TL;DR
Cold email deliverability fails in predictable ways. After analyzing hundreds of campaign post-mortems, the same five root causes account for roughly 90% of all deliverability failures:
| # | Root Cause | Frequency | Quick Test |
|---|---|---|---|
| 1 | Stale or unverified list data | ~40% | |
| 2 | Broken DNS authentication (SPF/DKIM/DMARC) | ~25% | |
| 3 | Premature sending before warmup completes | ~15% | |
| 4 | Sending too fast, too soon | ~10% | |
| 5 | Spam-trigger copy or excessive links | ~10% |
The single most misunderstood factor: Catch-all domains. Between 10-20% of B2B domains use catch-all mail server configurations that make standard email verifiers return false positives. Most senders don't know this is happening, but RevenueBase Email Verification can easily tell if these emails are Valid or Invalid. Section 5 explains this in full and shows how to fix it.
Three things to do right now if you're having deliverability problems:
DNS & Authentication
Based on community discussion patterns across the cold email ecosystem
The deliverability failure landscape follows predictable patterns. Understanding these root causes is the first step to fixing them.
Cold Email Campaign Failure Modes by Root Cause
• Broken DNS records (SPF/DKIM/DMARC failing silently)
• Sending to lists with high invalid or catch-all rates
• Wrong warmup-to-cold-send volume ratios (scaling cold sends too fast relative to warmup volume)
• Warmup pool with no genuine replies (one-way sends don't build reputation)
Inbox Setup
Domain setup, DNS authentication, and mailbox configuration
Critical Rule
Choosing Your Sending Domains
Domain Setup Checklist
Choose Your Email Provider
| Factor | Google Workspace | Microsoft 365 |
|---|---|---|
| Monthly cost | $6/user (Starter) | $6/user (Business Basic) |
| Daily send limit per mailbox | 2,000 | 10,000 |
| Warmup tool compatibility | Excellent | Good — growing |
| Spam filter strictness (post-2024) | More aggressive | More forgiving |
| Setup complexity | Simple | Slightly more complex |
| Best for | Teams starting out | High-volume teams (1,000+/day/mailbox) |
2025–2026 Enforcement Update
SPF Record
SPF Setup
DKIM Record
DKIM Setup
DMARC Record
DMARC Setup
Mailbox Setup
Non-negotiable Rule
Warmup Duration by Scenario
| Scenario | Recommended Duration |
|---|---|
| Brand new domain (0 days old) | 45–60 days total (14-day aging + 30-day warmup) |
| New domain (14–30 days old) | 30 days of active warmup |
| Previously used domain (no bad history) | 14–21 days |
| Domain with prior spam complaints | 45+ days — consider registering a new domain instead |
| Existing mailbox on warmed domain | 7–14 days before scaling |
Weekly Volume Ramp Schedule
Emails Per Mailbox Per Day:
Warmup Best Practices
Instantly Setup
Workspace, accelerator, and deliverability suite configuration
Account Setup
Connection Setup
Warmup Configuration
Campaign Settings
Auto-Pause Setup
Deliverability Tools
Lead Management
Smartlead Setup
Account, warmup, and campaign configuration for Smartlead
Account Setup
Connection Setup
Warmup Configuration
Campaign Settings
Auto-Pause Setup
Lead Management
What's Getting Your Emails Filtered
Infrastructure and reputation matter more than keywords — but both matter
How Spam Filters Actually Work (2026)
This is the gate. If authentication fails, nothing else matters — your email is rejected outright or routed directly to spam regardless of what the copy says. Fix this first.
Gmail and Outlook watch how recipients interact with email from your domain over time. Low engagement trains the filter to deprioritize you. High complaint rates trigger enforcement.
Content signals matter, but they're the last thing filters check — and modern ML-based filters look for structural patterns, not keyword lists. A perfectly worded email from a domain with no warmup still lands in spam.
