enforces a policy that tells the ISP what to do when it receives emails, apparently from your company, that fail either SPF or DKIM.

Here are a few places with useful resources about DMARC
Here are places you can use to Generate your Dmarc Record

Use a reputable DNS Provider

Mail delivery depends a lot on being able to retrieve records from DNS.

ISP's also check the reputation of your nameservers. Here are a few DNS Providers:
  • DYN Managed DNS - Provides a lot of tools and options to secure your DNS Properly.
  • Cloudflare - Provides DNS Management and a suite of optimization tools.
  • DNS from large registrars should be fine, although we have seen slowness in some registrars applying DNS changes.
Group 5

Mail delivery depends a lot on being able to retrieve records from DNS.

Use a reputable CDN for static content

Also known as "Content Delivery Network", it caches versions of your content around the world.

There are four main reasons to use a CDN:
  • To provide faster load times for images included in the emails you send.
  • ISP Providers won't block them since they are known and reputable.
  • You will also benefit from DDOS protection which keeps your website online even if it`s attacked.
  • You will benefit by default from an advanced firewall that can help mitigate some of the classic attacks looking to exploit your website.
CDN Providers:

DNS Example
A Record ( > "Points To " > PTR Record > "Points to" > Hostname (
Hostname ( > "Points To" > PTR Record > "Points to" > A Record (

Group 5

ISP Providers won't block content from CDNs since they are known and reputable.

Use PTR records (Reverse DNS Lookups) for your sending IPs

This is mandatory. Most ISPs require FCrDNS (Foward Confirmed Reverse DNS). It sounds complicated, but it's really not.

Here are a few places to test FCrDNS at:

Warming up your IPs

Warming up IPs is important

Don’t send too many emails at once. If your sending platform supports it, use limits per hour or per day for each of the IPs per domain. If you send too many mails at the beginning, you can get bounces and/or deferrals.

Here are some limits, per provider, that you should follow in the first 30 days:
  • Yahoo: 200 emails/day/IP (for at least 5 days), then you can double every day.
  • Gmail: 200 emails/day/IP (for at least 5 days), then you can double every day.
  • Hotmail: 200 emails/day/IP (for at least 5 days), then you can double every day.
  • AOL: 200 emails/day/IP (for at least 5 days), then you can double every day.
  • Cloudmark (all domains): 50 emails/day/IP
  • Time Warner: 100 emails/hour/IP
  • Cox: 100 emails per connection per IP, up to 5 IPs

You should always visit the postmaster website of the domains you are trying to send to in bulk. A lot of times you'll find the sending limits published within their bulk sender guidelines.

Several examples on how to warm up your IPs:
  • Start a new warm up for the existing IP.
  • Send only to subscribers who have opened at least one of your emails in the past 30 days.
  • Limit your starting volume to 3,000 subscribers.
  • Keep sending to those subscribers only, for the first 3 days, before increasing the volume.
  • Increase the volume by 1,500 subscribers with opens in the last 30 days. Your new total volume should be 4,500 subscribers.
  • Keep sending to the new volume of 4,500 for two more days.
  • Follow this strategy to increase the volume every two or three days by 50% of the actual volume.
  • After 10 days, you can start increasing the volume by doubling it.

Feedback Loops (FBL)

Register to all FBLs

Also known as complaint feedback loop, it is a service offered by some ISPs that report back complaints (when a subscriber hits the spam or junk button in their inbox) to the sender. It's provided to aid senders in keeping a clean list and preventing the subscriber from getting unwanted mail.

Group 9

Feedback loops are provided by some ISPs to aid senders in keeping a clean list and preventing the subscriber from getting unwanted mail

A list on all feedback loops can be found below:

Gmail has a feedback loop that is only available for ESPs who are MAAWG members and are approved by Google as good senders.

Group 5

Companies most often use the same blacklist providers… being listed on a single blacklist can affect your delivery to many different ISPs.

Delivery Monitors and IP/Domain Health monitors

Some of the largest ISPs provide tools to monitor your IPs, domain health and delivery.

Sign up to the places listed below and start monitoring the health of your emailing:

Google Post Master
  • Spam Rate
  • IP Reputation
  • Domain Reputation
  • FeedbackLoop Identifiers
  • Authentication (DKIM/SPF/DMARC) rates
  • Encryption (e.g. if you send emails using TLS) rates
  • Delivery Errors (for example, if you retry to fast)
  • IP Reputation
  • Complaint Rate per IP
  • Traps per IP and the date
  • Ehlo/Helo and mail from used when sending emails.

Email Blacklists

Make sure your domain/IPs are not on any blacklists before you send

Many companies use the same blacklist providers, so being listed on a single blacklist can affect your delivery to many different ISPs.

