Deliverability 101: Six steps to protect your reputation 

Deliverability do's and don'ts are great, but have you ever wondered what the reasons are behind the recommendations? In this article, we’ll break down six steps to boost your sender reputation and improve your deliverability performance—along with why they’re so important.


Mike Auldredge
Mike Auldredge
Deliverability Services Manager
Jennifer Lantz
Jennifer Lantz
VP of Industry Relations and Deliverability
Deliverability 101

While many guides on email deliverability offer lists of do's and don'ts, they often forget to explain the reasons behind these recommendations. In this article, we’ll break down six steps to boost your sender reputation and improve your deliverability performance—along with why they’re so important.

Step 1: Set up authentication with DMARC, SPF, and DKIM

Before you even send a single email, ensuring your technical setup is configured correctly is critical.

  • DMARC (Domain-based Message Authentication, Reporting, and Conformance): An email authentication protocol that builds on SPF and DKIM. A DMARC policy, at the most basic level, gives inbox providers specific instructions on handling emails that do not pass authentication and provides senders with a report of authentication outcomes for their domains and sending IPs. Check out our essential guide for more information on building a DMARC policy.
  • SPF (Sender Policy Framework): An email authentication method to prevent email spoofing. It allows the domain owner to specify which mail servers are permitted to send emails on behalf of that domain.
  • DKIM (DomainKeys Identified Mail): An email authentication method that allows the sender to sign their emails with a digital signature. This signature is added to the email's header and can be verified by the receiving mail server to ensure that the email hasn't been tampered with and actually comes from the claimed domain.

Why is authentication important for deliverability?

Once a nice-to-have, authentication is now a must for inbox providers like Google and Yahoo. They rely on these records to verify your identity and legitimacy. At Customer.io, we require you to set up all three authentication records before you can start sending emails, so you can rest assured that your technical foundation is solid.

💡 Pro tip from our friends at Kickbox

DMARC is now a must-have for sending emails to major inbox providers. Many have shared that they expect these requirements to become even stricter. Starting with a policy of “none” (p=none) is just the beginning. To stay ahead, we recommend implementing a more secure policy like “quarantine” or “reject.”

Why the push for stricter policies? As inbox providers shift from IP-based reputation to domain reputation, bad actors try to exploit the trust built by legitimate senders. They look for weak security settings—like unenforced DMARC policies—to abuse domains through spoofing or takeovers. By enforcing a DMARC policy, you make your domain more secure and far less appealing to attackers.

Step 2: Verify email addresses and permissions with double opt-in

A powerful practice for maintaining a healthy email list is double opt-in. When someone shares their email address, send them a quick confirmation message with a straightforward CTA to opt-in. This step helps you ensure that the email is valid and that the individual genuinely wishes to receive your emails.

What are the benefits of double opt-in?

  • Prevents unintentional sign-ups: Double opt-in allows users to reconsider, ensuring they aren't subscribed by mistake and can opt out of receiving unwanted emails.
  • Verifies email validity: This process confirms that the email address provided is legitimate, reducing the risk of future emails bouncing and helping to maintain a healthy list.
  • Increases engagement potential: When prospective recipients confirm their interest by opting in twice, it's a strong indicator that they're likely to engage with your future communications.

💡 Pro tip from our friends at Kickbox

If you send a double opt-in request, make sure to let your customers know they need to take another action so they can proactively search for your email. This is also a great opportunity to educate them on how to move an email to the inbox if it lands in the spam folder and set expectations on who they will hear from and when.

Step 3: Target your active subscribers by filtering on engagement

Focus your efforts on those eager to engage to get the most out of your email campaigns. Segmentation based on recent interactions is critical; any engagement segment should not include any conditions other than email engagement-based conditions. Aim to target recipients who have shown engagement in the last 120 days; however, tailor this timeframe according to your sending patterns.

Here is an example segment that you can use as a campaign filter or an in-condition on a newsletter broadcast:

Recently engaged segment in Customer.io

What are the benefits of filtering on engagement?

  • Sends the right signals: Your recipients' engagement with your emails is the most significant positive signal for inbox providers.
  • Gives your reputation a lift: When an inbox provider notices a lot of positive engagement with your emails, it boosts your reputation and significantly lowers the chances of your emails landing in the spam folder.
  • Shows providers you're doing the right thing: Inbox providers monitor whether recipients are opening, clicking, or interacting positively with the messages you send.
  • Higher likelihood of conversion: Focusing on the most active subscribers can enhance the likelihood of conversions from your marketing content.

💡 Pro tip from our friends at Kickbox

Engagement criteria is an excellent way to improve your reputation because they help narrow your segment away from folks who may be more likely to complain. If you are struggling with your sender reputation, engagement criteria may need to tighten down to even 15 or 30 days, and focus on those that are engaging multiple times. As your reputation is rebuilt, you can slowly expand your segmentation and work on customizing content and frequency with unique customer engagement profiles.

Step 4: Know when to let go by establishing a sunset policy

A sunset policy helps you identify when to stop emailing recipients who don't engage. If a subscriber hasn’t interacted with your content for an extended period and doesn't respond to re-engagement efforts, it’s time to remove them from your list.

Sunset policies are built similarly to engagement segments in that they must include email engagement-based conditions. That said, your other customer data—like engagement frequency—can be used to create a more robust policy.