Spam Trigger Word Reference
These words don't automatically send your email to spam — context, volume, and your sender reputation all factor in. A cold email from a warmed domain with clean authentication can include "free" without issue. The same word from a brand-new domain with no warmup history will likely get filtered. Use this table as a guide, not a blocklist.
| Word / Phrase | Category | Risk Level | Safer Alternative |
|---|---|---|---|
| Free | Financial | HIGH | Complimentary / at no cost / included |
| FREE!!! | Financial | HIGH | (avoid) |
| Make money | Financial | HIGH | Drive revenue / generate pipeline |
| Earn extra cash | Financial | HIGH | (avoid entirely) |
| 100% free | Financial | HIGH | No cost to start |
| Cash bonus | Financial | HIGH | Incentive / reward |
| No cost | Financial | MEDIUM | Included in your plan |
| Save big | Financial | MEDIUM | Reduce costs / cut spend |
| Investment | Financial | MEDIUM | Budget / allocation |
| Profit | Financial | MEDIUM | Revenue / return |
| Earn | Financial | MEDIUM | Generate / drive |
| Double your | Financial | HIGH | Grow your / improve your |
| Act now | Urgency | HIGH | Reply by [specific date] |
| Urgent | Urgency | HIGH | Time-sensitive / by Friday |
| Limited time offer | Urgency | HIGH | Available through [date] |
| Last chance | Urgency | HIGH | Closing soon / wrapping up |
| Don't delay | Urgency | HIGH | (avoid) |
| Offer expires | Urgency | MEDIUM | Available through [date] |
| Now or never | Urgency | HIGH | (avoid) |
| Final notice | Urgency | HIGH | Following up |
| While supplies last | Urgency | MEDIUM | (avoid for B2B) |
| Hurry | Urgency | MEDIUM | (avoid) |
| Immediate action | Urgency | HIGH | Action needed by [date] |
| Guaranteed | Promises | HIGH | We've seen / typical results |
| 100% satisfied | Promises | HIGH | (avoid) |
| Risk-free | Promises | HIGH | Try it first / cancel anytime |
| No risk | Promises | HIGH | No commitment needed |
| Promise | Promises | MEDIUM | We commit to / you can expect |
| Certified | Promises | MEDIUM | Verified / validated |
| Satisfaction guaranteed | Promises | HIGH | (avoid) |
| Results guaranteed | Promises | HIGH | Teams like yours see / typical outcome |
| No questions asked | Promises | HIGH | (avoid) |
| Congratulations | Manipulation | HIGH | (avoid in cold email) |
| You've been selected | Manipulation | HIGH | (avoid) |
| You're a winner | Manipulation | HIGH | (avoid) |
| Claim your | Manipulation | HIGH | Access your / get your |
| This isn't spam | Manipulation | HIGH | (never say this) |
| Not junk | Manipulation | HIGH | (never say this) |
| Opt in | Manipulation | MEDIUM | Sign up / get access |
| Remove from list | Manipulation | MEDIUM | Unsubscribe / stop receiving |
| This is not a solicitation | Manipulation | HIGH | (avoid) |
| Click here | Identity | HIGH | [Descriptive anchor text] |
| Visit our website | Identity | MEDIUM | Specific page name as link text |
| Call now | Identity | HIGH | Book a call / let's connect |
| Buy now | Identity | HIGH | Get started / try it |
| Order now | Identity | HIGH | Get started / request access |
| Subscribe now | Identity | MEDIUM | Join / get access |
| Sign up free | Identity | MEDIUM | Create your account / get started |
| Unsubscribe | Identity | CAUTION | (required by law — keep it, just don't lead with it) |
| Dear [first name] | Identity | MEDIUM | Hi [first name] / Hey [first name] |
| To whom it may concern | Identity | HIGH | (always use a name) |
| Hello friend | Identity | HIGH | (avoid) |
Formatting Triggers
These are structural patterns that modern spam filters flag — often more reliably than individual words, because they're harder to game.
