--- name: email-deliverability-optimizer description: Improve email deliverability rates, reduce spam complaints, and maintain sender reputation. Use when optimizing email deliverability, fixing spam issues, setting up SPF/DKIM/DMARC, cleaning email lists, monitoring sender reputation, reducing bounce rates, or ensuring inbox placement. Triggers on phrases like "email deliverability", "spam folder", "inbox placement", "sender reputation", "SPF DKIM DMARC", "bounce rate", "email authentication", "list hygiene", "spam complaint", "email blacklist". --- # Email Deliverability Optimizer Ensure your emails reach the inbox consistently by managing sender reputation, authentication, and list health. ## Workflow 1. Audit current deliverability metrics: inbox placement rate, spam complaint rate, bounce rate, unsubscribe rate. 2. Verify email authentication: SPF, DKIM, DMARC records configured and passing. 3. Assess sender reputation: IP reputation, domain reputation, blacklist status. 4. Analyze email content for spam triggers: words, formatting, link ratios, image-to-text ratio. 5. Evaluate list hygiene: inactive subscribers, invalid addresses, spam trap exposure, consent records. 6. Review sending infrastructure: dedicated vs. shared IP, volume ramp-up, sending patterns. 7. Implement warm-up protocol for new IPs/domains. 8. Set up monitoring: placement testing, complaint tracking, engagement metrics. 9. Create suppression lists and unsubscribe management. 10. Continuously optimize based on engagement data and ISP feedback. ## Email Authentication Setup ``` EMAIL AUTHENTICATION REQUIREMENTS =================================== SPF (Sender Policy Framework): → Purpose: Authorizes which servers can send email for your domain → DNS record type: TXT → Format: v=spf1 include:_spf.google.com include:mail.zendesk.com ~all → Record types: * ~all (soft fail): Unauthorized emails pass but flagged — recommended for setup * -all (hard fail): Unauthorized emails rejected — recommended after full migration → Best practices: * Include ALL sending services (ESP, transactional, CRM, helpdesk) * Maximum 10 DNS lookups (SPF limitation) * Use include: not a: or mx: where possible * Verify at: https://mxtoolbox.com/spf.aspx * Update whenever you add or remove a sending service DKIM (DomainKeys Identified Message): → Purpose: Cryptographically signs emails to verify they haven't been altered → DNS record type: TXT (selector-based) → Setup process: 1. Generate DKIM key pair in your ESP (2048-bit key minimum, 1024-bit minimum) 2. Add public key to DNS as TXT record 3. Record format: selector1._domainkey YOUR-DKIM-PUBLIC-KEY-GOES-HERE 4. Enable DKIM signing in ESP settings 5. Verify signing with test email: https://dkim-validator.zagmail.com/ → Best practices: * Use 2048-bit keys (1024-bit may be deprecated) * Maintain two selector keys for seamless rotation * Rotate keys annually * Test after every DNS change DMARC (Domain-based Message Authentication, Reporting, and Conformance): → Purpose: Tells receiving servers what to do when SPF/DKIM fail → DNS record type: TXT at _dmarc.yourdomain.com → Policy progression: Step 1: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com → Monitor only (no action taken on failures) — start here → Run for 30 days, review reports Step 2: v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com; pct=100 → Failed emails go to spam — after confident all legitimate mail passes Step 3: v=DMARC1; p=reject; rua=mailto:dmarc@yourdomain.com; pct=100 → Failed emails rejected entirely — ultimate protection → Additional tags: * ruf=mailto:dmarc-forensic@yourdomain.com (forensic reports for failures) * pct=10 (apply policy to only 10% — for gradual rollout) * adkim=s (strict DKIM alignment) / adkim=r (relaxed, default) * aspf=s (strict SPF alignment) / aspf=r (relaxed, default) → Best practices: * NEVER start with p=reject (will block legitimate emails) * Review DMARC reports for 30+ days before tightening policy * Use DMARC analysis tools: Postmark DMARC, DMARCian, Valimail * Set up subdomain DMARC for separate sending domains * Monitor alignment issues: From header domain must match SPF/DKIM domain BIMI (Brand Indicators for Message Identification): → Purpose: Display your logo in the inbox next to authenticated emails → Requirements: DMARC p=quarantine or p=reject required → DNS record: TXT at default._bimi.yourdomain.com → Format: v=BIMI1; l=https://yourdomain.com/logo.svg; p=https://vcm.digicert.com/... → Needs: Verified Mark Certificate (VMC) from DigiCert or Entrust ($2,000–$4,000) → Supported by: Gmail (March 2024), Apple Mail (17.0+), Yahoo Mail ``` ## Sender Reputation Management ``` SENDER REPUTATION METRICS =========================== IP REPUTATION (for dedicated IP senders): METRICS THAT AFFECT IP REPUTATION: → Spam complaint rate: Must be < 0.1% (0.1 per 100 emails) * Gmail threshold: < 0.3% (0.3 per 100) * Outlook threshold: < 0.1% * Industry standard: < 0.1% → Bounce rate: Must be < 2% * Hard bounce rate: < 0.5% (invalid addresses) * Soft bounce rate: < 1.5% (temporary issues) → Engagement rate: > 20% combined open + click rate * Low engagement (<10%) signals low-quality sends → Volume consistency: Steady sending patterns * Sudden spikes (>3x normal volume) trigger scrutiny → Blacklist status: Must be clean on all major RBLs * Monitor: Spamhaus, SURBL, Barracuda, SpamCop, URIBL REPUTATION SCORES (by ISP): GOOGLE Postmaster Tools: → Domain Reputation: Good / Neutral / Bad → IP Reputation: Good / Neutral / Bad → Spam Rate: % (target < 0.1%) → Bounce Rate: % (target < 2%) → Authentication: SPF pass/fail, DKIM pass/fail MICROSOFT SNDS (Sender Reputation): → Sender ID Reputation: 0.0–1.0 (target > 0.8) → Complaints: < 0.1% of messages → Blocked rate: % of messages blocked → Block lists: Number of active blocks SENDGRID Sender Reputation: → Score: 0–100 (target > 70) → Based on: complaint rate, bounce rate, engagement, volume DOMAIN REPUTATION: Affects all email from your domain (marketing + transactional + personal): → One sender can poison the domain for everyone → Separate sending domains: marketing.company.com, transactional.company.com → Warm up new domains gradually (see warm-up protocol below) → Monitor domain health: Google Postmaster Tools, Microsoft SNDS → Never buy email lists (destroys domain reputation permanently) BLACKLIST MONITORING: MAJOR BLACKLISTS TO MONITOR: → Spamhaus (SBL, PBL, XBL, ZEN): Most widely used * Check: https://www.spamhaus.org/lookup/ * Delist: https://www.spamhaus.org/dbl/delisting/ → SURBL (Spam URIs BL): Checks URLs in your emails * Check: https://surbl.org/surbscm.php3 → Barracuda (BLS): Used by many enterprise ISPs * Check: https://www.barracudacentral.org/lookup → SpamCop: User-reported spam * Check: https://www.spamcop.net/bl.shtml → URIBL: Checks domain reputation of links in emails * Check: https://urihs.gbl.spamhaus.org/ MONITORING TOOLS: → MX Toolbox Blacklist Check: Free, checks 100+ blacklists → MultirBL: Checks 100+ RBLs simultaneously → SendHope: Comprehensive deliverability monitoring → GlockApps: Inbox placement testing across 50+ providers ``` ## List Hygiene and Management ``` LIST HYGIENE PROTOCOL ======================= ACTIVE SUBSCRIBER SEGMENTATION: ENGAGEMENT TIERS (based on last 6 months): HOT (Engaged): Opened or clicked in last 90 days → Send frequency: Normal cadence (weekly/bi-weekly) → Action: Nurture, personalize, reward engagement WARM (Moderately Engaged): Opened or clicked 90–180 days ago → Send frequency: Reduced cadence (bi-weekly/monthly) → Action: Re-engagement campaign, preference center COLD (Inactive): No engagement in last 180 days → Send frequency: Minimal (1 re-engagement attempt) → Action: Win-back campaign → suppress if no response DEAD (Never Engaged): Subscribed but never opened/clicked → Send frequency: None until engagement established → Action: Verification email → suppress if not confirmed LIST CLEANING PROCESS: STEP 1: Remove hard bounces immediately → Hard bounces = permanent delivery failure → Never retry hard-bounced addresses (sends