Skip to main content
All Articles
Stop Landing in Spam · 11 min read

THE DELIVERABILITYCHECKLIST THATACTUALLY WORKS.

SPF, DKIM, DMARC, warm-up protocols, sender reputation - everything you need to hit inbox instead of spam in 2026.

March 2026·LoomiMail Team·
Deliverability

Google now rejects emails from unauthenticated domains. Here's the exact 48-hour fix that takes your inbox placement from 73% to 96%.

In This Article

  1. 01Why Deliverability Is a Crisis in 2026
  2. 02The Complete Authentication Checklist
  3. 03The 30-Day Domain Warm-Up Protocol
  4. 04Ongoing Deliverability Monitoring

Why Deliverability Is a Crisis in 2026

In February 2024, Google and Yahoo announced new bulk sender requirements. Domains without SPF, DKIM, and DMARC records now face automatic rejection. Overnight, thousands of businesses saw their email deliverability collapse. Open rates crashed from 30% to under 5% - not because of bad content, but because of missing DNS records.

⚠️Critical: If you're sending bulk email without all three authentication records (SPF + DKIM + DMARC), Google is currently rejecting or spam-foldering your emails. Check your domain health first.

The Complete Authentication Checklist

Step 1: SPF Record (Sender Policy Framework)

SPF tells receiving email servers which IP addresses are allowed to send email on behalf of your domain. Without it, anyone can spoof your domain - and spam filters know it.

  • Log into your DNS provider (Cloudflare, GoDaddy, Namecheap)
  • Add a TXT record for your root domain (@)
  • Value: v=spf1 include:amazonses.com ~all
  • Wait 24-48 hours for propagation
  • Verify at mxtoolbox.com/spf.aspx

Step 2: DKIM Record (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to every email you send. Receiving servers use this to verify the email wasn't tampered with in transit. AWS SES generates your DKIM keys automatically.

  • In AWS SES console: go to Verified Identities → your domain
  • Click 'Publish DNS records' under DKIM section
  • Add the 3 CNAME records to your DNS provider
  • Wait for green 'Verified' status in SES (24-48 hours)
  • Test at mail-tester.com (aim for 10/10 score)

Step 3: DMARC Record (Domain-based Message Authentication)

DMARC is the final layer - it tells receiving servers what to do with emails that fail SPF or DKIM checks. Google now requires a DMARC policy for bulk senders.

  • Add TXT record to _dmarc.yourdomain.com
  • Start with: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
  • After 30 days, upgrade to: p=quarantine
  • After 60 days, upgrade to: p=reject (maximum protection)
  • Monitor reports at dmarcanalyzer.com

LoomiMail automates SPF, DKIM, and DMARC setup as part of the onboarding process. What takes 2-3 days manually takes 3 clicks with LoomiMail's guided setup wizard.

The 30-Day Domain Warm-Up Protocol

Even with perfect authentication, a brand new domain or IP address must be "warmed up" - gradually increasing sending volume so spam filters recognize you as a legitimate sender. Skipping warm-up is the #1 reason businesses get blacklisted.

Day RangeMax Daily SendsFocus Segment
Days 1-7500/dayBest, most engaged subscribers
Days 8-142,000/dayRecent subscribers (90 days)
Days 15-2110,000/dayActive subscribers (6 months)
Days 22-3050,000/dayFull list (engaged segments first)
Day 30+No limitFull volume with reputation established

Ongoing Deliverability Monitoring

  • Bounce rate target: Keep hard bounces under 2%, soft bounces under 5%
  • Spam complaint rate: Stay below 0.08% (Google's threshold for bulk senders)
  • Open rate benchmark: 20%+ for healthy lists, 30%+ for excellent
  • Unsubscribe rate: Under 0.5% per campaign is acceptable
  • List hygiene: Remove unengaged subscribers every 90 days

Get deliverability monitoring built-in with LoomiMail

Join thousands of businesses sending smarter with LoomiMail

Get Started Free

Share This Article

𝕏 PostLinkedInWhatsAppFacebook
FAQ

Frequently Asked Questions

What is SPF and why does my email need it?+

SPF (Sender Policy Framework) is a DNS record that tells receiving email servers which IP addresses are authorized to send email from your domain. Without SPF, spam filters treat your emails as potentially spoofed and may reject or junk-folder them.

How long does email authentication setup take?+

Setting up SPF takes about 5 minutes. DKIM takes 24-48 hours to propagate after adding the DNS records. DMARC should be added after SPF and DKIM are verified. Total time: 2-3 days including propagation waits.

What is domain warm-up and do I need it?+

Domain warm-up is the process of gradually increasing email sending volume from a new domain or IP so spam filters build trust in your sender reputation. Skipping it is the number one reason new senders get blacklisted. Always warm up new domains.

What bounce rate will get my account suspended?+

AWS SES suspends accounts that exceed a 10% bounce rate. Gmail and Yahoo start spam-filtering domains with consistent bounce rates above 2%. Keep hard bounces under 2% and soft bounces under 5% at all times.

Does LoomiMail help with SPF and DKIM setup?+

Yes. LoomiMail's onboarding wizard guides you through SPF, DKIM, and DMARC setup step by step. What typically takes 2-3 days of manual DNS configuration takes about 3 clicks with LoomiMail's guided setup.

Ready to Start?

Send Bulk Email for 85% Less.

LoomiMail runs on AWS SES - the world's most reliable email backbone. Pay only for what you send.

Start Sending Free See Pricing

More Articles

Pricing

Cheapest Bulk Email Service 2026: Real Cost to Send 100K Emails

Read
Technical

AWS SES vs SendGrid vs Mailgun: The Developer-Honest Comparison (2026)

Read
Mailchimp

Mailchimp Free Tier Limits Exposed: Why 10K Subscribers Actually Costs $130+

Read