Subject: YOU WON'T BELIEVE THIS RESULT triggers aggressive ML classifiers. Any all-caps word in a subject line adds meaningful spam score.
More than one exclamation point in a subject line (Great news!!) is a reliable spam signal. Zero or one per email is the rule.
Each link is a vector for phishing. Filters count them. For cold outreach, aim for one link or zero. Your CTA should be a reply request, not a URL.
bit.ly, tinyurl.com, ow.ly, and all short link services are flagged by default. Spam filters associate them with click-tracking obfuscation. Use full, clean URLs only.
Emails that are mostly image with little text look like spam to filters (spammers put text inside images to avoid keyword scanning). Keep images below 40% of email content by area.
Never attach files to a cold outreach email. Even a PDF one-pager from a clean domain adds significant spam score on first contact from an unknown sender.
White text on white background, 1px font, opacity 0 — spam filters can read this. Any attempt to stuff keywords invisibly triggers immediate classification.
More than 2 font sizes or any non-standard text colors in HTML email is a spam signal. Plain text or simple HTML performs best for cold outreach.
HTML-only emails with no multipart plain-text alternative get lower deliverability scores from major providers. Sending platforms handle this automatically — make sure yours is configured correctly.
Required by CAN-SPAM, GDPR, and CASL. Google's bulk sender rules (active since 2024) mandate one-click unsubscribe (RFC 8058) for senders over 5,000 emails/day to Gmail addresses. Violating this triggers enforcement.
Technical Triggers
| Trigger | Why It Flags | Fix |
|---|---|---|
| Sending from a free email domain (gmail.com, yahoo.com) | Major providers immediately classify cold email from free domains as spam — no business legitimacy signal | Register a sending domain. Never cold email from a personal Gmail. |
| From name ≠ domain (e.g. From: "Apple Support" sent from randomdomain.com) | Classic phishing pattern — filters check alignment between display name and sending domain | Keep your display name consistent with your sending domain |
| Mismatched From / Reply-To domains | Suggests the sender is hiding who they are | Send and receive replies on the same domain |
| No PTR (reverse DNS) record | Legitimate mail servers have reverse DNS. Missing PTR is a strong spam signal to receiving servers | Ask your hosting provider to set a PTR record pointing to your sending domain |
| Sending from a shared IP with spam history | If your email provider puts you on a shared IP that's been abused, you inherit the reputation | Use dedicated IPs for high-volume sending, or choose providers with clean shared IP pools |
| Sudden volume spike with no warmup | Going from 0 to 500 emails/day from a new domain in one week is a textbook spam pattern | Follow the warmup ramp in the Infrastructure section of this guide |
| Re-using exact templates across thousands of sends | Modern ML filters detect duplicate content patterns even with minor personalization tokens | Vary templates. Use A/B variants. Personalize beyond first name. |
| Sending to addresses that haven't engaged in 6+ months | Low engagement on your list trains filters to deprioritize your domain across all future sends | Segment and suppress unengaged addresses. Send only to people who are likely to respond. |
Test Before Every Campaign
Run these three checks before launching any new campaign or template. Takes under 10 minutes total.
KPIs & Monitoring
Your data quality is the single biggest variable in your deliverability
The best infrastructure in the world cannot protect you from sending to 20% invalid addresses.
Annual B2B Email Data Decay Rate
B2B contact data decays because:
- People change employers — their work email becomes invalid
- Companies are acquired, rebranded, or shut down
- Small companies let domains lapse
- Off-boarded employees' mailboxes are deleted, typically within 30-90 days
This is the most misunderstood concept in B2B email verification. Read carefully.
When a standard email verifier tries to check if john.smith@bigcorp.comis valid, it uses SMTP to knock on the mail server and ask "does this mailbox exist?" A catch-all server answers "yes" to every knock — not just for John Smith, but for every possible address at that domain.
The result: a standard verifier cannot tell if any specific email at a catch-all domain is real. So it labels the address "catch-all," "unknown," "risky," or "accept-all."These are all the same thing: the verifier failed to get an answer and is reporting its uncertainty.
