Email is one of the few channels where your copy can be sharp, your segmentation thoughtful, your offer exactly what the subscriber asked for at signup. But none of it matters if the message lands in spam, and not the inbox. It's an email deliverability issue.
This guide walks through what deliverability actually is, and the specific levers you can pull to fix it.
What email deliverability really means
People use "delivery" and "deliverability" as if they are the same thing. They are not.
Delivery is whether the receiving mail server accepted your message at all. If it didn't bounce, it was delivered. This is a yes or no.
Deliverability is what happened to the message after it was accepted. Inbox, spam folder, promotions tab, or quietly filtered out of view. This is the broader concept.
Inbox placement rate is the specific number people use to measure deliverability. It's the percentage of your sent emails that land in the actual inbox, not just delivered somewhere on the server. When someone says "my deliverability is 85%," they usually mean their inbox placement rate is 85%.
Deliverability matters because it's the multiplier on everything else you do in email. Good copy with bad deliverability still fails. Mediocre copy with good deliverability still works. Every email that lands in spam is an email you paid to send that nobody will see.
There's also a compounding problem. Poor deliverability hurts your sender reputation, which makes future deliverability worse, which hurts engagement further, which hurts reputation further. The hole gets deeper if you don't fix it.
Deliverability is not a single thing. It is the combined effect of four layers, and mailbox providers check them roughly in this order:
Authentication: Can they verify the email actually came from you?
Sender reputation: Based on your history, do they trust you?
List quality: Are you sending to real people who want to hear from you?
Content: Does the message itself look like spam?
Authentication is the first gate. If it fails, the other three barely get a chance to matter. So this is where the work starts.
Why authentication exists in the first place
Email was invented before anyone worried about spam. The original design lets anyone send a message claiming to be from any address. Nothing in the basic protocol stops a stranger from sending an email that says "From: yourname@yourcompany.com" even though they are nowhere near your company.
Spammers and phishers exploit this constantly. Authentication is the patch that fixes it. It is a set of records you publish in your domain's DNS that lets receiving servers verify two things:
The email really came from you.
Nothing in it was changed along the way.
There are three protocols that do this work together: SPF, DKIM, and DMARC. You need all three for modern providers like Gmail, Yahoo, and Outlook to fully trust your mail.
What are the key components of email authentication (SPF, DKIM, DMARC)?
First, missing or broken authentication is treated as a strong negative signal. Gmail, Yahoo, and Outlook now require all three protocols for bulk senders. A domain without them gets filtered to spam by default, no matter how good the content is.
SPF
SPF stands for Sender Policy Framework. It is a record published in your domain's DNS that lists which mail servers and IP addresses are allowed to send email on behalf of your domain. When a receiving server gets a message claiming to be from you, it looks up your SPF record, checks the sending IP against that list, and passes or fails the message accordingly.
The most common SPF mistake is forgetting to add a new sender. You might use:
Your main email platform for marketing
A CRM that sends sales emails
A separate service for receipts and transactional mail
A help desk tool that sends ticket replies
Every one of those needs to be on your SPF record. If even one is missing, those messages quietly fail authentication and start landing in spam.
DKIM
DKIM stands for DomainKeys Identified Mail. Think of it as a tamper-evident wax seal on a letter.
When you send an email, your sending server signs it with a private cryptographic key that only you have. The matching public key is published in your DNS. The receiving server reads the seal, looks up your public key, and confirms two things at once:
The message really came from your domain.
Nobody altered it after it left.
The setup is mostly handled by your email platform. They generate the keys and give you a record to paste into your DNS. Once it is in, it works invisibly on every send.
DMARC
DMARC is the policy layer that sits on top of SPF and DKIM. It answers a question those two can't answer on their own: "if a message fails authentication, what should the receiving server actually do about it?"
DMARC has three settings, in order of strictness:
p=none — just watch and report. Failing mail still gets through. You get reports showing what is passing, what is failing, and where.
p=quarantine — send failing mail to spam.
p=reject — block failing mail entirely. It never reaches the recipient.
The standard rollout is to start at none, use the reports to fix any legitimate sources that are failing, then move to quarantine, and eventually to reject. Each step tightens the protection.
Properly configured authentication is the foundation that lets you build a good sender reputation over time. Mailbox providers can only track your behaviour if they can confirm it is actually you sending the mail.