There are a few different types of blacklists

  • Public - These blacklists are published so any ISP can use them. They are the easiest ones to monitor using automated tools.
  • Private - These are paid blacklists - The only way to actively monitor these is to use inbox testing tools to check your delivery.
  • Internal - These are maintained by the ISPs directly. They can be monitored with inbox testing tools, as well.

Some ISPs use multiple blacklists, so it's very important to monitor all aspects of your sending using the different tools available.

Here are our favorite tools for checking if your domain/IP is on a public blacklist:
For automated blacklist monitoring, use:
How to delist at non-obvious places
  • CenturyLink - [C10] RBL restriction: Blacklisted by Internal Reputation Service - Send an email to "postmaster [at]" with the subject line "Please investigate for spamlike qualities" and list your Ips
  • Hotmail - Fill out this form
  • United Online (Netzero/Juno/Bluelight) - Fill out this form
  • Vade Secure - Fill out this form

Whitelisting Services

Whitelist your IPs after 90 days of sending

The reason you have to wait 90 days, is that some whitelisting services require to see your sending history.

Whitelisting your IPs provides many different benefits at different ISPs:
  • Increased inbox rates
  • Increased Sending Volumes
  • Less restrictive spam filtering
Free whitelisting services
Paid whitelisting services

Email List Quality / Sender Score

Try to avoid buying and renting an email list, even if it’s from a reputable provider. ESPs have ways of detecting if a list is bought or rented and they can/will reject it when you will try to import it into their mailing platforms. No email validation company can help you here and the reason has nothing to do with the validity of the email recipients.

Try to get an open rate of at least 20% and a click-through of at least 1%.

We also recommend removing all non-opener emails after 6 months. These emails are probably valid, but not in use.

Group 7

A lot of domains use Sender Score as a determining factor to allow emails from your IPs. If your Sender Score is less than 90 you should take action to improve it.

Monitor Your Sender Score

Domains use Sender Score to determine wether or not to allow emails from certain IPs. If your Sender Score is < 90 you should take action to improve it. You can monitor you Sender Score: Here to find more about senderscore

Before you send, clean your list of bounces, traps, and complainers

By reducing these three components from your email lists, you will increase your list quality, your Sender Score, your domain and IP reputation. All these factors increase your delivery and inbox rates. We provide this service at an excellent price. Get your email list cleaned with us today.

Verify your email is set up and configured correctly for sending.

There's really only one way to do this accurately. You have to use ZeroBounce - Mail Tester. With a ZeroBounce Deliverability Tools Subscription you'll get a very detailed technical report of your email server configuration highlighting any problems.

Create abuse@ and postmaster@ email addresses at your sending domain

ISPs rely on these two addresses for feedback loops and complaints. Not having these two accounts set up is a red flag and they are also required by the RFC Standards.


Use the recipient's name in the subject line and in the header of the html (e.g.: "Dear John"). Make sure you check for spam words and domains in the HTML. (for example, if you use a domain in any of the links in the html that is present in a DBL (Domain Blacklist), your email might bounce). Inbox Test every campaign you're going to send and make adjustments where needed.

A Few Industry Best Practices

Remove inactive emails

We recommend removing non-opening emails or non-clicking emails after 180 days. A lot of ISP algorithms are based on user engagement. The more non-openers and non-clickers, the worse the statistic gets and the worse your inbox rate becomes. After six months, you can also retry sending to these email addresses to see if the recipients open or click.

Make sure you don't use too many connections per IP when sending your emails.

Every ISP limits the number of connections per IP. Always view the Postmaster Guidelines of the different ISP regarding Rate Limiting.

Here are some safe values to use
  • AOL - 150 Connections/IP
  • ATT - 5 Connections/IP
  • Comcast - 35 Connections/IP
  • Charter - 150 Connections/IP
  • Earthlink - 150 Connections/IP
  • Gmail - 150 Connections/IP
  • Hotmail - 150 Connections/IP
  • Italia Online - 1 Connections/IP
  • Lycos - 150 Connections/IP
  • - 150 Connections/IP
  • - 150 Connections/IP
  • Orange - 3 Connections/IP
  • RoadRunner - 150 Connections/IP
  • Swisscom - 5 Connections/IP
  • TDC - 10 Connections/IP
  • Telefonica - 5 Connections/IP
  • Telenor - 5 Connections/IP
  • United - 5 Connections/IP
  • - 150 Connections/IP
  • Yahoo - 150 Connections/IP
  • Verizon - 150 Connections/IP

For all small domains, we recommend using no more than 2 connections/IP.

Make sure you don't use too many connections per IP when sending your emails.

Every ISP limits the number of connections per IP. Always view the Postmaster Guidelines of the different ISP regarding Rate Limiting.