The "Black Hole" Problem
The impact:
- Your bounce rate looks artificially low (no hard bounce returned)
- Your open rate drops (nobody ever received the message)
- You are burning sends and eroding your sender score simultaneously
Between 10-20% of B2B domains behave this way.
Catch-All Rate by Company Tier
Note: Accuracy figures reflect real-world cold email sending performance, not self-reported vendor claims.
| Vendor | Est. Accuracy | Catch-All Handling | Best For |
|---|---|---|---|
| RevenueBase | 95-98% | Resolves catch-alls | Enterprise-grade B2B accuracy, AI-ready data |
| Apollo | 78-87% | SMTP-based — returns catch-all label | Broad prospecting, integrated sequences |
| Clay | 88-94% | Depends on waterfall sources | Waterfall enrichment from 75+ sources |
| Cognism | 85-92% | SMTP-based | European data, phone-verified contacts |
| Fullenrich | 82-90% | Waterfall — inherits source limitations | Waterfall enrichment, good price/volume ratio |
| Hunter.io | 82-90% | SMTP-based | Domain-level email finding, SMB |
| Lusha | 80-87% | SMTP-based | European contacts, phone data |
| Tool | Method | Catch-All Handling | Best Use Case |
|---|---|---|---|
| RevenueBase | Domain-level existence check | Resolves catch-alls | Best accuracy for enterprise B2B lists |
| NeverBounce | SMTP ping | Returns "unknown" | Good bulk pricing, solid API |
| ZeroBounce | SMTP ping | Returns "catch-all" label | Strong on disposable/spam-trap detection |
| MillionVerifier | SMTP ping | Returns "risky" | Best price-to-volume ratio |
| Bouncer | SMTP ping | Returns "unknown" | Strong European compliance features |
| Debounce | SMTP ping | Returns "catch-all" label | Budget-friendly for high volume |
| Post-Verification Invalid Rate | Decision | Action |
|---|---|---|
| Under 2% | Send | Proceed — monitor bounce rate on launch |
| 2-5% | Proceed with caution | Send at reduced volume; monitor closely |
| 5-10% | Do not send | Clean further or get new data |
| 10%+ | Do not send | Source is too degraded — get fresh data |
| Over 15% catch-all (SMTP verifiers) | Run through RevenueBase first | Many catch-alls may be valid |
| Any spam traps detected | Do not send | Investigate source; remove all flagged addresses |
Run this before every new campaign:
Pre-Campaign List Cleaning
Data Quality
Diagnose and resolve every common deliverability issue
What happened:
Your sending platform hit a configured threshold. Common triggers: bounce rate exceeded 3%, spam complaint rate exceeded 0.08%, or consecutive delivery failures on multiple mailboxes.
Diagnose:
- Check the pause reason in campaign settings (Smartlead: Logs tab; Instantly: Campaign > Insights)
- Identify whether it was triggered by bounce rate, spam rate, or delivery failure
- Pull the bounce report and check which addresses triggered bounces
- Check whether bounces are concentrated in one email provider (all Gmail, all Outlook, etc.)
Fix:
- If bounce-rate triggered: Remove all hard-bounced addresses; re-verify list before resuming
- If spam-rate triggered: Review email copy for spam trigger words; check relevance of targeting
- If delivery failure triggered: Check DNS records on the sending domain; verify SPF/DKIM/DMARC are passing
- Run a deliverability test before resuming (Smartlead Spam Test or Instantly Inbox Checker)
What happened:
Your sending domain has been added to a commercial blocklist. Major blocklists include Spamhaus, Barracuda, SURBL, and MXToolbox.
Diagnose:
Fix:
- Stop all sending from the blacklisted domain immediately
- Submit removal requests (each blacklist has its own process)
- Remove the root cause: clean list, fix DNS, remove spam-trigger content
- If blacklisted multiple times: retire the domain — don't try to rehabilitate it
- Allow 24–72 hours for delisting to propagate before resuming
What happened:
Emails are delivered but not to Primary inbox. Gmail routes to Spam or Promotions; Outlook sends to Junk.
