Email Deliverability Best Practices: A 2026 Checklist

Best Practices

Email deliverability isn't complicated, but it does require attention to many details. This checklist covers the best practices that matter most for getting your emails into inboxes. Use it as a reference when setting up email for a new domain or auditing an existing setup.

Authentication Setup

Authentication is the foundation of deliverability. Without it, nothing else matters.

SPF (Sender Policy Framework)

• [ ] SPF record exists for your sending domain
• [ ] All services that send email on your behalf are included
• [ ] Record uses appropriate mechanism (-all, ~all)
• [ ] Total DNS lookups stay under 10
• [ ] Record is tested and validated

Check your SPF record to verify configuration.

Common SPF mistakes:

• Forgetting to add a new email service
• Exceeding the 10-lookup limit
• Syntax errors that invalidate the record
• Using +all (allows anyone to send)

DKIM (DomainKeys Identified Mail)

• [ ] DKIM is enabled for each sending service
• [ ] Public key is published in DNS for each selector
• [ ] Signatures are being applied to outgoing email
• [ ] Signatures verify correctly at receiving servers

Test your DKIM configuration for each sending service.

Common DKIM mistakes:

• DNS record doesn't match sending configuration
• Key rotation without updating DNS
• Wrong selector being used
• DKIM disabled at the sending service

DMARC (Domain-based Message Authentication)

• [ ] DMARC record exists at _dmarc.yourdomain.com
• [ ] Policy is set (p=none for monitoring, p=quarantine or p=reject for enforcement)
• [ ] Aggregate reporting (rua) is configured
• [ ] Reports are being monitored

Verify your DMARC configuration and policy.

DMARC progression:

1. Start with p=none to monitor
2. Review reports to identify all legitimate senders
3. Fix any authentication failures
4. Increase to p=quarantine
5. Eventually move to p=reject

MX Records

• [ ] MX records point to valid mail servers
• [ ] Records have appropriate priority settings
• [ ] Mail servers are responding properly

Check your MX records are correctly configured.

List Management

Your email list quality directly impacts deliverability.

Permission and Opt-In

• [ ] Only email people who explicitly opted in
• [ ] Use confirmed opt-in (double opt-in) for best quality
• [ ] Document when and how each address was collected
• [ ] Never purchase, rent, or scrape email lists

List Hygiene

• [ ] Remove hard bounces immediately
• [ ] Remove soft bounces after repeated failures
• [ ] Identify and remove spam trap addresses
• [ ] Re-engage or remove subscribers who haven't opened in 6+ months
• [ ] Regularly validate email list for invalid addresses

Unsubscribe Management

• [ ] Include unsubscribe link in every email
• [ ] Make the unsubscribe link easy to find
• [ ] Honor unsubscribe requests within 10 days (legal requirement)
• [ ] Actually honor requests immediately (best practice)
• [ ] Implement List-Unsubscribe header for one-click unsubscribe

Sending Practices

How you send matters as much as what you send.

Volume Management

• [ ] Maintain consistent sending volumes
• [ ] Avoid sudden spikes (increase gradually if needed)
• [ ] Warm up new domains/IPs before sending at volume
• [ ] Match sending volume to list engagement

Frequency Management

• [ ] Set clear expectations at signup for email frequency
• [ ] Stick to the frequency you promised
• [ ] Offer frequency preferences to subscribers
• [ ] Don't bombard subscribers with too many emails

Timing

• [ ] Send at consistent times
• [ ] Test different send times for optimal engagement
• [ ] Consider recipient time zones
• [ ] Spread large sends over time rather than blasting all at once

Content Best Practices

Content affects both spam filtering and engagement.

Email Structure

• [ ] Include both HTML and plain text versions
• [ ] Use proper HTML structure
• [ ] Maintain reasonable image-to-text ratio
• [ ] Include alt text for images
• [ ] Test rendering across email clients

Subject Lines

• [ ] Write clear, accurate subject lines
• [ ] Avoid all caps and excessive punctuation
• [ ] Don't use misleading or deceptive subjects
• [ ] Keep subjects under 50 characters for mobile
• [ ] Avoid known spam trigger patterns

Body Content

• [ ] Deliver on the promise of your subject line
• [ ] Provide value in every email
• [ ] Use clear calls to action
• [ ] Avoid spam-associated phrases when possible
• [ ] Include your physical mailing address (required for commercial email)

Links

• [ ] Use full URLs instead of URL shorteners
• [ ] Link to reputable, established domains
• [ ] Don't use too many links in a single email
• [ ] Ensure link text matches the actual URL
• [ ] Verify all links work before sending

Technical Configuration

Technical details that affect deliverability.

Infrastructure

• [ ] Sending IPs have proper reverse DNS (PTR records)
• [ ] Sending IPs are not on major blacklists
• [ ] TLS encryption is enabled for email transmission
• [ ] Mail servers are properly configured

Headers

• [ ] From address uses your authenticated domain
• [ ] Reply-To address is valid and monitored
• [ ] All required headers are present
• [ ] Headers are properly formatted

Sending Domain

• [ ] Domain has been registered for sufficient time
• [ ] Domain is not on any blacklists
• [ ] DNS is properly configured
• [ ] Domain matches your brand and is recognizable

Monitoring and Maintenance

Ongoing attention keeps deliverability healthy.

Regular Monitoring

• [ ] Monitor bounce rates (target under 2%)
• [ ] Track spam complaint rates (target under 0.1%)
• [ ] Watch open and click rates for trends
• [ ] Check blacklist status regularly
• [ ] Review authentication pass rates

Check blacklist status for your domain regularly.

Use Provider Tools

• [ ] Set up Google Postmaster Tools for Gmail insights
• [ ] Configure Microsoft SNDS for Outlook data
• [ ] Enroll in feedback loops where available
• [ ] Monitor any dashboards your ESP provides

Regular Audits

• [ ] Audit authentication setup quarterly
• [ ] Review list quality and clean as needed
• [ ] Test inbox placement periodically
• [ ] Check DNS records haven't changed unexpectedly

Compliance Requirements

Stay legal and ethical.

CAN-SPAM (US)

• [ ] Don't use deceptive headers or subject lines
• [ ] Identify the message as an advertisement (if applicable)
• [ ] Include your physical postal address
• [ ] Honor opt-out requests within 10 business days
• [ ] Monitor what others do on your behalf

GDPR (EU/UK)

• [ ] Have legal basis for processing (consent for marketing)
• [ ] Provide clear privacy information
• [ ] Enable data subject rights (access, deletion)
• [ ] Maintain records of consent
• [ ] Report breaches within 72 hours

CASL (Canada)

• [ ] Obtain express consent before sending
• [ ] Identify yourself clearly
• [ ] Provide working unsubscribe mechanism
• [ ] Keep consent records for duration + 3 years

Quick Wins Checklist

If you're just getting started, prioritize these:

1. [ ] Set up SPF, DKIM, and DMARC
2. [ ] Verify authentication is passing
3. [ ] Check for blacklist listings
4. [ ] Clean obvious bad addresses from your list
5. [ ] Add clear unsubscribe links
6. [ ] Set up basic monitoring

Common Mistakes to Avoid

• Buying email lists
• Sending to old, unengaged lists
• Ignoring bounce messages
• Using authentication-free sending
• Sudden volume increases without warmup
• Misleading subject lines
• Hidden or difficult unsubscribe processes
• Ignoring spam complaints
• Not monitoring deliverability metrics

Stop Worrying About Email Deliverability

The Email Deliverability Suite monitors your SPF, DKIM, DMARC, MX records and blacklist status daily. Get alerts when something breaks — before your emails stop arriving.