Email Deliverability Fixes for Your Startup

 

Emails going unseen is a common problem. It can make or break your business.

There's a good chance that as you read this, emails sent by your company are landing in customers' spam folders. Unfortunately, that scenario is not unique; email delivery challenges are a recurring theme among early-stage businesses.  

These challenges range from day-to-day corporate communications to periodic customer marketing emails. Usually, the first sign of something having gone wrong is when a recipient doesn't reply in an expected timeframe, or even worse, when a customer kindly informs you that your latest monthly newsletter ended up in their junk folder.

Don't be mistaken; ensuring high email deliverability is pivotal for every small business to communicate with customers and drive revenue. But it's not easy. The protocols enabling email originated before the modern internet era and never anticipated its current use (and abuse) cases. As a result, technical email configuration can be confusing to non-experts. This post covers concrete, actionable steps to help you understand these mechanisms and improve your business's email deliverability.

What is email deliverability?

Email delivery is the ability of a sender's email to reach a recipient's email server. Email deliverability, on the other hand, is the ability of an email message to reach the intended recipient's inbox. In other words, email deliverability measures the success rate of email delivery.

Several factors affect an email message's deliverability, including the sending domain's reputation, the content of the email message, and the recipient's email server and spam filters. So, if improving your email deliverability is a current goal, start by using a reputable email service provider, following email marketing best practices, and maintaining a clean email list. 

deliverability

What is a good email deliverability rate?

There is no such thing as 100% successful email delivery. The fact that today we still find our junk folders full of spam should be evidence enough that "solving email" is a matter of degree, with no absolutes.

With that in mind, most marketers agree that a rate of 85% or higher should be your goal, with some variance based on your industry. 

Before you get started

  1. Inventory all systems that send emails on your behalf.
    It's common for an initial list to miss something, so double check inventory is complete. See "Email Inventory" below.
  2. Gain admin access to your email systems. You'll need to configure mail delivery, verify domains, etc., for many of the above, which will require administrative access.
  3. Gain admin access to your Domain Name System (DNS) provider.
    The DNS of the associated domain is used to set many email-related configuration items.
  4. Spend time brushing up your knowledge in this area.
    Email and related systems are infrequently visited and not always well understood. So, even if you’re a seasoned technologist, software engineer, or IT professional, take the time to study — it'll be well worth it.

If you're non-technical, you may be able to piece all this together by carefully following along. But if you have a technical resource, get this document in front of that person and ensure they have the time, space, and support to audit email deliverability and check the preliminaries off the list.

Three steps to improve email deliverability

Operational Documentation

To understand email issues, start by referring to your existing operational documentation. Most early-stage companies are documentation deficient, and if that's true of your business, commit to changing that as part of this experience. Six months or a year from now, when something is on fire, you'll thank yourself later for doing so.

Whenever you make a change related to email, note that as part of a running changelog. This way, you have an idea of what has happened over time, helping to diagnose potential issues and reduce the risk of turning an annoyance into a serious problem.

Email Inventory

Compile a complete inventory of all systems that send emails on your behalf. There may be some you are unaware of (at least the technical details). These include:

  • Corporate email (Office 365, Google Workspace, etc.)
  • Marketing email (Mailchimp, SurveyMonkey, HubSpot, etc.)
  • Transactional email (SendGrid, Mailgun, Amazon SES, etc.)

If you utilize a DMARC monitoring service (you should; more on that later), it will gather the sources of your organization's emails over some time. The exact timeframe depends on the types and sources of emails used (e.g., a monthly email newsletter). It's not unusual for an early-stage company to discover an email source that wasn't part of a first-pass email inventory or that third-party services may send emails on your behalf in unexpected ways.

You will need to understand each email sender's SPF and DKIM requirements and note these. Keep reading for details on these technical items later in the article.

DNS Changelog

Maintain an active changelog for email-related DNS entries as part of your operational documentation process. Over time these changes become infrequent, but having a running history on hand can be a lifesaver when issues arise.

Email-related records you want to document include:

  • MX
  • CNAME – DKIM entries
  • TXT – SPF and DMARC entries

If you ever need to revert or understand previous changes, no guessing will be required — all the DNS changes made over time will be in plain sight and easy to understand.

Foundational configurations

Although email delivery is never guaranteed, three configuration items significantly improve your odds of success. These are all items configured by the DNS records for a given domain.

  1. SPF (Sender Policy Framework) record: This TXT record indicates which hosts are authorized to send emails on behalf of a domain. Example SPF record: v=spf1 include:spf.protection.outlook.com include:servers.mcsv.net ~all. This example states that Office 365 and Mailchimp are authorized email sources from this domain. The values used are recorded in each vendor's documentation. Note that IP addresses or netblocks may also designate these. Common issues include:
    1. Missing/incomplete
    2. Not set as a TXT record
    3. Too many items listed (record limited to 10 DNS lookups)
  2. DKIM (Domain Keys Identified Mail) record: DKIM records point to public keys used to validate the sender of email messages cryptographically. Each email provider provides the details on how to refer to their DKIM configuration. These are typically CNAME records, where the provider defines the hostname (although sometimes configurable) and a corresponding reference.  Example DNS record: CNAME k2._domainkey dkim2.mcsv.net (this is an example entry for Mailchimp).
  3. DMARC (Domain-based Message Authentication Reporting and Conformance): The DMARC record is a DNS TXT record, which directs email systems on how they should handle email messages from your domain based on their SPF and DKIM settings. When fully implemented, this provides a high degree of security against forged emails appearing as originating from your domain. DMARC is also helpful because mail handlers can send downstream reports, giving visibility into what is happening in the field. 