to spam traps) → Most ESPs auto-suppress hard bounces STEP 2: Clean invalid and role-based addresses → Remove: @, @info, @admin, @support, @noreply → Verify: email syntax validation before importing → Tools: ZeroBounce, NeverBounce, Debounce, Bouncer STEP 3: Identify and manage spam traps → Types: * Pristine: Never had a real user ( planted by RBLs) * Recycled: Real email abandoned, now repurposed * Complaint-based: Created specifically to catch spammers → Prevention: * Double opt-in for all new subscribers * Regular list cleaning (every 90 days) * Never purchase or scrape email lists * Monitor spam complaint rate daily STEP 4: Run re-engagement campaign → Target: Cold and dead subscribers → Campaign: 3-email sequence over 21 days Email 1 (Day 1): "Are you still interested?" + preference center Email 2 (Day 7): Exclusive offer or valuable content Email 3 (Day 14): "Last chance — don't miss out" + final preference option → Action: Suppress all non-responders permanently STEP 5: Implement ongoing hygiene → Monthly: Review bounce and complaint rates → Quarterly: Full list audit and segmentation update → Annually: Complete list re-verification (email validation service) EMAIL VERIFICATION SERVICES: SERVICE COMPARISON: ┌──────────────┬──────────┬────────────┬──────────────┬───────────┐ │ Service │ Price │ Accuracy │ Volume Plans │ API │ ├──────────────┼──────────┼────────────┼──────────────┼───────────┤ │ ZeroBounce │ $16/1K │ 99%+ │ $499/50K │ Yes │ │ NeverBounce │ $20/1K │ 99.5% │ $499/35K │ Yes │ │ Debounce │ $9/1K │ 99.9% │ $249/50K │ Yes │ │ Bouncer │ $9.99/1K │ 99.5% │ $349/50K │ Yes │ │ Kickbox │ $15/1K │ 99%+ │ Custom │ Yes │ │ Hunter Verify│ $9.60/1K │ 95% │ $240/30K │ Yes │ └──────────────┴──────────┴────────────┴──────────────┴───────────┘ RECOMMENDATION: → For lists < 5K: Use one-time verification before campaign → For lists 5K–50K: Monthly verification of new additions → For lists 50K+: Continuous real-time verification at sign-up → Budget: $0.01–$0.02 per email verified (worth the investment) ``` ## Spam Score and Content Optimization ``` SPAM TRIGGER ANALYSIS ======================= SPAMMY WORDS AND PHRASES (avoid or minimize): HIGH RISK: → "FREE", "100% FREE", "No cost", "No obligation" → "Act now!", "Limited time", "Urgent", "Last chance" → "Guaranteed", "Risk free", "No risk" → "Make money", "Earn cash", "Investment opportunity" → "Buy now", "Order now", "Click here" → ALL CAPS subject lines (or >50% caps in body) → Excessive exclamation points (!!!) → "$$$", "Cheap!", "Discount" MODERATE RISK (context-dependent): → "Special offer", "Exclusive deal" → "Congratulations", "Winner" → "Claim your", "Hurry", "Don't miss" → "Best price", "Lowest price" → Multiple font colors CONTENT RATIO GUIDELINES: IMAGE TO TEXT RATIO: → Minimum 60% text, maximum 40% images → Text-only emails have highest deliverability → If image-heavy, ensure alt text on all images → Include visible text version alongside HTML LINK TO TEXT RATIO: → Maximum 20% links (by word count) → 1–2 links per 100 words is safe → Use descriptive anchor text (not "click here") → Avoid URL shorteners (bit.ly flagged by some ISPs) → Use branded short domains if needed (go.company.com) SUBJECT LINE RULES: → Length: 41–50 characters optimal (desktop) → Mobile: Under 30 characters for full display → Avoid spam words (see above) → Personalization: First name increases opens by 20–26% → Emojis: 1–2 max, can increase opens by 5–10% if brand-appropriate → Preheader text: 40–130 characters, extends subject line message → Never misleading (bait-and-switch increases complaints) SPAM SCORE TESTING: TEST BEFORE SENDING: → Mail-Tester.com: Free, scores 0–10 (target < 5) → GlockApps: Inbox placement test across 50+ providers → Send Hope: Deliverability monitoring → Litmus Inbox Placement: Enterprise deliverability testing → SpamAssassin: Open-source spam filter scoring ACCEPTABLE SCORES: → 0–3: Excellent — will reach inbox → 4–5: Good — minor improvements possible → 6–7: Warning — some providers may filter → 8–10: High