How does sender reputation determine whether your emails reach the inbox?
Once your authentication is solid, the next thing mailbox providers care about is your reputation. Reputation is a running score they keep on your sending domain and IP addresses, based on the history of mail those identifiers have produced.
There are two key things that you need to know about repetition:
Reputation is cumulative, not instantaneous. A sender with a long clean history can absorb a bad week without serious damage. A new sender with no history has no buffer and gets judged harshly on early signals. This is why new domains and IPs need warming.
Reputation also transfers across infrastructure changes. When you switch email platforms or move to a new IP, your domain reputation moves with you. This is why domain reputation has become more important than IP reputation for most senders.
The sender reputation itself is made up of IP reputation and domain reputation.
Reputation is built from a handful of measurable inputs that you can actually influence.
Spam complaint rate
This is the percentage of recipients who hit "report spam" when they get your mail. It is the single most direct negative signal you can produce, and the major mailbox providers treat it as a hard ceiling rather than a soft guideline.
Stay well below the published thresholds, not just under them. The complaint rate is volatile, and a single campaign with a high spike can pull your trailing average into trouble.
The usual sources of complaint problems are predictable:
Sending to people who never explicitly opted in.
Making the unsubscribe link hard to find or slow to process.
Drifting away from the content the subscriber originally said yes to.
Increasing send frequency without a corresponding increase in value.
Fix the cause, not just the symptom. Suppressing complainers without changing the practice that produced them is a temporary fix at best.
Bounce rate
Bounces come in two flavors. Hard bounces are permanent failures, usually because the address does not exist. Soft bounces are temporary, like a full mailbox or a briefly unreachable server.
Hard bounces should be removed after the first failure. Continuing to send to addresses that have already hard bounced is one of the clearest possible signals to a mailbox provider that your list was purchased, scraped, or simply not maintained. Soft bounces can be retried, but persistent soft bouncers should also come off the active list eventually.
A consistently high bounce rate gets read as a list quality problem regardless of how clean the rest of your practices are.
Blacklists and spam traps
Several organizations maintain public blacklists of domains and IPs associated with spam. Mailbox providers check these lists when scoring incoming mail. If your domain or IP gets listed, expect deliverability to drop sharply across multiple providers at once.
Spam traps are a related concept. These are real-looking email addresses seeded in places only an automated scraper would find them. Hitting one tells the receiving provider that your list was acquired by scraping rather than by genuine opt-in. Hitting more than a few is treated as a serious offense.
The protection against both is the same: only mail people who actively asked to hear from you, validate addresses before importing them, and remove long-inactive subscribers rather than continuing to send to them forever.
IP warm-up
A brand new IP has no history, which means no reputation, which means cautious filtering until one is built. The standard practice is to start with small volumes to highly engaged subscribers and grow gradually over several weeks.
The point of warm-up is to teach receiving providers that you are a legitimate sender producing wanted mail. Sending from your most engaged segment first generates strong open and click signals. Sending at full volume on day one usually triggers immediate filtering, or in the worst case, an early blacklist.
If you are on a shared IP, which is the right choice for most senders, the warm-up logic still applies at the domain level. Build engagement signals with your most active subscribers before opening up to the full list.
What list hygiene practices improve deliverability?
List hygiene is the practice of keeping your email list clean, accurate, and up to date. It means regularly removing invalid addresses, disengaged subscribers, and other dead weight from your list so that every email you send goes to someone who actually exists and actually wants to hear from you.
Why does this matter for deliverability?
Because ISPs like Gmail, Outlook, and Yahoo are constantly evaluating your sending behavior to decide whether your emails deserve the inbox or the spam folder. When you send to a list full of bad addresses, you generate hard bounces. When you keep mailing people who never open, you drag down your engagement metrics. Both of these signals tell ISPs that you're not a trustworthy sender, and your reputation takes the hit. Once that happens, even your emails to engaged subscribers start landing in spam.
Here are the list hygiene practices that directly improve deliverability:
Use double opt-in where you can
Double opt-in means a new subscriber has to click a confirmation link before they are added to your list. The extra friction filters out typos, fake addresses, role-based addresses someone typed in without thinking, and people who entered someone else's address by mistake.