Diagnose:
Fix:
- Fix — Infrastructure: Verify SPF, DKIM, DMARC are all passing
- Check domain age — domains under 60 days are inherently untrusted
- Ensure warmup is active with healthy engagement
- Fix — Content: Remove spam trigger words (free, guarantee, click here, limited time offer)
- Remove all link shorteners (bit.ly, tinyurl.com) — strong spam signals
- Reduce links per email (aim for zero or one in cold outreach)
- Test without open tracking pixels — these can trigger spam filters
What happened:
Google Workspace or Microsoft 365 suspended or limited your sending account directly — not just a campaign pause in Smartlead/Instantly.
Diagnose:
- Log into the mailbox directly (Gmail/Outlook web) to check for suspension notices
- Check whether you can send manually from the mailbox
- Review Google Admin console or M365 Admin Center for account flags or security alerts
Fix:
- Google Workspace: Submit a review request via Admin console; explain you are a legitimate business
- Microsoft 365: Contact Microsoft support directly; accounts can often be reinstated with verification
- Reduce daily sending volume significantly before attempting to resume (start at 20–30/day)
- Do not log in from unfamiliar IPs — this triggers additional security flags
- If suspended repeatedly: Migrate affected domains to the other platform (Workspace <> M365)
What happened:
Bounce rate has crossed acceptable thresholds. Common causes: stale data, unverified list, domain-level rejection by a specific provider, or authentication failure.
Diagnose:
- Export full bounce report; sort by error code
- Group bounces by provider (Gmail vs. Outlook vs. corporate) and by code type (5xx vs. 4xx)
- 550 5.1.1 codes concentrated: data problem — addresses are invalid
- 550 5.7.x codes concentrated: authentication or policy problem
- 421 / 4xx codes concentrated: temporary throttling
Fix:
- Invalid addresses (5.1.1, 5.1.2): Remove; re-verify entire list before continuing
- Policy rejection (5.7.x): Fix authentication records; check if IP/domain is blacklisted
- Throttling (4xx): Reduce daily sending volume; spread sends over longer windows
- If bounce rate stays above 5% after list cleaning: the data source is the problem — get new data
What happened:
Campaigns are sending but nobody is replying.
Diagnose:
- Run an inbox placement test immediately — confirm emails are reaching Primary inboxes
- Check open rate: if under 20%, emails are likely going to spam
- If open rate is normal (30–50%) but reply rate is low (under 2%), this is a copy or targeting issue, not a deliverability issue
Fix:
- If open rate is low: Focus on deliverability fixes from Failure Mode #3
- If open rate is normal: Review email copy and targeting strategy
What happened:
Your email failed DMARC alignment. The receiving server is rejecting because SPF or DKIM is not passing in alignment with your DMARC policy.
Diagnose:
Fix:
- Temporarily set DMARC to p=none to diagnose without blocking email
- Fix alignment issues in SPF and DKIM
- Re-tighten DMARC policy after alignment is confirmed
What happened:
Your bounce report shows soft bounces or missing engagement from a significant portion of your list, but few hard 5xx codes. This is the classic catch-all "black hole" pattern.
Diagnose:
Note
Sending Limits
Complete SMTP reference guide for every bounce code
Every failed email in your sending platform logs a bounce code. This section is the complete reference for what each code means, whether it is a data problem, infrastructure problem, or content/policy problem — and what to do.
