Why Your Emails Aren't Being Delivered (And How to Fix It) 📧

You hit send on an important email. A client proposal. A password reset link. An invoice that needs to go out today. And then... radio silence. The recipient never got it. Or even worse, you find out three days later it's been rotting in their spam folder this whole time.

I've dealt with this more times than I can count, both with my own domains and while troubleshooting for clients. And every time, the frustration is the same. Email feels like it should "just work" by now. We've been using it for decades. How is deliverability still this broken?

Well, here's the thing. The email protocol we all depend on (SMTP) was designed in the early 1980s. There was zero concept of authentication or spam prevention baked into the original design. Everything we use today to verify senders, SPF, DKIM, DMARC, all of that was bolted on later. We're essentially running a 1982 system held together with 40 years of patches.

So yeah, things break. But they break for specific, diagnosable reasons. Let's go through them.

---

📋 What We'll Cover

1. How email actually moves from A to B
2. The most common reasons for delivery failures
3. SPF, DKIM, and DMARC explained simply
4. Practical fixes you can implement today
5. Monitoring your email health long-term

---

📬 How Email Actually Works (The Short Version)

When you send an email, it doesn't teleport directly to the other person's inbox. It hops through multiple servers, and at each stop, something is making a judgment call about whether your message is legitimate.

You → Your Mail Server → Internet Routing → Their Mail Server → Their Inbox (hopefully)

Every server along that path checks: Is this sender who they claim to be? Does this message look like spam? Should we even bother passing it along?

If any of those checks fail, your email gets bounced back, silently dropped, or shoved into the spam folder. The recipient has no idea you tried reaching them. You have no idea your message didn't land. It's a terrible user experience for everyone involved.

What "Deliverability" Actually Means

There's an important distinction here. "Delivery" means the email reached the recipient's mail server. "Deliverability" means it actually landed in their inbox, not spam, not promotions, not some quarantine folder nobody checks.

A message sitting in spam is basically the same as a message that never arrived. Nobody scrolls through their spam folder looking for legitimate emails.

Your deliverability depends on a few things working together:

• Your reputation as a sender (yes, this is a real thing that follows your domain around)
• Whether you've configured authentication records correctly
• The actual content of your emails
• How recipients interact with your messages (or don't)

---

⚠️ Why Your Emails Are Failing

Nobody Trusts You (The Authentication Problem)

In 2024, Google and Yahoo drew a line in the sand. They started requiring all senders to prove they are who they claim to be through proper email authentication. No authentication? Straight to spam or outright rejection.

Three protocols matter:

| Protocol | What It Does | |----------|-------------| | SPF | Lists which mail servers are allowed to send on behalf of your domain | | DKIM | Attaches a cryptographic signature so recipients can verify the email wasn't tampered with | | DMARC | Tells receiving servers what to do when SPF or DKIM checks fail |

If you send more than 5,000 emails per day, you need all three configured properly. No shortcuts. Google's sender guidelines are explicit about this.

Your Emails Keep Bouncing

Bounces are poison for your sender reputation.

Hard bounces mean the email address is dead. Typo in the address, the person left the company, the domain doesn't exist anymore. Whatever the reason, that address is gone and your server just wasted resources trying to deliver to it.

Soft bounces are temporary. Full mailbox, server timeout, attachment too large. These usually resolve on their own.

Here's the real damage: too many bounces and email providers start flagging your domain as a potential spammer. Once that reputation damage kicks in, even your perfectly valid emails start getting filtered. I've seen domains with bounce rates above 5% end up essentially blacklisted at Gmail. Keep it under 2%. Ideally under 1%.

People Are Marking You as Spam

Every single "Report Spam" click chips away at your sender reputation. Google and Yahoo want your complaint rate below 0.3%. That's 3 complaints per 1,000 emails sent. Doesn't leave you much room for error.

Think about why people hit that button:

• They forgot they signed up (or they never really did, someone signed them up)
• Your unsubscribe link is buried at the bottom in 8pt gray text and they can't find it
• You email way too frequently
• Your subject lines promise one thing and the content delivers something else

From the email provider's perspective, they can't tell the difference between a legitimate sender getting a few complaints and a spammer getting a few complaints. The behavior looks the same. So they treat it the same.

