Email deliverability: how spam filters work
Many cybersecurity providers, especially those focused on email protection, now use artificial intelligence to analyze email behavior. These technologies simultaneously examine multiple aspects of a message: sender identity, content structure and tone, and the presence and nature of attachments, links, and images. If an email displays any suspicious or dangerous signs, it is automatically filtered and blocked, preventing it from ever reaching the user's inbox.
Let's look at how you can prevent your emails from being rejected.
The first element to consider is your technical records.
1. DMARC/SPF/DKIM records
DMARC, SPF, and DKIM are essential for email deliverability, and they directly influence how spam filters scan your emails.
a. SPF (Sender Policy Framework)
Role: Specifies which servers are authorized to send emails on behalf of your domain.
Impact on deliverability:
- If SPF fails → high risk of rejection or being marked as spam.
- Gmail, Outlook, Yahoo, and others use SPF results to calculate their spam score.
b. DKIM (DomainKeys Identified Mail)
Role: A cryptographic signature that guarantees the content hasn't been modified after it was sent.
Impact on deliverability:
- Without DKIM, modern email providers consider the email "less reliable."
- A valid DKIM signature improves the anti-spam score and builds trust in the domain.
c. DMARC (Domain-based Message Authentication, Reporting, and Conformance)
Role: Gives receiving servers instructions on what to do if SPF and/or DKIM fail.
Impact on deliverability:
- Without DMARC, a domain is vulnerable to spoofing → filters may be more suspicious.
- With a properly configured DMARC, you have a much better chance of passing alignment checks.
Impact on spam filtering
Filters like Gmail or Microsoft combine authentication, reputation, and content. As a result:
- If SPF/DKIM fail and DMARC is strict → immediate rejection is possible.
- If SPF/DKIM pass but DMARC is missing → stricter content filtering and a higher chance of landing in the "Promotions" or "Spam" folders.
In summary:
- SPF = who is allowed to send.
- DKIM = the email hasn't been altered.
-
DMARC = what to do if authentication fails + protection against spoofing.
→ Together, these three act as your technical "passport" to pass through filters before your content is even analyzed.
*strl: strict
It is therefore crucial to have a properly configured domain name with all the required technical records.
Once this step is complete, we can move on to the second point, which directly concerns the quality and content of your emails.
2. Content
To ensure good deliverability, spam filters scan your email content word by word, image by image, and link by link.
There are several traps you need to avoid. Let's look at a few fundamental points.
2.1 Sender email address
For good deliverability, the sender email address is just as important as the content.
Spam filters analyze both the domain and the format of the address.
Emails from senders or domains deemed unreliable or associated with spam are automatically filtered or rejected.
a. Use a custom, authenticated domain
We strongly advise against using free email addresses (like @hotmail.com) for bulk sending. These addresses are generally poorly perceived in email marketing, and in some cases, security policies like DMARC may block your messages.
Instead, use your own custom domain (e.g., @company.com) with SPF, DKIM, and DMARC records properly configured.
Also, avoid using suspicious or newly created subdomains (like promo2025-mysite.com), as they are often considered untrustworthy and can quickly be blacklisted.
b. No-reply@ addresses
Avoid using no-reply@ addresses. These addresses block replies and limit interactions with your recipients, which reduces engagement and ultimately harms your sender reputation.
Opt for friendly addresses that invite communication, such as:
- contact@company.com
- firstname@company.com
- support@company.com
Ensure there is consistency between your sender name and the email address used. This match is essential for building trust with both your recipients and spam filters.
- Bad example: Name = "Customer Service X", Email = promo@otherdomain.com
- Good example: Name = "Customer Service X", Email = support@company.com
c. Separate your sending types
It is important to use separate addresses and subdomains for different types of emails to protect and maintain your sender reputation. For example:
- Transactional: invoices@mycompany.com
- Marketing: newsletter@mycompany.com
- Support: support@mycompany.com
This separation ensures that an issue with one type of email won't negatively impact the deliverability of the others.
d. Reputation and domain age
Spam filters often test newly created domains and email addresses very cautiously.
That is why you should avoid sending a massive volume of emails right after creating your domain name. A gradual domain warm-up is absolutely mandatory.
2.2 Email subject line
For good deliverability, your email subject line is closely scrutinized by spam filters, and certain choices can seriously hurt your score.
Here is what you must absolutely avoid:
a. Spam trigger words and phrases
Certain words or phrases can increase the risk of your email being marked as spam:
- Suspicious words: free, gift, urgent, 100% guaranteed, winner, special offer, promotion, cash, income, crypto, etc.
- Camouflaged variants: FR€€, Fr33, $$$, which are easily detected by filters.
- Overly aggressive phrasing: "Don't miss out," "Last chance," "Act now."
The goal is to write clear, engaging emails without triggering spam filters.
Excessive punctuation and symbols
ISPs tend to reject emails with special characters in the subject line. It is highly recommended to avoid them whenever possible.
If you still want to use them, pay close attention to:
- Repeated exclamation or question marks: !!!, ??, ?!?
- Unnecessary or excessive symbols: $, %, ♥, ✔, 🔥 (a few are fine; too many will trigger spam filters).
- Emojis: avoid overusing them in the email body.
- All caps: limit their use, as filters often perceive them as aggressive or misleading.
The idea is to preserve readability and trust while avoiding triggering spam filters.
b. Capital letters
Writing an ENTIRE subject line in ALL CAPS is perceived as aggressive.
Capitalizing 1 or 2 keywords is acceptable, but beyond that, it can be poorly perceived by spam filters.
c. Clickbait
Unrealistic promises (e.g., "Make $1,000 in a week" or "Lose 20 lbs in 3 days") are often flagged as deceptive by spam filters. Any message that seems "too good to be true" risks significantly increasing your spam score and harming your deliverability.
