Why Your Emails Aren't Being Delivered (And How to Fix It) 📧

Look, I get it. You hit send on that important email, maybe a proposal to a client or a password reset to a user, and then... nothing. They never got it. Or worse, you find out a week later it landed in their spam folder.

It's maddening. And honestly, email should "just work" by now. But here's the thing: the email system we all rely on was built in the 1970s, and we've been duct-taping security onto it ever since.

So let's figure out what's actually going wrong and how to fix it.

📋 What We'll Cover

How email actually works
Why your emails are failing
The authentication trio: SPF, DKIM, DMARC
Practical fixes that actually work
Keeping an eye on things

📬 How Email Actually Works (The Short Version)

When you send an email, it doesn't just teleport to the other person. It hops through multiple servers, and each one decides whether to let your message through or toss it.

You → Your Mail Server → Various Internet Hops → Their Mail Server → Their Inbox (hopefully)

At every stop, filters check: Is this spam? Is this person who they say they are? Should we even bother delivering this?

If any of those checks fail, your email gets blocked, bounced, or dumped into spam. The recipient never even knows you tried.

What "Deliverability" Really Means

Deliverability isn't just "did the email technically arrive?" It's "did it land in the actual inbox?" Because let's be honest, if your email is in someone's spam folder, they're never going to see it.

Your deliverability depends on:

Your reputation as a sender (yes, you have one)
Whether you've set up authentication properly
What you're actually writing in your emails
How people react to your messages

⚠️ Why Your Emails Are Failing

The Authentication Problem

In 2024, Google and Yahoo started getting serious. They now require all senders to prove they are who they claim to be. No authentication? Your emails are going straight to spam or getting rejected outright.

There are three protocols you need to know:

| Protocol | What It Does | |----------|-------------| | SPF | Lists which servers can send emails for your domain | | DKIM | Adds a digital signature to prove emails haven't been tampered with | | DMARC | Tells receiving servers what to do when SPF or DKIM fails |

If you're sending more than 5,000 emails a day? You need all three. No exceptions.

Your Emails Are Bouncing

Bounces hurt. A lot.

Hard bounces happen when the email address doesn't exist. Maybe there's a typo, maybe the person left the company. Either way, that address is dead.

Soft bounces are temporary, like a full inbox or a server being down. They usually resolve themselves.

Here's the problem: too many bounces and email providers start thinking you're a spammer. Once that happens, even your legitimate emails start getting blocked. Keep your bounce rate under 2%. If it's above 5%, you've got a real problem.

People Are Hitting "Mark as Spam"

Every time someone marks your email as spam, it chips away at your sender reputation. Google and Yahoo want your spam complaint rate below 0.3%. That's just 3 complaints per 1,000 emails.

Sounds harsh, right? But think about it from their perspective. They're trying to protect their users from actual spam, and they have no way to know if you're legitimate or not. Your behavior is all they have to go on.

Common reasons people hit spam:

They didn't actually sign up for your list (or forgot they did)
They can't figure out how to unsubscribe
You're emailing way too often
Your subject lines feel misleading

Your Sender Reputation is Tanked

Think of sender reputation like a credit score for email. It follows your domain and sometimes your IP address. When it's good, your emails sail through. When it's bad, you're fighting an uphill battle.

What tanks your reputation:

High bounce rates
Spam complaints
Low engagement (nobody opens your emails)
Inconsistent sending patterns
Getting blacklisted

And here's the frustrating part: you can't just start fresh. If your domain has a bad reputation, it takes time and consistent good behavior to rebuild trust.

Your Content Looks Like Spam

Spam filters are pretty smart these days, but they're also paranoid. Certain things trigger them:

ALL CAPS SUBJECT LINES!!!
Too many exclamation marks!!!!!!
Words like FREE, ACT NOW, LIMITED TIME
Heavy on images, light on text
Sketchy-looking links

Even if your email is totally legitimate, if it looks like spam, it'll get treated like spam.

You're on a Blacklist

Blacklists are shared databases of known spammers. If your domain or IP ends up on one, a lot of email providers will automatically reject your messages.

How does this happen? Sometimes your server gets compromised. Sometimes you accidentally send to a spam trap (a fake address designed to catch spammers). Sometimes you just send too much too fast to too many bad addresses.

🔐 The Authentication Trio: SPF, DKIM, DMARC

These three work together. Think of them as proving your identity to the email world.

SPF (Sender Policy Framework)

SPF is basically a list you publish in your DNS records that says "these servers are allowed to send emails for my domain."