Example DNS  record: TXT _dmarc "v=DMARC1; p=none; rua=mailto:test@monitoring.com;". Your DMARC reporting service specifies the specific rua value to use. In this example, we are using a fictional monitoring.com  as the DMARC reporting service. 

Click the links for each item above for more detail.

Technical language aside, here’s the bottom line:

  • You need proper SPF and DKIM records. An incorrect SPF record typically results in an email never landing in an inbox. Incorrect or misaligned DKIM records usually mean emails getting sent to a junk folder or equivalent.
  • Implement DMARC to prevent spoofing and provide downstream visibility into delivery. Depending on your scenario, it may not be possible to lock down SPF and DKIM compliance completely. However, this may vary depending on the capabilities of who sends emails on your behalf.

A free online tool such as MxToolbox can give quick visibility into what the world sees for your email DNS settings and much more. 

Other helpful recommendations

"On Behalf Of" Messages

 MUST DO 

Many bulk email providers can provide an easy, zero-configuration solution by sending emails from their domain (e.g., Mailchimp, SendGrid), with the from address being some form of "On behalf of <email@mydomain.com>." While the SPF and DKIM records will check out for the sending domain, this generic address may trip some spam detection systems and impact deliverability.

It is always better to configure these systems to utilize your domain rather than a generic domain associated with the provider. The specifics will vary for each, but you'll likely need to modify your SPF record and add DKIM entries. Often this is part of a "domain authentication" process with many email vendors.

Use a third-party email service

 RECOMMENDED 

Don't tackle your marketing and transaction emails using SMTP and your corporate email domain. The error conditions are abundant, and there are associated security and workflow issues. If you do this today, a high priority should be to migrate to a third-party email service. 

Email marketing platforms, such as HubSpot or Mailchimp, provide the tools to let marketers do their job without requiring ongoing technical assistance. Once the necessary DNS records get set, the technical maintenance burden is very low.

Likewise, with transactional email, utilize any number of third-party services, such as SendGrid or Mailgun. These allow developers to easily add email capability into application code with minimal fuss to security. These platforms have detailed logging and reporting capabilities to support ongoing monitoring and maintenance in a simplified way.

Email Reputation

 MUST DO 

Over time, the domains associated with your email gain a "reputation," which gets shared among those delivering email and is used in part to determine whether any particular email message is likely to be spam or not. The following is a partial list of items to consider maintaining to ensure a good email reputation:

  1. Ensure your technical email configurations are correct (what we covered earlier).
  2. Ensure you are utilizing email communication best practices, such as opt-in/opt-out and providing easy-to-use unsubscribe mechanisms. Third-party email services make supporting the required legal and best practice options easier.
  3. Periodically review your email lists to ensure email addresses and subscription details are accurate. If your email service provides bounce/unsubscribe and similar reports, keep a close eye on them.
  4. Make sure to "warm up" new email marketing mechanisms. See IP Warm-up Strategy Overview for more on this.
  5. Using purchased bulk email lists is a sure way to damage your reputation quickly. Recovery may be slow, and the consequences may be significant.
  6. Ensure your marketing email content is not "spammy." Even with all the underlying technical details in place, content spam filters can be the final judge of deliverability.

You can find more information on how to check your reputation here.

DMARC Monitoring

 RECOMMENDED 

Enroll in a DMARC reporting service like dmarcian. These services are low cost and allow you to monitor, understand, and diagnose issues with your downstream email delivery. Even if DMARC enforcement is not possible due to specific email services in use, maintaining a p=none monitoring stance provides ongoing email delivery visibility. Postmark is another provider with a more limited but free DMARC reporting service. But ultimately, explore which DMARC reporting option best fits your needs.

When getting started, don't jump to conclusions. Give yourself a week or two for sufficient DMARC reporting logs to be gathered. Also, consider the timing of your email — a monthly marketing email from a specific provider won't appear in any logs until after they get sent.

Partition your email into subdomains

 ADVANCED 

Consider partitioning your email sources into subdomains. Here's why: Much of the world uses domain reputation as a significant input for email delivery. Should any one of your email sources gain a poor reputation, any email from the entire domain will likely suffer.

A simple example of this could be:

  • Core corporate communications originate from your base email domain (e.g. jane.smith@example.com)

  • Marketing email segmented to the subdomain newsletter.example.com (e.g. no-reply@newsletter.example.com)

  • Transactional email segmented to the subdomain accounts.example.com (e.g. invoice@accounts.example.com)


For more information, read The Basics of Subdomains and How To Use Them.