Your Sender Reputation Is Shot

Think of sender reputation like a credit score for email. It follows your domain (and sometimes your sending IP). When it's healthy, emails sail through to the inbox. When it tanks, you're fighting uphill on every single send.

Things that destroy it:

• High bounce rates
• Spam complaints
• Low engagement (nobody opens or clicks your emails)
• Wildly inconsistent sending patterns (50 emails one week, 10,000 the next)
• Landing on a blacklist

And here's the painful part. You can't just register a new domain and start over. Fresh domains have zero reputation, which is almost as bad as having a bad one. Rebuilding trust takes weeks or months of consistent, clean sending behavior.

Your Content Triggers Spam Filters

Modern spam filters use machine learning now, so they're harder to trick than they used to be. But certain patterns still set off alarms:

ALL CAPS SUBJECT LINES!!!
Excessive exclamation marks!!!!!
Words like FREE, ACT NOW, LIMITED TIME, CONGRATULATIONS
Emails that are mostly images with barely any text
Shortened URLs from bit.ly or similar services
Mismatched sender names and email addresses

Even if your email is completely legitimate, if it follows the same patterns that spam typically does, the filters will treat it accordingly. I once had a client whose transactional order confirmations were landing in spam because the email template was 90% images and 10% text. Swapped the ratio around and the problem went away overnight.

You Ended Up on a Blacklist

Blacklists (sometimes called blocklists) are shared databases of known spam sources. If your domain or sending IP appears on one, many email providers will automatically reject your messages without even checking the content.

How does it happen? Sometimes your mail server gets compromised and starts sending spam without your knowledge. Sometimes you accidentally send to a spam trap, which is a fake email address deliberately planted to catch people who send unsolicited mail. Sometimes you just ramp up volume too fast on a domain without enough reputation to support it.

---

🔐 The Authentication Trio: SPF, DKIM, DMARC

These three work together. Think of them as your identity verification system for the email world.

SPF (Sender Policy Framework)

SPF is a DNS record that says "these specific servers are allowed to send emails on behalf of my domain. Nobody else."

Here's what a typical SPF record looks like:

v=spf1 include:_spf.google.com include:sendgrid.net ~all

This says: Google Workspace and SendGrid can send emails from my domain. Anyone else is probably not legit.

Couple of things to watch out for:

• SPF has a 10-DNS-lookup limit. If you have too many include statements, the record fails validation entirely. I've seen companies with 15+ services in their SPF record wondering why it stopped working. There are SPF flattening services that help, but honestly the better fix is to audit whether you actually need all those sending services.
• Use ~all (soft fail) while you're testing your setup. Switch to -all (hard fail) once you're confident everything is correct.
• Don't forget to include every service that sends mail on your behalf. Your email marketing tool, your CRM, your transactional email service, your helpdesk software. Miss one and those emails start failing SPF checks.

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to every outgoing email. When the receiving server gets your message, it fetches your public key from DNS and verifies the signature. If it matches, the email hasn't been tampered with in transit. If it doesn't match, something is wrong.

Setting it up:

1. Generate a public/private key pair (your email provider usually does this for you)
2. Publish the public key as a DNS TXT record
3. Your mail server signs outgoing emails with the private key

Use 2048-bit keys minimum. 1024-bit keys are considered too weak at this point and some providers are starting to reject them. Rotate your keys every 6-12 months as a best practice.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

DMARC ties SPF and DKIM together and tells receiving servers: "Here's what you should do when an email claiming to be from my domain fails authentication checks."

A starter DMARC record:

v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com

The policy (p=) has three levels:

• none - Monitor only. Collect reports but don't interfere with delivery. Start here.
• quarantine - Send suspicious emails to the spam folder
• reject - Block them outright. Don't even deliver to spam.

My recommendation: set p=none first and let it collect reports for a few weeks. Read those reports (they're XML, use a tool like DMARC Analyzer to make sense of them). Once you're confident that all your legitimate sending sources pass SPF and DKIM, move to quarantine. After another round of monitoring, graduate to reject.

Jumping straight to reject without monitoring first is how you accidentally block your own marketing emails. Don't ask me how I know.

---

✅ Practical Fixes That Actually Work

Get Authentication Sorted First

This is not optional anymore. Set up SPF, DKIM, and DMARC on every domain you send email from.