The list grows more slowly. It is also dramatically cleaner, and its engagement metrics are real rather than diluted by garbage. For programs where deliverability matters, this is a worthwhile trade.
Sunset inactive subscribers
The hardest discipline in list management is letting people go. Subscribers who have not opened anything in months are not a dormant asset waiting to be reactivated. They are an active liability on your engagement metrics.
The standard pattern is to run a brief re-engagement sequence to anyone who has gone cold, give them a chance to confirm they still want your mail, and then suppress everyone who does not respond. Suppressed contacts can come back if they re-engage on their own. They just stop counting against your active list.
Validate before you import
Email validation tools can check a list for deliverable addresses before you send to it. They catch syntax errors, flag role-based and disposable addresses, identify catch-all domains that accept everything but deliver nothing useful, and in some cases detect known spam traps.
Run validation in two places: every time you import a new list, and before any large one-off campaign to a segment you have not touched in a while. The cost is small. The downside of skipping it, a bounce-rate spike that hurts your reputation for weeks, is large.
Remove hard bounces immediately
A hard bounce means the address doesn't exist. Continuing to send to it does nothing but damage your sender reputation. Your ESP should suppress these automatically, but audit regularly to make sure none slip through.
Should you use a dedicated or shared IP address?
Every email you send is delivered from an IP address, and that IP address carries a reputation. ISPs use it as one of the key signals when deciding whether your email reaches the inbox. The question is whether you should send from an IP that's yours alone (dedicated) or one that's shared with other senders.
What's the difference?
A shared IP is used by multiple senders, usually through an ESP. Your reputation is pooled with everyone else on that IP. A dedicated IP is assigned exclusively to you, so your reputation is entirely your own.
When a shared IP makes sense:
You send relatively low volume (under 50,000 to 100,000 emails per month). At low volumes, you don't generate enough data for ISPs to build a stable reputation on a dedicated IP.
You're just getting started with email and don't have an established sending history.
You want simplicity. A good ESP manages the shared pool, keeps bad senders off it, and handles IP reputation on your behalf.
The risk: you're at the mercy of your neighbors. If another sender on the same IP blasts purchased lists or racks up complaints, your deliverability can suffer even though you did nothing wrong.
When a dedicated IP makes sense:
You send consistently high volume (100,000+ emails per month). You need enough volume to maintain a steady reputation signal.
You want full control over your sender reputation. Every bounce, complaint, and engagement metric on that IP is yours, which means your deliverability is a direct reflection of your own practices.
You're in an industry where inbox placement is business-critical and you can't afford the unpredictability of a shared environment.
The tradeoff: a dedicated IP starts with zero reputation, which means you'll need to go through a proper warm-up process (gradually increasing volume over 2 to 4 weeks) before you can send at full scale. And if your own list hygiene or sending practices slip, there's no one else's good behavior to cushion the impact.
Which should you choose?
For most senders doing moderate volume, a shared IP through a reputable ESP is the easier and safer starting point. For high-volume senders who have the practices in place to maintain strong list hygiene and consistent engagement, a dedicated IP gives you more control and more predictable deliverability. Some senders use both: a dedicated IP for their primary marketing sends and a separate one for transactional emails like receipts and password resets, so the two streams don't affect each other's reputation.
Email deliverability myths we tested on 1 million emails
There's a lot of conventional wisdom floating around about what affects email deliverability. Use HTTPS links. Don't use too many images. Always include alt text. Keep your HTML file size small. Some of this advice is valid. Some of it is outdated. And some of it was never based on data in the first place.
We decided to test it.
At SendX, we analyzed a sample of roughly 1 million emails drawn from over 4 billion sends across SendX and SendPost, covering both promotional and transactional email. To keep the data meaningful, we filtered for senders with at least a 94% delivery rate and 10% open rate, so the results reflect what happens among senders who are already doing the basics right.
Here's what we found.
Does HTTPS matter?
Yes, but probably not in the way you'd expect.
Emails where every link used HTTPS had a 98.1% delivery rate and the highest total engagement when you combine opens and clicks. Emails with more than one HTTP link dropped to a 94.4% delivery rate.
The takeaway is that all-HTTPS is a baseline best practice, and senders who are sloppy about link security tend to be sloppy about other things too. ISPs pick up on those patterns.