Make sure you retry temporary errors

One of the most common ways that ISPs use to reduce spam is called "Greylisting" or Temporary Errors, also known as SMTP 451. When these conditions occur, the ISP expects your mail server to re-attempt delivery of that email at a later time. When attempting to send the email again, you must use the same IP as rotating the IP will just get the email greylisted again.

Retry times should be configured by the schedule below
  • First Retry - 15 Minutes
  • Second Retry - 45 Minutes
  • Third Retry - 2 Hour
  • Forth Retry - 6 Hours
  • Fifth Retry - 12 Hours

This will also help if you have a configuration issue, so you won't have too many retries. If you have too many, this can affect your sender score in an adverse way.

Monitor your brand for compliance

For larger companies, it's worth looking into using tools like Lashback that specializes in brand protection and compliance.

Use a Reply-To header that is valid

We all receive emails from noreply@, but it's actually better to have a functional Reply-To that's monitored and customers enquiries are responded to. The more engagement between you and your customers, the better your deliverability.

Send 1 email per connection

You should only send emails to 1 person. You've seen those emails where you have a large number of "CC" or "TO" recipients. This is a huge spam flag. When sending out bulk emails, ensure each email is addressed to a single person and not multiple contacts at once.

Enable outgoing TLS connections

Mail servers are supposed to be opportunistic in nature and what that means is they all prefer to use the most secure protocol when accepting mail - TLS 1.2, TLS 1.1, TLS 1.0, NO TLS in that order. Some mail servers will refuse all non-TLS transmissions, so in order to achieve maximum deliverability, you should always enable TLS when sending email.

Ensure that your abuse/complaint rates remain low

Once you sign up to the FBLs (Feedback Loops), as discussed earlier in this document, you need to actively remove those subscribers from your mailing list when you receive the alerts, in order to keep your abuse/complaint rate low. When these metrics get too high, they will affect your deliverability.

Here are some guidelines to keep your abuse/complaint rates below per destination ISP

  • Hotmail < 0.1%
  • Yahoo < 0.2%
  • AOL <= 0.3%
  • Comcast <= 0.5%

Do not use private WHOIS for your domains

All registered domains are required to have accurate information by ICANN. Hiding behind private WHOIS can hurt your domain reputation and, in some cases, it is even illegal (CAN-SPAM Act).

Have a functional and complete privacy policy on your website

When asking for ISPs to whitelist your IPs/Domain, they do look for your privacy statement and verify it.


DNSSEC is a technology that was created to protect the hijacking of DNS Lookups. This is not a requirement. However, it's a good security procedure.

Remain consistent in your sending behavior

Send your newsletters, promotional, marketing materials on the same day, every week/month. Being consistent proves you have a real business and keeps your IPs warm.

Do not segment emails per destination ISP

Separating your e-mails based on destination, unless under special circumstances, has a detrimental effect. Some domains will use SenderScore for reputation lookups, but those IPs will never get their sender score increased because they don't report back to Return-Path.

Do not send affiliate email marketing

Most ISPs blacklist the subject lines and content for this type of email. Remember, everyone is sending the same affiliate promotion. ISPs have AI that learn subject links and content, and your IPs will get blacklisted or are going to be limited to only being able to send to the spam folder. Normally, ISPs will accept and won’t complain if you add an advertisement to your normal newsletter.

Laws and Compliance

Honor all unsubscribe requests

Whether it's through an automatic unsubscribe link or manually requested, honor it. The sooner you honor it, the better. Never wait more than 10 days to do so, this is a requirement of the CAN-SPAM law.

Group 5

When you're in compliance with the law, everything becomes much easier to whitelist

Comply with the law: CASL for CA, CAN-SPAM for US, DPEC for EU and other local anti-spam laws

When you're in compliance with the law, everything becomes much easier to whitelist and managing your reputation will be free of obstacles.

Here are the links to some of the major e-mail laws:

MX Records

Your domain has to have valid MX records

Although the RFC states that if the MX record is missing, one should use the A record as the mail server. We noticed that many ISPs don't follow the standard and they check the validity of your MX Record before allowing email from your domain. If you're looking for a good mail service provider (ISP) for your domain, we recommend using G-Suite from Google.


Inbox testing

We mentioned this before and we cannot stress enough how important it is. Different ISPs use different spam filters, and what might inbox at Yahoo, might land in the spam folder on Gmail. Without inbox testing you can ruin your reputation and not get your emails delivered to the inbox with certain ISPs.

The best tool for inboxing testing is ZeroBounce - Inbox Tester.


This information was provided to you by several experts with many years of experience in email deliverability. If you would like to contribute, please contact us and let us know.

We also offer professional help in implementing all of the above, please contact us for details.

The best verification and cleaning starts with ZeroBounce

Try It Free

Get 100 free monthly email verifications