Test them using:

• MXToolbox - Checks all your DNS records in one place
• Mail Tester - Send a test email and get a detailed score
• Google Postmaster Tools - See how Gmail views your domain's reputation

Actually Clean Your Email List

I know, everyone says this. But seriously, most email deliverability problems I've debugged came down to a dirty list.

Get rid of:

• Addresses that hard bounced (immediately, don't wait)
• People who haven't opened a single email in 6 months or more
• Obvious typos and fake signups (look for things like test@test.com or asdf@gmail.com)

Implement double opt-in for new subscribers. Yes, your signup numbers will be lower. But the people who confirm actually want to hear from you, which means higher open rates, lower complaints, and better deliverability. It's a trade-off that pays for itself.

And please, for the love of everything, never buy an email list. Those lists are riddled with spam traps, dead addresses, and people who will absolutely mark you as spam. I've watched a business tank their entire domain reputation in a single send by using a purchased list. Months of rebuilding.

Warm Up New Domains Properly

You can't just set up a brand new domain and blast out 10,000 emails on day one. You have zero reputation. Email providers are suspicious of new senders by default.

Ramp up slowly:

| Week | Daily Volume | |------|-------------| | 1 | 50-100 | | 2 | 200-500 | | 3 | 500-1,000 | | 4+ | Scale gradually based on engagement |

Send to your most engaged subscribers first during the warm-up period. High open rates and low complaints in those early sends build positive signals fast. Save the cold or unengaged segments for later when your reputation can handle the lower engagement metrics.

Write Emails That Don't Look Like Spam

A few rules of thumb:

• Keep text-to-image ratio around 60/40 (more text than images)
• Make your subject line honest. Clickbait gets opens, but it also gets complaints.
• Put your unsubscribe link somewhere visible, not hidden in a footnote
• Include a physical mailing address (it's legally required under CAN-SPAM in the US)
• Don't use URL shorteners in email. Spam filters hate them because spammers love them.

Be Predictable With Your Sending Schedule

Random, erratic sending patterns look suspicious to email providers. If you send 50 emails on Monday, nothing for two weeks, then blast out 10,000 on a random Friday, that's a red flag.

Pick a schedule and stick to it. Weekly newsletter every Tuesday morning? Perfect. Monthly roundup on the 1st? Great. Just be consistent so the receiving servers learn what to expect from your domain.

---

📊 Keeping an Eye on Things

Tools Worth Bookmarking

| Tool | What It Tells You | |------|-------------------| | Google Postmaster Tools | How Gmail sees your domain. Spam rates, authentication results, reputation | | Microsoft SNDS | Same idea but for Outlook and Hotmail | | MXToolbox Blacklist Check | Whether your domain or IP is on any major blacklists |

Metrics to Watch

• Bounce rate - Under 2%. Under 1% is ideal.
• Spam complaint rate - Under 0.3%. Google is strict about this one.
• Open rate - If it's dropping steadily, your engagement is declining and your reputation will follow.
• Inbox placement rate - The percentage of emails landing in the actual inbox vs. spam. Tools like GlockApps can test this.

Set up feedback loops with Gmail and Outlook. When someone marks your email as spam, you get notified and can immediately remove them from your list. Don't keep sending to people who reported you.

---

🔧 Quick Troubleshooting Checklist

If emails are failing right now, run through this:

Authentication

• Is your SPF record valid? Check with MXToolbox SPF lookup
• Is DKIM signing enabled on your sending service?
• Do you have a DMARC policy published?

List Quality

• When did you last remove hard bounces?
• Are inactive subscribers still on your list?
• Are you using double opt-in?

Content

• Is the subject line clear and honest?
• Is the text-to-image ratio reasonable?
• Can someone easily find the unsubscribe link?

Infrastructure

• Is your domain or IP on any blacklists?
• Are you sending from a reputable email service?

---

💡 The Short Version

1. Set up SPF, DKIM, and DMARC. This is table stakes in 2026.
2. Keep your list clean. Remove bounces and ghosted subscribers regularly.
3. Warm up new domains. Don't go from zero to 10,000 overnight.
4. Monitor your metrics. Catch problems before they spiral.
5. Respect your recipients. If they don't want your emails, let them go gracefully.

Email deliverability isn't something you configure once and walk away from. It needs regular attention, like any other piece of infrastructure. But get the fundamentals right and most problems take care of themselves.

---

Got questions about email delivery? Hit me up on X/Twitter.