The scope of this configuration goes beyond this article and will depend on your unique uses and needs. For many early-stage companies, email subdomains are aspirational. Still, it's essential to know it exists, and it may be necessary to put it on your operational roadmap at some point.

Don't jump in head first

Since most of the configurations covered here are through DNS, be sure to have a good plan up front, with possible stepped phases as necessary. DNS changes take time to propagate, and an errant change may impact some email delivery until any fix(es) are re-propagated.

In the case of DMARC, always start with p=none and then evaluate the ability to further restrict from there. Give appropriate time to monitor DMARC reports because it can take several weeks to get a good picture, and the timing of periodic bulk mail — such as monthly newsletters — needs to be considered.

Not all email services can properly support DMARC. You may need to explore alternative service providers to achieve full DMARC compliance. If this is your situation, add it as an item to address on your operational roadmap.

  • Remember, DNS settings inform email flow significantly, so changes may take time to propagate fully.
  • Outside of when you’re first addressing comprehensive email configuration, try making one systematic change at a time.

 

Sample DMARC Schedule

The table below outlines a general DMARC enforcement progression. Note that the frequency of your email sources will dictate the progression timeline. For example, if you send marketing emails (e.g., a newsletter) at most once per month, the DMARC update interval should allow for observing these deliveries through DMARC reporting. The rua=mailto:test@monitoring.com used below is a fictitious placeholder — your DMARC reporting provider will supply a specific rua value.

 

Step

DNS Entry

Comments

1

(none)

The typical default starting point

2

v=DMARC1; p=none; rua=mailto:test@monitoring.com;

Baseline record to start DMARC monitoring; no change to current delivery

3

v=DMARC1; p=quarantine; pct=1; rua=mailto:test@monitoring.com;

Quarantine 1%

4

v=DMARC1; p=quarantine; pct=25; rua=mailto:test@monitoring.com;

Quarantine 25%

5

v=DMARC1; p=quarantine; pct=50; rua=mailto:test@monitoring.com;

Quarantine 50%

6

v=DMARC1; p=quarantine; pct=100; rua=mailto:test@monitoring.com;

Quarantine 100%

7

v=DMARC1; p=reject; pct=1; rua=mailto:test@monitoring.com;

Reject 1%

8

v=DMARC1; p=reject; pct=100; rua=mailto:test@monitoring.com;

Reject 100%. Full DMARC compliance. Motivated organizations can now explore BIMI.

 

Using the above progression, it could take up to six months to safely migrate from no DMARC policy to fully compliant, depending on the volume and frequency of your email sources. Plan and schedule these changes to get full DMARC enforcement behind you.

Tips: Testing and Email Headers

It's always a good idea to send test messages to a sampling of external mailboxes to evaluate their delivery behavior. Having a few Gmail, Outlook, or similar accounts handy can quickly show whether a fundamental delivery issue exists. You'll be able to see if your emails are bouncing, showing up in junk folders, or getting flagged as "Unverified." But do the easy homework upfront by spot-checking your email configuration before sending a mass mailing. 

Also, in the early phases of any email cleanup, consider using smaller batches of a mass email rather than sending them to a large list all at once. Give a moment between batches to monitor for any anomalies.

If you encounter delivery challenges, look at the email headers on the received message. Selecting "View Source" or similar on your email client can often accomplish this. Here you'll see several headers that detail what the recipient email server observed: Authentication-Results, Received-SPF, DKIM-Signature, and others. These should align with your current email and DNS configurations. 

You may also see spam-related headers; these will indicate how the recipient server evaluated the email contents as spam (or not), typically with a score. For example, emails delivered to a Microsoft-powered address, such as Office 365 or outlook.com, will have an X-Forefront-Antispam-Report header. Use tools like the Message Header Analyzer to decode this and more, helping to diagnose your deliverability issue. 

This is just the start

The items outlined here are just the tip of the iceberg, providing general guidance on addressing email deliverability issues.

Ideally, after going through this exercise, you will have three items documented:

  1. Email Inventory
  2. DNS
    1. General information
    2. Current email-specific records with accompanying changelog
  3. DMARC reporting

In addition, you should put into place processes to:

  1. Document email system changes as they occur (above list)
  2. Periodically review DMARC and email provider reports
  3. Periodically review email list hygiene
  4. Collaborate with marketing and customer success counterparts to share updates regarding email deliverability health

As part of our LogicBoost Labs portfolio engagement, one of our early technical tasks is to evaluate email deliverability, document its current state, and start any remediation processes as required — essentially all the steps outlined here. Few early-stage startups have their DMARC house in order, which means, if nothing else, we usually end up starting the clock on the DMARC schedule indicated above, even if everything else is in proper order.

Email deliverability isn't a set-and-forget activity. Once the initial ground state gets set correctly, observing its health and responding to any issues is an ongoing operational process — as would be the case with any other system that is core to your company's success.

Resources


Disclaimer: LogicBoost Labs has no official or compensated relationship with any vendors mentioned in this article.