Do not use misleading or "clickbait" subject lines. Promising content that isn't actually in the email, or intentionally exaggerating, frustrates recipients. As a result, more people will click "Mark as spam."
Example of what not to do: using "Your invoice is ready" as a subject line when the email is actually just a promotion.
As a preventive measure, our internal filter prevents you from sending emails with misleading subject lines. This helps protect your sender reputation and reduces the risk of "spam" complaints.
Our recommendations:
- Always be clear, precise, and transparent in your emails.
- Run regular A/B tests to identify what works best while preserving your sender reputation.
2.3 Sender name
The sender name plays a huge role in deliverability, not only for bypassing spam filters but also for encouraging recipients to open the email.
Here are some best practices to optimize it:
a. Consistency and recognition
Always use the same sender name to build and maintain your reputation.
It must be easily recognizable to your recipients: avoid constantly changing your sender name (e.g., switching between "Customer Support," "Newsletter," and "Promo Team"), as this can cause confusion and hurt your open rates.
b. No spam words
It is important to be careful with the style and content of your sender name. Avoid using all caps like "FLASH SALE !!!", symbols ($, ♥, !!!), and suspicious words like winner, free, or urgent. Some providers, such as Google, are highly sensitive to special characters in the sender name. Keep in mind that spam filters analyze this field as well, not just the subject line.
Aligning your sender name and email address
Aligning your sender name with your sender email address is crucial for building trust and avoiding suspicion:
- Good example: Name = Julie from StoreX, Email = julie@storex.com
If the name doesn't match the domain or the business, it can arouse suspicion among both recipients and spam filters.
Deliverability tip:
- Inboxes analyze the combined reputation of your "Sender Name + Email Address".
- Once you achieve a good open rate with a specific sender name → stop changing it.
2.4 Email body (text, links, and images)
Before working on the content itself, it is important to consider the size of your emails. Past a certain limit, they may be automatically rejected by servers or flagged as suspicious by spam filters.
a. Email size
Message size affects delivery speed and loading time. HTML emails are typically between 30 and 60 KB. Above 100 KB, they are considered too heavy, and there's a risk of rejection.
b. Images
When it comes to deliverability, images in an email body can be an asset... or a red flag, depending on how they're used.
To stay on the safe side, follow these best practices:
- Avoid emails that are 100% images or have very little text. Spam filters consider this type of message typical of fraudulent campaigns. Aim for a text-to-image ratio of at least 60% text to 40% images.
- Carefully choose where you host your images. Use a reliable, reputable host dedicated to email sending and tracking. Avoid free or unknown hosts (like Imgur or temporary image hosts), as they are highly likely to be blacklisted.
c. File size and dimensions
Every image you add increases the overall "weight" of your email and can affect its deliverability. For optimal performance and fast loading times, we recommend keeping the total size of your emails under 100 KB.
A few extra tips:
- The recommended maximum width for marketing emails is 600 to 650 pixels, which is compatible with most email clients.
- Compress your images before sending to reduce file size without sacrificing visual quality.
When using images in your emails, favor the right formats for each use case:
- JPEG: ideal for photos.
- PNG: perfect for graphics and logos with transparent backgrounds.
- Animated GIFs: acceptable, but often heavy. Be sure to compress them and use them sparingly.
Avoid hiding text inside your images. Spam filters can detect this tactic and may classify your email as spam.
d. Link-to-text ratio
You should also pay close attention to the links you include in your emails. Spam filters don't just look at the total number of links; they evaluate the link density compared to the text. For instance, a very short three-line email containing four links will look highly suspicious.
For a standard marketing email, we recommend limiting the number of links to 1-3. For example: a main CTA (call to action), a link to your website, and an unsubscribe link.
e. Link quality
Avoid using URL shorteners (like bit.ly, tinyurl, etc.), as they are frequently associated with phishing. Use links with your custom domain (e.g., https://yourdomain.com/...) or an authenticated tracking subdomain to build trust and improve deliverability.
f. Link repetition
It is completely fine to repeat a link multiple times within an email (for instance, a CTA at the top and bottom), but don't overdo it. Repeating a link more than 3 times in a short email can look suspicious.
g. Link types
Including too many links pointing to different external domains can raise suspicion, especially if some of those domains have a poor reputation.
Keep in mind that spam filters evaluate links to externally hosted images in the exact same way as regular links.
2.5 Attachments
When it comes to deliverability, attachments are a minefield: they can easily spike your spam score or cause an outright rejection by filters.
Emails can be rejected if the attachments contain malware, ransomware, or any suspicious content (ZIP files, PDFs, Office documents, etc.). Embedded links can also be blocked if they lead to malicious sites, especially through Time-of-Click analysis (validated at the exact moment the user clicks).
Here are some best practices to avoid blocks:
a. Maximum file size
- Ideally: < 5 MB per email (attachments + email body combined).
- Many servers filter or block emails larger than 10 MB.
The heavier the email, the slower it is to send, and the more attention it attracts from filters.
Consider different file formats and their impact:
- "Safe" formats: .pdf, .jpg, .png, .txt.
- High-risk formats (often blocked): .exe, .bat, .js, .scr, and .zip files containing executables, macros, or scripts.
- .docx and .xlsx files usually pass, but be careful with enabled macros: some filters reject them as a precaution.
It is therefore crucial to verify that your files don't contain harmful software before sending them. You can, for instance, run them through specialized online tools to detect viruses, malware, or ransomware.
Applying these recommendations is essential to guarantee good email deliverability. By following these rules, you increase the chances of your messages landing securely in the inbox and help preserve the overall quality of your sending infrastructure.