Short answer. Emails land in spam for three groups of reasons: authentication failure (SPF, DKIM, DMARC missing or misconfigured), poor reputation of the sending IP or domain (blacklist listing, complaints, sending without consent), and suspicious content (spam words, broken HTML, image-only emails). Start by checking your domain authentication — it is the most common and the fastest fix.
Most common reasons emails go to spam
- Missing or wrong SPF — the recipient mail server cannot confirm your sending server is allowed to send for your domain.
- No DKIM signature — the message is not cryptographically signed, so it is easy to forge.
- No DMARC policy — no rule telling receivers what to do with mail that fails SPF and DKIM.
- Domain or IP on a blacklist (RBL/DNSBL) — Spamhaus, Barracuda and others flag you as a spam source.
- Bad reputation and complaints — many unsubscribes and "report spam" clicks.
- Content — spam triggers, no plain-text part, a single image-link.
Step 1. Check domain authentication
This is the foundation of deliverability. Without correct SPF, DKIM and DMARC, since 2024 Gmail and Yahoo route bulk mail straight to spam. Check your records with /email-check — it shows whether SPF, DKIM and DMARC exist and what is wrong with them.
dig txt example.com
# expected: "v=spf1 include:_spf.google.com ~all"
dig txt selector._domainkey.example.com
# DKIM record: "v=DKIM1; k=rsa; p=MIGfMA0GCSq..."
dig txt _dmarc.example.com
# "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"Step 2. Check whether you are blacklisted
If authentication is fine but mail still lands in spam, check IP and domain reputation. More in how to get off an email blacklist.
dig +short 2.0.0.127.zen.spamhaus.org
# any 127.0.0.x answer = IP listed on Spamhaus ZENStep 3. Fix the email content
- Always send multipart: HTML plus a plain-text alternative.
- Avoid overusing "free", "urgent", "100% guaranteed".
- Keep a healthy text-to-image ratio and include an unsubscribe link.
- Link with a trusted domain, avoid URL shorteners and redirects.
Authentication answers "who sent it". Reputation answers "how often you get reported". Content answers "how the email looks". You must fix all three layers.
Table: cause → check → fix
| Cause | How to check | What to do |
|---|---|---|
| No SPF | dig txt example.com | Add a TXT with provider include and ~all |
| No DKIM | dig txt selector._domainkey… | Enable signing at provider, add TXT |
| No DMARC | dig txt _dmarc.example.com | Add v=DMARC1; p=none; rua=… |
| Blacklisted | dig +short …zen.spamhaus.org | Submit a delisting request |
| Content | Spam-test the email | Add plain text, remove triggers |
If the domain is new, warm it up: start with small volumes and ramp gradually, or reputation drops from day one.
How enterno.io helps with deliverability
The /email-check tool analyzes your domain's SPF, DKIM and DMARC and points out the exact syntax errors. MX-lookup shows where your mail actually goes. Mail-server availability monitoring (SMTP/port) plus blacklist checks warn you if the server is down or the domain gets listed. To be clear: enterno diagnoses and monitors your setup — the DNS records in your zone are edited by you, the domain owner, and enterno does not send email. The free plan gives 10 monitors and 48+ diagnostic tools, including a DNS check.
FAQ
Why do emails go to spam only at one provider?
Each mailbox provider (Gmail, Outlook, Yahoo) runs its own filters and reputation lists. Most often the "problem" provider has your IP on a local blacklist or your DMARC policy fails specifically for it.
Will SPF alone work without DKIM?
No. Modern filters require SPF + DKIM + DMARC together. SPF breaks on forwarding while DKIM survives, so you need both, and DMARC binds them to the From domain.
How fast do emails leave spam after a fix?
DNS records update within minutes to hours (by TTL), but reputation recovers slower — from a few days to a couple of weeks of clean sending.
Start diagnosing: check your domain's SPF, DKIM and DMARC at /email-check and fix what it reports. See also SPF explained and reading DMARC reports.