If your invoices, newsletters or app emails keep landing in spam, it's usually not the content — it's authentication. Since Google and Yahoo tightened their bulk-sender requirements, domains without proper SPF, DKIM and DMARC get quietly filtered or rejected. The fix is technical but finite.
The three records that decide your fate
- ▸SPF — declares which servers are allowed to send mail for your domain.
- ▸DKIM — cryptographically signs your mail so receivers can verify it wasn't forged or altered.
- ▸DMARC — tells inboxes what to do when a message fails the checks, and reports who's sending as you.
Miss any one of these and the big providers treat your mail as suspicious by default — no matter how legitimate it is.
The 2026 rules in plain English
- ▸Authenticate with SPF and DKIM — both, not either.
- ▸Publish a DMARC policy (even p=none to start, then tighten).
- ▸Keep spam complaints below the threshold or get throttled.
- ▸Honour one-click unsubscribe on bulk mail.
“Deliverability isn't luck. It's three DNS records, set up correctly, and a domain reputation you don't abuse.”
How to know if you're affected
Send a test to a checker tool and read the auth results. If SPF or DKIM say 'fail' or DMARC says 'none' with no alignment, your mail is one filter update away from disappearing. A proper deliverability audit fixes the records, warms the domain, and gets you back into the inbox — usually within days.
Want this set up for your business?
VB Easy does this for clients every week. Let's talk about your setup — no obligation.