You wrote a perfectly good email. The person knows you. But it went straight to spam. Why?
The answer is almost never about the words you used. It is almost always about technical signals your domain sends before a single word is read. Spam filters make their decision in milliseconds — based on your DNS records, your IP reputation, your sending history — before your subject line is ever evaluated.
This guide covers all 12 reasons, ordered by how often they cause problems. Each one has a direct fix.
Before you read: Run a free test on CheckEmailDelivery.com first. It will tell you exactly which of these 12 issues apply to your email — in under 60 seconds. Then come back to fix the ones flagged.
Quick Summary: All 12 Reasons
| # | Reason | Impact | Fix Time |
|---|---|---|---|
| 1 | Missing or broken DKIM signature | CRITICAL | 30 min |
| 2 | SPF record missing or failing | CRITICAL | 15 min |
| 3 | No DMARC policy | HIGH | 10 min |
| 4 | IP on a blacklist | CRITICAL | varies |
| 5 | Domain on a blacklist | CRITICAL | varies |
| 6 | New domain (under 30 days old) | HIGH | time only |
| 7 | Spam trigger words in content | MEDIUM | 5 min |
| 8 | ALL CAPS in subject line | MEDIUM | 1 min |
| 9 | Too many images, not enough text | MEDIUM | 10 min |
| 10 | URL shorteners in links | MEDIUM | 5 min |
| 11 | High spam complaint rate | CRITICAL | strategic |
| 12 | Sending to unverified or old lists | HIGH | medium |
Reason 1: Missing or Broken DKIM Signature
DKIM Not Set Up
CRITICAL IMPACTDKIM (DomainKeys Identified Mail) is a cryptographic signature your email provider adds to every outgoing email. Gmail, Outlook, and Yahoo use it to verify the email actually came from you and was not tampered with in transit.
Google made DKIM mandatory for all bulk senders in 2024. Without DKIM, Gmail automatically places your email in spam — not sometimes, always.
Even for non-bulk senders, the absence of DKIM is a major negative signal. Spam filters give your email a significantly lower trust score the moment they see no DKIM signature.
- Log into your email provider (Google Workspace, Zoho, Outlook 365, etc.)
- Find the DKIM settings — usually under "Email Authentication"
- Click "Generate DKIM Key"
- Copy the TXT record (looks like:
v=DKIM1; k=rsa; p=MIGf...) - Add it to your domain DNS as a TXT record with the selector they specify
- Activate DKIM in your provider settings
- Wait 24–48 hours, then test again here
Reason 2: SPF Record Missing or Failing
SPF Not Configured
CRITICAL IMPACTSPF (Sender Policy Framework) tells the world which servers are allowed to send email on behalf of your domain. Without it, receiving servers have no way to verify your email is legitimate.
An SPF record is a DNS TXT record that looks like this:
v=spf1 include:_spf.google.com ~all
- Go to your domain registrar (Cloudflare, GoDaddy, Namecheap, etc.)
- Add a TXT record: Name =
@, Value =v=spf1 include:[YOUR_PROVIDER] -all - Common SPF includes: Google Workspace →
include:_spf.google.com - Never have more than 10 DNS lookups in one SPF record
Reason 3: No DMARC Policy
DMARC Record Missing
HIGH IMPACTDMARC ties your SPF and DKIM together and tells receiving servers what to do when your email fails authentication. Since February 2024, Gmail and Yahoo require DMARC for all senders above 5,000 emails/day.
- Add a DNS TXT record: Name =
_dmarc - Start with:
v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com - After 2 weeks, upgrade to p=quarantine
- Eventually move to p=reject for maximum protection
Reason 4–5: Your IP or Domain is Blacklisted
IP or Domain Blacklisted
CRITICAL IMPACTEmail blacklists (RBLs) are databases of IPs and domains known to send spam. Major providers check these lists before accepting any email. Being on Spamhaus alone can block you from 95% of enterprise inboxes.
- Run our free email test to see which blacklists you're on
- Spamhaus: Submit removal at spamhaus.org/query/ip/
- Barracuda: Self-service at barracudacentral.org/rbl/removal-request
- SpamCop: Auto-expires after 24h with no new reports
Reason 6: New Domain (Under 30 Days Old)
New Domain — No History
HIGH IMPACTSpam filters treat newly registered domains with automatic suspicion. If your domain is under 30 days old, some filters will flag your email by default.
- Set up SPF, DKIM, DMARC immediately
- Start with 10–20 emails per day to engaged recipients
- Gradually increase volume over 4–6 weeks
- Do not send cold outreach until the domain is 90+ days old
Reasons 7–10: Content Issues
7. Spam Trigger Words: Words like FREE, GUARANTEED, ACT NOW, LIMITED TIME, CLICK HERE trigger filters heavily.
8. ALL CAPS Subject Line: Using more than 1-2 capitalized words in a subject line is a major spam signal.
9. Too Many Images: Keep a 60/40 text-to-image ratio. Emails that are mostly images look like spam.
10. URL Shorteners: bit.ly, tinyurl, t.co are all flagged. Always use full, direct URLs.
Reasons 11–12: Sender Reputation
11. High Spam Complaint Rate: Gmail's threshold is 0.1% — if more than 1 in 1,000 recipients marks you as spam, you're in the danger zone. Above 0.3%, delivery is severely impacted.
12. Unverified Email Lists: Old, unverified lists contain inactive addresses that bounce. High bounce rates (above 2%) damage your reputation. Some addresses become spam traps that instantly blacklist you.
- Add a clear unsubscribe link to every marketing email
- Only email people who genuinely opted in
- Use email verification services before campaigns
- Remove unengaged subscribers after 90 days
- Never buy email lists
Ready to check your email? Run a free deliverability test at CheckEmailDelivery.com — we'll check all 12 of these issues automatically and show you exactly what's wrong.