| Code Type | What It Means | Auto-Retry? |
|---|---|---|
| 4xx (Soft Bounce) | Temporary failure — receiving server says "not now, try later." Your mail server retries automatically over 24–72 hours. | Yes — auto-retry |
| 5xx (Hard Bounce) | Permanent failure — receiving server says "no, never." Retrying produces the same result. Suppress the address. | No — suppress immediately |
| Category | Type | What It Means |
|---|---|---|
| DATA | Hard bounce | Invalid or nonexistent email address |
| INFRA | Hard bounce | Your DNS, authentication, or IP reputation |
| POLICY | Hard or soft | Recipient server content/spam policy |
| TEMP | Soft bounce | Temporary condition — retry automatically |
Major providers append human-readable strings to standard codes. These tell you exactly what triggered rejection:
| Diagnostic String | Provider | What It Means |
|---|---|---|
| "Your message was blocked because the sender is unauthenticated" | DMARC failure — fix SPF/DKIM alignment | |
| "Our system has detected that this message is likely unsolicited mail" | Sending reputation is low or content triggered spam classifiers | |
| "The email account that you tried to reach does not exist" | Invalid address — remove from list | |
| "Mail rejected by Windows Live Hotmail for policy reasons" | Microsoft | IP or domain on Microsoft's SNDS blocklist |
| "Message rejected due to sender's blocked status" | Microsoft | IP is on Microsoft's blocklist — submit JMRP/SNDS removal |
| "Spam message rejected" | Barracuda | Recipient's Barracuda gateway blocked it — ask recipient to whitelist |
| "This message was classified as spam" | SpamAssassin | Content-based filter triggered — remove spam trigger words |
Pro Tip
Troubleshooting
KPIs, provider enforcement rules, and emergency protocols
| Metric | Healthy | Warning | Critical | Immediate Action |
|---|---|---|---|---|
| Hard Bounce Rate | < 1% | 1–2% | > 2% | Pause campaign; clean list; re-verify before resuming |
| Spam Complaint Rate | < 0.05% | 0.05–0.1% | > 0.1% | Pause immediately; review targeting and copy |
| Cold Email Open Rate | > 35% | 20–35% | < 20% | Likely in spam — run inbox placement test |
| Cold Email Reply Rate | > 3% | 1–3% | < 1% | Inbox placement or copy issue — diagnose before scaling |
| Unsubscribe Rate | < 0.5% | 0.5–2% | > 2% | List quality or relevance problem |
| Soft Bounce Rate | < 3% | 3–7% | > 7% | Reduce volume; investigate throttling patterns |
| Daily Volume / Mailbox | ≤ 100 | 100–150 | > 150 | Risk of ISP rate limits — spread across more mailboxes |
| Mailboxes / Domain | 2–3 | 3–4 | > 4 | Concentrates reputation risk — add domains |
| Provider | Spam Rate Threshold | Action at Threshold |
|---|---|---|
| Google (Gmail) | > 0.1% sustained; > 0.3% spike | Emails filtered to spam or hard-rejected (550) |
| Google (Workspace) | > 0.1% sustained | Account review; potential sending suspension |
| Microsoft (Outlook/Hotmail) | > 0.3% | IP/domain listed in SNDS; hard-rejected |
| Microsoft (365 Tenant) | > 0.3% | Outbound spam policy triggers tenant-level block |
| Yahoo / AOL | > 0.3% | Emails filtered; domain on dynamic blocklist |
Campaign auto-paused; sending mailbox rate-limited
--- Emails route to Spam instead of Primary
--- Google Postmaster Tools sender score drops
Domain appears on commercial blocklists (Spamhaus, Barracuda)
--- Google Workspace account flagged for abuse review
--- Microsoft SNDS listing — affects ALL senders from your IP range
Domain reputation permanently damaged
--- Inbox placement rates drop for all future sends from the domain
--- Best practice: retire domain, register new one
--- If Google Workspace account suspended: ALL mailboxes lose access
Key Insight
Trigger Conditions
Emergency Response Steps
Daily Health Check
Launch Readiness
Email list verification (resolves catch-alls)
Check SPF / DKIM / DMARC / Blacklists
Check sender score
Inbox placement testing
Email spam score + copy check
DMARC alignment check
Monitor Google sender reputation
Monitor Microsoft reputation