Cold Email Deliverability Checklist 2026

Send from a sending subdomain (go.example.com), not the root domain

Keeps a warmup misstep from damaging your main domain's reputation

Domain registered at least 30 days before any cold sends

Mailbox providers don't trust brand new domains

MX records resolve and accept mail back at the sending domain

Receivers reject mail from domains that can't take replies

PTR (reverse DNS) record matches the sending host

Most providers downgrade or block senders with mismatched PTR

SPF TXT record published at the apex with strict (-all) or soft (~all) qualifier

Authorizes which IPs can send for your domain

SPF stays under the 10 DNS lookup ceiling (RFC 7208 §4.6.4)

Going over triggers PermError and auth fails

DKIM 2048 bit key published at <selector>._domainkey

Cryptographically signs every message. Google flags 1024 bit keys as weak now

DKIM-Signature header appears on every outgoing message

Required for the receiver to verify the signature

DMARC TXT record at _dmarc with a valid rua= reporting address

Required by Google and Yahoo's 2024 bulk sender rules

DMARC policy at p=none for the first 4 to 8 weeks, then move to quarantine or reject

Lets you see legitimate sources in reports before you enforce

Aggregate DMARC reports parsed at least weekly

Reveals third-party senders using your domain you forgot about

New domain warmed for 14 to 28 days before any campaign

Skipping warmup is the number one reason new domains land in spam

Warmup volume starts at 5 to 10 sends per day and ramps gradually

Sudden spikes from low to high volume look like spam to filters

Warmup recipients actually reply to warmup messages

Reply rate moves the reputation needle more than open rate

Bounce rate stays under 2% throughout warmup

Mailbox providers throttle senders above this threshold

Complaint rate stays under 0.1%

Above this, ESPs may suspend the account regardless of volume

Subject line under 60 characters, no ALL CAPS, no excessive punctuation

Spam filters score on subject line shape and tone

Body avoids known spam trigger phrases ("free!!", "act now", "limited time")

Bayesian content filters weight these heavily

Plain text version exists alongside HTML (multipart/alternative)

Some receivers default-render plain text. Missing it triggers spam scoring

Image to text ratio under 40% by area

Image heavy mail with little text is a classic phishing pattern

Tracking pixel and click tracking domains aren't on blacklists

Even with a clean main domain, tracker blacklisting kills delivery

List-Unsubscribe header (RFC 8058) present on every send

Required by Gmail and Yahoo's bulk sender rules. Missing it flags spam

Send rate stays under per-second limits your provider publishes

Throttling cascades into deferrals, which cascade into bounces

Send window respects recipient timezone (typically Tue to Thu, 9am to 3pm local)

Engagement rates are 2 to 3x higher in business hours than overnight

Follow-ups pause automatically when a recipient replies

Sending the next step after they replied hurts reputation more than the reply helps

Bounced addresses suppressed permanently after the first bounce

Repeated bounces to the same address are the top reason ESPs suspend accounts

Postmaster Tools enrolled (Gmail) and SNDS enrolled (Outlook)

Real-time provider-side reputation data. Free and irreplaceable

Pre-send check on every campaign (SPF, DKIM, DMARC, blacklist, content)

Catches issues before recipients ever see them