Email Deliverability Basics for Newsletter Publishers

Email deliverability — whether your newsletter lands in the inbox or the spam folder — is determined by a combination of technical configuration, sending behavior, and list hygiene. Publishers who manage their own email infrastructure need to understand all three. Those on managed platforms (Beehiiv, Ghost, ConvertKit) benefit from the platform’s sender reputation, but some configuration and list hygiene practices remain their responsibility regardless.

The Technical Foundation: SPF, DKIM, and DMARC

These three DNS-based standards authenticate your email and tell receiving mail servers that messages from your domain are legitimate.

SPF (Sender Policy Framework) specifies which mail servers are authorized to send email on behalf of your domain. It is a TXT record in your DNS:

v=spf1 include:mailgun.org include:amazonses.com ~all

The include: directives list the services authorized to send from your domain. The ~all at the end means mail from unlisted sources is treated as a soft fail (suspicious but not rejected). Use ~all rather than -all (hard fail) until you are confident your SPF record lists all legitimate senders — a hard fail on incomplete SPF breaks legitimate email.

DKIM (DomainKeys Identified Mail) adds a cryptographic signature to outgoing emails. The recipient’s mail server verifies the signature against a public key published in your DNS. A valid DKIM signature proves the email was not modified in transit and originated from an authorized source.

Your email provider generates a DKIM key pair and gives you the public key as a DNS TXT record to add. The record looks like:

mail._domainkey.yoursite.com  TXT  "v=DKIM1; k=rsa; p=MIGfMA0GCSq..."

Most providers (Mailgun, SES, Postmark) have setup documentation that walks through exactly which DNS records to add.

DMARC (Domain-based Message Authentication, Reporting & Conformance) ties SPF and DKIM together and tells receiving servers what to do with mail that fails authentication. Start with a monitoring-only policy:

_dmarc.yoursite.com  TXT  "v=DMARC1; p=none; rua=mailto:[email protected]"

The p=none policy means failed authentication is only reported, not rejected. Once you have reviewed the DMARC reports and confirmed your legitimate sending sources all pass, move to p=quarantine (failed mail goes to spam) and eventually p=reject (failed mail is dropped).

Verify all three records are configured correctly with tools like mail-tester.com or MXToolbox’s email authentication checker.

Sender Reputation

Mail servers build a reputation for each sending IP address and domain based on how recipients interact with mail from that source. High spam complaint rates, high bounce rates, and sending to spam traps all damage reputation. Good engagement — opens, clicks, replies — builds it.

Warm up new sending infrastructure. If you are migrating from one sending service to another, or setting up new sending infrastructure, you cannot immediately send to your full list. Start with a small percentage of your most engaged subscribers (those who open consistently), and gradually increase volume over days or weeks. Jumping from zero to 50,000 sends on a new IP is a fast path to spam folder placement.

Managed providers handle this for you. Self-hosted senders must manage warmup manually or use a warmup service.

Monitor your spam complaint rate. A complaint rate above 0.1% begins to damage reputation with most receiving mail servers. Google’s Postmaster Tools provides spam rate data for mail delivered to Gmail users. Keep it well under 0.1%.

Set up Gmail Postmaster Tools at postmaster.google.com and add and verify your sending domain. The reputation dashboard surfaces issues before they become serious.

List Hygiene

The quality of your subscriber list has a direct effect on deliverability. Sending to disengaged, invalid, or complaint-prone addresses harms your reputation with every send.

Hard bounces must be removed immediately. A hard bounce means the email address does not exist. Any serious email provider removes hard bounces automatically and will suspend your account for excessive hard bounce rates. Do not attempt to re-send to hard-bounced addresses.

Soft bounces (mailbox full, temporary server issues) can be retried, but addresses that soft bounce consistently should eventually be suppressed.

Remove unengaged subscribers. Sending to subscribers who have not opened anything in six to twelve months harms your engagement metrics and risks complaints. Before purging, run a re-engagement campaign — a direct “are you still interested?” email with a clear “stay subscribed” link. Remove anyone who does not click.

This feels counterintuitive — why delete subscribers? — but a list of 5,000 engaged readers delivers better inbox placement than a list of 15,000 where 10,000 are disengaged ghosts.

Never use purchased or scraped lists. These lists are full of invalid addresses, spam traps, and recipients who did not opt in and will complain. Using them is the fastest way to get your sending domain blacklisted.

Double Opt-In

Requiring email confirmation before adding a subscriber to your list eliminates invalid addresses and dramatically reduces complaint rates — people who actively confirmed their subscription are far less likely to mark your email as spam.

The deliverability case for double opt-in is strong. The growth case is that double opt-in reduces conversion from signup to confirmed subscriber (some percentage of signups do not confirm). Most publishers who measure it find the list quality improvement worth the conversion reduction.

The One-Click Unsubscribe Requirement

Gmail and Yahoo now require bulk senders to support one-click unsubscribe — an List-Unsubscribe header with a POST endpoint that unsubscribes the recipient without requiring them to log in or navigate to a page. Most major ESPs (Email Service Providers) handle this automatically. If you are self-hosting with Listmonk or a custom integration, verify that your setup includes the List-Unsubscribe and List-Unsubscribe-Post headers.

Making it hard to unsubscribe does not keep subscribers — it generates spam complaints, which are far more damaging than unsubscribes.

Checking Your Sender Score

Before and after major list changes or infrastructure migrations, run your sending setup through:

• mail-tester.com — sends a test email and grades SPF, DKIM, DMARC, and content
• MXToolbox — DNS lookup and blacklist check tools
• Google Postmaster Tools — ongoing reputation monitoring for Gmail delivery
• Validity (formerly Return Path) — sender score monitoring across ISPs

Good deliverability is not a one-time setup task — it is an ongoing practice of sending to people who want your email, maintaining clean lists, and keeping your technical authentication current.

• email deliverability
• newsletters
• email publishing
• spf
• dkim
• dmarc
• publishing tools