If clients tell you they didn’t receive your email, or if you’ve noticed your emails going to spam, you’re dealing with an email deliverability problem. These problems have specific, fixable causes — they’re not mysterious or random.
Here’s a plain-English explanation of why it happens and what to do about it.
Why emails go to spam
Email providers (Gmail, Outlook, Yahoo) use sophisticated systems to decide whether incoming emails are legitimate or spam. They look at dozens of signals, but the most common causes of business email landing in spam are:
Your domain’s DNS records aren’t configured correctly. This is the most common cause. Three DNS records — SPF, DKIM, and DMARC — tell email providers that email from your domain is legitimately authorized. If these records are missing, misconfigured, or absent, your emails look suspicious.
Your domain is new. New domains have no sending history, which means no reputation. Email providers treat emails from brand-new domains with more suspicion. This typically improves after a few weeks of sending legitimate email.
You’re sending from a shared IP with a bad reputation. If you’re using an email marketing service, you may be sending from a shared IP pool. If other users on that pool have sent spam, the IP’s reputation affects your deliverability.
Your email content triggers spam filters. Certain phrases (“free money,” “guaranteed,” “act now”), excessive use of links, image-heavy emails with very little text, or large attachments can trigger content filters.
SPF, DKIM, and DMARC — what they actually do
These are DNS records that verify your email is legitimate. You don’t need to understand the technical details, but you do need them configured correctly.
SPF (Sender Policy Framework): A DNS record that lists which servers are authorized to send email from your domain. Example: “only Gmail’s servers are allowed to send email from @yourcompany.com.” If email arrives claiming to be from your domain but from an unauthorized server, SPF fails.
DKIM (DomainKeys Identified Mail): A digital signature attached to every outgoing email that proves it wasn’t tampered with in transit. The signature is verified using a key in your DNS records.
DMARC (Domain-based Message Authentication): A policy that tells receiving servers what to do when SPF or DKIM fails. Options are “none” (do nothing, just report), “quarantine” (put it in spam), or “reject” (don’t deliver it at all). DMARC also sends you reports about email sent from your domain, which helps you detect if someone is spoofing your address to send spam.
Without SPF and DKIM configured, email providers have no way to verify that email claiming to come from your domain actually came from you — which makes them distrust it.
How to check your current configuration
Two free tools give you an immediate diagnosis:
MXToolbox (mxtoolbox.com): Enter your domain and run the Email Health check. It checks your SPF, DKIM (if you specify the selector), and DMARC records and flags any problems with specific error messages.
Mail-tester.com: Send a test email to the address they provide, then click “Check your score.” It gives you a score out of 10 with specific reasons for any deductions. This is particularly useful because it tests your actual emails rather than just your DNS records.
How to fix it
Setting up SPF: Your email provider (Google Workspace, Microsoft 365, your hosting provider’s mail server) has specific SPF record instructions in their documentation. You add the record in your domain registrar’s DNS settings. Search “[your email provider] SPF record setup” for exact instructions.
For Google Workspace, the SPF record looks like:
v=spf1 include:_spf.google.com ~all
For Microsoft 365:
v=spf1 include:spf.protection.outlook.com -all
Setting up DKIM: Usually done within your email platform’s admin console rather than directly in DNS. Google Workspace: Admin Console → Apps → Google Workspace → Gmail → Authenticate Email → Generate new record, then add it to DNS. Microsoft 365: Admin Center → Settings → Domains → [your domain] → Check DNS Records.
Setting up DMARC: A DMARC record is added to DNS. Start with a “none” policy to see reports without affecting delivery, then tighten it once you’re confident your legitimate email is properly authenticated:
v=DMARC1; p=none; rua=mailto:dmarc@yourcompany.com
The rua address receives weekly reports. After a few weeks of reviewing reports to confirm your legitimate mail is passing, switch to p=quarantine or p=reject.
If the DNS is fine but emails still go to spam
Once SPF, DKIM, and DMARC are configured correctly, the remaining causes are usually:
- Content: Review your email for spam-trigger phrases. Run it through mail-tester.com to see if content is flagged.
- Sending volume spikes: Sudden large sends from a small business domain look like a spam burst. Warm up gradually if you’re starting email marketing.
- Blacklisted IP: Check if your sending IP is on a blacklist using MXToolbox’s Blacklist Check. If it is, follow the delisting instructions for that specific blacklist.
- Ask recipients to whitelist your address: For important client relationships, ask the client to add your email to their contacts or whitelist your domain. This is a reliable workaround for one-off deliverability issues with specific recipients.
Email deliverability problems feel opaque but have specific, identifiable causes. The SPF/DKIM/DMARC configuration handles the most common one; the diagnostic tools make it straightforward to confirm what’s wrong before trying to fix it. For most small businesses, an afternoon working through this checklist resolves the problem permanently.