Here is a simple example of a sunset policy segment:

Sunset policy example in Customer.io

A sunset policy is only as effective as the actions that follow. The best step is to stop all email marketing efforts for anyone who meets your sunset policy criteria. This thoughtful action helps maintain trust and respect with your audience while ensuring your marketing efforts are aligned with their preferences.

Why are sunset policies important to deliverability?

  • Reduces automatic spam folder filtering: Inbox providers are known to start filtering emails into the spam folder if a recipient doesn’t engage with the sender after a period of time. Consistently sending emails into the spam folder can have a very negative impact on your sender's reputation, as it indicates the sender is sending emails indiscriminately.
  • Aligns with the policies of major providers: Gmail, Yahoo, and many other providers will often disable accounts after periods of inactivity, which can lead to increased hard bounces or other rejections.
  • Customer-centricity: The longer recipients receive emails they don’t want, the more likely they will mark the message as spam.

Step 5: Maintain low spam complaints rates

Spam complaints are among the most severe indicators of poor sending practices. Each complaint suggests that a recipient no longer finds value in your emails. High spam rates can jeopardize your deliverability, as inbox providers may step in with interventions or blocking.

The advice to keep spam complaints low is simple: Send emails that people expect and want to receive and that are relevant to the recipient’s relationship with your brand.

What rates should I stay under?

Historically, 0.1% was the maximum spam rate for all major providers. This threshold was established by a few key inbox providers (Microsoft, Yahoo, and others). This number is still the threshold for the vast majority of inbox providers, however, the 2024 Yahoo / Google requirements resulted in some big changes.

For Gmail and Yahoo, the new maximum spam rate is set at 0.3%, but there are a few essential things to keep in mind:

  • Gmail and Yahoo have changed how spam complaint rates are historically calculated. Instead of the usual method (complaint rate = complaints/emails delivered), they now use a different approach: complaint rate = complaints/emails that reached the inbox.
  • Gmail doesn’t share spam complaint rate data with senders, so the only way to check these rates is through the free Postmaster tools dashboard. Yahoo does provide spam complaint data to senders.

Understanding these requirements can help you create more effective email strategies.

What are the benefits of maintaining low spam complaint rates?

  • More positive signals: Spam complaints are a strong negative signal to inbox providers since they represent a direct action from users. This means they really matter!
  • Reinforces your reputation: High spam complaints can hurt your sender reputation. They suggest that the relationship with your audience isn't being managed well, which is something we all want to avoid.
  • Keeps you out of the spam inbox: It’s a cycle—consistent filtration can stem from reputation issues, which can worsen due to ongoing complaints.

💡 Pro tip from our friends at Kickbox

Remember to set expectations. If customers aren’t expecting to receive your emails, the chance for spam complaints increases. This is another reason double opt-in is helpful, as you can remove users upfront without bombarding their inbox with messages. And if you set an expectation—like a weekly newsletter—stick to what you promised. Otherwise, you may be degrading the relationship you’ve built, which, too, can lead to more complaints.

6. Delight your subscribers with relevant content

Email marketing is a vast field with its strategies and philosophies, but there are some straightforward principles to remember when reaching out to your recipients:

  • Be thoughtful: Show empathy for your recipients and respect their time. Avoid sending emails just for the sake of it.
  • Stay relevant: Ensure every email you send is relevant to your recipient’s relationship with your brand.
  • Stand out: Your subscribers, like you, may receive dozens of marketing emails daily. What makes yours unique?
  • Step into the recipient's shoes: Ask yourself this important question: Would I be interested in engaging with this email?

And, while countless articles discuss which “spam words” to avoid, it’s essential to understand that there's no definitive list of such words. However, there are best practices to consider:

  • Avoid short links: They can obscure where links lead, raising red flags for inbox providers.
  • Be transparent: Don’t try to hide elements or links in your emails.
  • Don’t send image- or text-only emails: There’s no perfect formula; just use your best judgment to create engaging content.
  • Host images on your server: Whenever possible, host images on a server that uses your root domain or a unique domain that is not shared with others.

💡 Pro tip from our friends at Kickbox

When you send your customers relevant content, you have more freedom to communicate more with them. This doesn’t mean you should message them all the time, but there is a time and a place where increased frequency may make sense.

It's all about making meaningful connections

Email marketing constantly evolves, and sticking to best practices is vital to long-term success. You can build healthier relationships with subscribers by adopting sunset policies, keeping spam complaint rates low, and delivering engaging and relevant content. Remember, it’s not just about the numbers; it’s about making meaningful connections with your audience. When your emails resonate, you enhance engagement and boost your brand's reputation and trustworthiness.

Ready to start building emails that your customers love? Start a free 14-day trial of Customer.io today!

Prefer to learn more about deliverability before you dive in? Check out our Deliverability Workshop.


Jennifer Nespola Lantz, VP of Industry Relations at Kickbox, is an email geek through and through. She has been a champion of email best practices for 17+ years. Before joining the team at Kickbox, she ran the deliverability team at Zeta where she managed client setups, authentication, remediation, & deliverability strategy. Now she's running deliverability consulting at Kickbox and is co-chair of the Technical committee at M3AAWG. She lives in Massachusetts, where her second full-time job is surviving the madness of high-energy dogs and kids.