Does the number of links matter?
The common advice is to minimize links, but our data showed open rates actually trended upward as link count increased. Emails with 7 or more links had a 42.8% open rate and 23.4% click rate, far above every other group.
Why? Because link-heavy emails tend to be newsletters with highly engaged audiences. The number of links didn't hurt delivery rate at all (it stayed between 98% and 99.8% across every group). The lesson is that link count isn't a deliverability risk. Engagement is what matters.
Does the number of images matter?
Barely. Delivery rates held steady between 97.8% and 98.4% regardless of how many images an email contained, from zero to seven or more. There was no meaningful penalty for using lots of images.
Engagement did vary, but not in a linear way.
The 4 to 6 image range actually had the lowest open rate, breaking an otherwise upward trend.
The bottom line is that SPs aren't counting your images. Use as many as your content needs. Do not include heavy images in your emails. Use lossless compression when you add images.
At SendX, we compress your images without reducing the quality automatically when you are creating campaigns.
Does missing alt text matter?
For deliverability, no. Delivery rates were virtually identical whether all images had alt text or none of them did (ranging from 97.8% to 98.5%). But for engagement, it's a different story. Emails where every image had alt text had by far the highest click rate at 11.3%, compared to 2.5% when all images were missing it.
Alt text doesn't help you get delivered, but it does help your emails perform once they arrive, especially for recipients who block images by default.
Does HTML file size matter?
Not for delivery. Rates stayed between 96% and 99.7% across all size brackets, from under 10kb to over 100kb. There was no consistent pattern showing that larger emails get filtered. Engagement varied across size ranges, but not in a way that suggests file size itself is the driver. The 41 to 60kb range had the highest click rate (12.7%), while both the smallest and largest emails had low click rates for different reasons.
Don't bloat your HTML unnecessarily, but don't stress about staying under some arbitrary size limit either.
Does commented or hidden code matter?
Delivery rates were flat across all groups (97.8% to 98.9%), so commented code doesn't appear to affect whether your email gets delivered. But engagement followed a U-shaped curve: emails with less than 1% commented code had strong performance, performance dipped in the 1% to 5% range, and then climbed back up above 10%.
The likely explanation is that this metric is a proxy for sender sophistication rather than a direct signal. Neither ISPs nor recipients care about your code comments.
The overall takeaway
Across every variable we tested, sender reputation and engagement consistently mattered more than any individual content element. None of these content factors had a dramatic, isolated impact on delivery rates. The emails that performed best were sent by senders who had strong reputations and engaged audiences, regardless of how many links, images, or kilobytes were involved.
That doesn't mean content doesn't matter at all. But it means the deliverability advice that obsesses over specific content rules ("never use more than 3 links," "keep HTML under 50kb") is mostly noise. Focus on the fundamentals: clean lists, strong authentication, consistent engagement. The content details are secondary.
Choose SendX so your emails land in the inbox, not the spam folder
If your emails don't reach the inbox, nothing else matters. Your copy, your design, your offers, your segmentation. None of it works if ISPs are filtering your messages into spam or blocking them outright.
SendX is built for senders who care about inbox placement before they care about pretty dashboards. The platform runs on a proprietary sending engine with over 20 built-in deliverability tools that come included on every plan:
Automated list cleaning and email verification
Inbox placement testing across major ISPs
IP and domain reputation monitoring
Auto warmup for new IPs and domains
MX routing and spread sending for optimal delivery timing
Bot open and click filtering to keep your engagement data clean
They're part of the platform because deliverability shouldn't be something that requires you to stitch 20 different tools.
The results speak for themselves. Marcy Tilton Fabrics, a Shopify retailer, was struggling with a blacklisted tracking domain, broken click tracking, and manual list management that was hurting their sender reputation. After switching to SendX:
Open rate jumped to 28.8%, up from the 10 to 20% range
Click-through rate grew to 7.81%, up from 0.5 to 1.5%
$1.4M in revenue was directly attributed to email campaigns
SendX charges based on subscriber count with unlimited emails on every plan, so you never have to throttle your sending to manage costs. Pricing is affordable across the board, but the real value is in what the platform does for your deliverability out of the box.
Book a demo with SendX to see how the platform can improve your inbox placement and turn email into a reliable revenue channel.