Here's what a typical SPF record looks like:

v=spf1 include:_spf.google.com include:sendgrid.net ~all

This example says: "Google and SendGrid can send on my behalf. Anyone else is probably not legitimate."

A few tips:

Keep your SPF record under 10 DNS lookups (there's a limit)
Use ~all (soft fail) while you're testing, not -all
Make sure you include every service that sends emails for you

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to your emails. When a server receives your message, it checks the signature against a public key you've published in DNS.

If the signature doesn't match, something's wrong. Either the email was tampered with, or someone's pretending to be you.

Setting it up:

Generate a public/private key pair
Add the public key to your DNS
Configure your mail server to sign outgoing emails

Use 2048-bit keys (1024-bit is too weak these days) and rotate them every 6-12 months.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

DMARC ties SPF and DKIM together and tells receiving servers: "Here's what you should do if a message fails authentication."

A basic DMARC record:

v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com

The policy (p=) has three options:

none - Just monitor, don't do anything (start here)
quarantine - Send suspicious emails to spam
reject - Block them completely

I'd recommend starting with p=none so you can see reports without accidentally blocking legitimate emails. Once you're confident everything's set up right, move to quarantine and eventually reject.

✅ Practical Fixes That Actually Work

Get Your Authentication Sorted

This isn't optional anymore. Set up SPF, DKIM, and DMARC. Test them:

MXToolbox (mxtoolbox.com) - Checks all your DNS records
Mail Tester (mail-tester.com) - Scores your email setup
Google Postmaster Tools - Shows how Google sees your emails

Clean Up Your Email List

Seriously, just do this. It makes a huge difference.

Remove:

Email addresses that hard bounced
People who haven't opened an email in 6+ months
Obvious typos and fake signups

Use double opt-in for new subscribers. Yes, it means fewer signups, but the people who confirm actually want to hear from you.

And please, never buy email lists. It's not worth it. Those lists are full of spam traps, dead addresses, and people who will definitely mark you as spam.

Warm Up New Domains

You can't just start sending thousands of emails from a brand new domain. You haven't built any reputation yet, so email providers are suspicious.

Start slow:

| Week | Emails Per Day | |------|----------------| | 1 | 50-100 | | 2 | 200-500 | | 3 | 500-1,000 | | 4+ | Scale up gradually |

Send to your most engaged subscribers first. You want high open rates in the beginning to build positive signals.

Write Emails That Don't Trigger Spam Filters

Keep these in mind:

Text-to-image ratio around 60/40
No deceptive subject lines
Easy-to-find unsubscribe link
Include your physical address (it's actually required)
Avoid those spammy phrases we talked about

Stick to a Schedule

Random sending patterns look suspicious. If you send 50 emails one day, nothing for two weeks, then blast out 10,000, that's a red flag.

Pick a consistent schedule and stick to it. Weekly newsletter every Tuesday? Great. Monthly roundup on the 1st? Perfect. Just be predictable.

📊 Keeping an Eye on Things

Tools Worth Using

| Tool | What You Get | |------|-------------| | Google Postmaster Tools | How Gmail views your emails, spam rates, reputation | | Microsoft SNDS | Same thing, but for Outlook/Hotmail | | MXToolbox Blacklist Check | Monitors if you end up on blacklists |

What to Watch

Bounce rate - Keep it under 2%
Spam complaints - Under 0.3%
Open rate - Dropping rates mean declining engagement
Inbox placement - Are you hitting inbox or spam?

Set up feedback loops with major providers. When someone marks your email as spam, you'll find out and can remove them from your list.

🔧 Quick Troubleshooting

Having problems? Run through this:

Authentication

SPF record configured? Check with MXToolbox
DKIM signing enabled?
DMARC policy in place?

List Quality

Removed hard bounces lately?
Cleaned out inactive subscribers?
Using double opt-in?

Content

Subject line honest and clear?
Good text-to-image balance?
Unsubscribe link visible?

Infrastructure

IP/domain on any blacklists?
Sending from a reputable service?

💡 The Short Version

Set up SPF, DKIM, and DMARC. Not optional in 2024.
Keep your list clean. Remove bounces and inactive subscribers regularly.
Build reputation slowly if you're on a new domain.
Monitor your metrics and fix issues before they spiral.
Respect your recipients. If they don't want your emails, let them go.

Email deliverability isn't a problem you solve once and forget about. It needs ongoing attention. But get the basics right, and most issues take care of themselves.

Got questions about email delivery? Hit me up on X/Twitter.