risk — significant inbox placement issues ``` ## IP Warm-Up Protocol ``` DEDICATED IP WARM-UP SCHEDULE =============================== WHEN TO USE DEDICATED IP: → Sending volume: > 2,000 emails/day consistently → Brand protection: Avoid shared IP reputation risks → High-value sends: Transactional, time-critical communications → ESP minimum: Most require $300–$1,000/month minimum for dedicated IP WARM-UP TIMELINE (8 weeks): WEEK 1: 50–100 emails/day (engaged subscribers only) → Send to most engaged 5% of list → Monitor: bounce rate, complaint rate, engagement → Target: < 0.1% complaints, < 1% bounces WEEK 2: 150–250 emails/day → Expand to top 10% engaged subscribers → Maintain sending consistency (same time daily) WEEK 3: 300–500 emails/day → Expand to top 20% engaged subscribers → Continue monitoring reputation metrics WEEK 4: 500–1,000 emails/day → Expand to top 40% engaged subscribers → Check Google Postmaster Tools reputation WEEK 5: 1,000–2,000 emails/day → Expand to top 60% of list → Monitor inbox placement rates WEEK 6: 2,000–4,000 emails/day → Expand to 80% of list → Begin normal sending patterns WEEK 7: 4,000–8,000 emails/day → Nearly full volume → Check all reputation metrics WEEK 8: Full volume → Send to entire list → Continue monitoring daily for first 3 months WARM-UP BEST PRACTICES: → Send ONLY to engaged subscribers during warm-up → Maintain consistent daily sending times → Never skip days (inconsistency hurts reputation) → Remove all bounces within 24 hours → Honor all unsubscribe requests immediately → Monitor complaint rate daily (alert if > 0.1%) → Use ESP built-in warm-up if available (SendGrid, Mailgun) SHARED IP CONSIDERATIONS: → Most ESPs manage shared IP reputation → Suitable for: < 2,000 emails/day → Risk: Other senders on same IP affect your reputation → Benefit: No warm-up needed, included in base plan → Recommendation: Start with shared, migrate to dedicated at scale ``` ## Integration Points - Google Postmaster Tools: Monitor domain and IP reputation (free) - Microsoft SNDS: Sender reputation for Outlook/Hotmail (free) - Mail-Tester.com: Spam score testing (free tier available) - GlockApps: Inbox placement testing across providers ($249/month) - ZeroBounce / NeverBounce: Email list verification - DMARCian / Valimail / Postmark DMARC: DMARC reporting and analysis - SendGrid / Mailgun / Amazon SES: Email sending infrastructure - ESP deliverability dashboards: Mailchimp, HubSpot, Constant Contact - MX Toolbox: Blacklist checking and DNS lookup (free) - Litmus: Email rendering and inbox placement testing ## Edge Cases - **Transactional vs. marketing email separation**: Use separate subdomains (tx.company.com for transactional, mail.company.com for marketing). This prevents marketing complaints from affecting password resets and order confirmations. Transactional emails should authenticate with the subdomain's own SPF/DKIM records. - **Volume spikes and seasonal sending (Black Friday, holidays)**: ISPs scrutinize sudden volume increases. Pre-warm IP before peak seasons. Gradually increase volume 4–6 weeks before peak. Register send with ISPs where possible (Google's Bulk Senders guide requires registration for >5,000/day). - **B2B email deliverability**: B2B email faces unique challenges — corporate firewalls, role-based addresses, custom mail servers. Best practices: verify every B2B email address before adding, use double opt-in where possible, maintain low complaint rates (<0.05% for B2B), comply with CAN-SPAM and GDPR. - **GDPR and consent requirements (EU)**: Must have explicit, documented consent. Include: what they're subscribing to, who you are, unsubscribe link in every email. Honor unsubscribe within 72 hours (ideally instantly). Keep consent records for 3+ years. Never pre-check consent boxes. - **Email authentication for forwarded emails**: When emails are forwarded, DKIM signature may break (content changes). Solution: set DMARC alignment to relaxed (adkim=r, aspf=r) to allow forwarded email delivery. This is the default setting.