How to Improve Email Deliverability: Action Steps Explained

What are the Action Steps?
Understanding the Action Steps
Closing Thoughts

With the seed-based email tests conducted by GlockApps, you receive comprehensive reports about the health of your sending infrastructure and your email deliverability across different inbox providers.

Our in-depth analysis allows you to pinpoint the issues and weak sides that may affect the placement of your emails and cause your messages to be delivered to Spam.

What are the Action Steps?

To guide you on what issues to address, GlockApps creates a list of recommendations based on the data received from the test. The recommendations are personalized for each message and are available under the Action Steps tab in the report.

The Action Steps summarize the issues or misconfigurations that increase the spam likelihood of the message and directly or indirectly cause it to be filtered out to Spam.

Senders are encouraged to go through the list of Action Steps in the report and implement them to increase the email’s Inbox placement ratio.

Understanding the Action Steps

The Action Steps cover all the aspects of the message creation and sending process. In order you can instantly see what area the issue is related to, the Action Steps are categorized by the icons placed on the left side.

The following categories of Action steps are available:

Message optimization related;
Technical issues related;
Inbox providers related.

The action steps related to the message design, layout, and formatting are labeled with a blue envelope icon. These action steps are created based on the analysis of the email HTML source, RAW code, text, headers, and the report returned by the SpamAssassin filter. They indicate content or formatting-related issues that may increase your email spam score.

Let’s examine the most common action steps in this category:

The message contains very large images

Not only may large images make the email content load slowly and affect user experience, but they also increase the message’s size considerably, which may be a red flag for spam filters.

How to act:

Optimize the images with a tool like TinyPNG or other.
Avoid using embedded images;
Upload the images to a website and link to them from the email.

The total image size is too large

GlockApps calculates the email’s size, which includes embedded content and headers, and the size of all the external images loaded into the content. This information is available under the Content Analysis tab in the report.

When the size of the external images is much greater than the size of the embedded content, this action step is generated. Mostly, it affects user experience and the speed of message loading on mobile devices. And it may be a bad signal to spam filters if a message takes too long to load.

How to act:

Optimize the images with a tool like TinyPNG or others;
Reduce the number of images;
Upload content with many images to a website, create an email copy with the 1-2 most important images, and include the link to the full version on the site in the email.

The List-Unsubscribe header is not found

Adding the List-Unsubscribe header field to outbound emails is required by Google and Yahoo providers. This header makes the recipients quickly unsubscribe from a sender’s emails with one click.

The implementation of the List-Unsubscribe header is highly recommended not only for compliance with the sender requirements but also for a better user experience – this will reduce the number of complaints as the unsubscribe link will not stay unnoticed.

How to act:

Read the documentation on how to add a one-click unsubscribe header with G o ogle and Yahoo;
Implement the List-Unsubscribe header for your outbound messages if it is possible with your email service provider.

The message contains too many links

GlockApps examines the email’s headers, plain text part, and HTML part of the email and counts all of the links it finds.

The inclusion of many links in the message makes the content look too marketing or promotional and may trigger anti-spam filters. Thus, the message is likely to go to the Promotions tab or, if it is not supported, to Spam. Additionally, an email overloaded with links or call-to-actions may not be good for the user experience.

How to act:

Go to the Content Analysis tab in the report and examine the information about the URLs found in the message;
Consider leaving the 2-3 most important links in the email;
Rewrite the message, if necessary, not to lose relevance after removing additional links or call-to-actions.

The message contains too many images

The inclusion of too many images in the email affects the way the message is perceived by spam filters and the recipients. For spam filters, an email overwhelmed with images, graphics, and other media elements may be a red flag. For the recipients, the email may not be rendered correctly, in particular, if the email client doesn’t display the images by default.

How to act:

Consider reducing the number of images to have a 65:35 text-to-image ratio;
Make sure your email is readable without images enabled;
Create a good plain text version of the email for the recipients who open the emails in plain text.

The message contains a URI associated with mass-marketing

This action step is created based on the report returned by the SpamAssassin filter, which verifies the domains used in the email’s content for their listing in the Raptor RBL. This blacklist adds domains associated with an activity prone to spaminess.

In most cases, it relates to tracking links used in the message. When you enable email tracking, your email service provider converts regular links into tracking links containing a domain owned by your email service provider (ESP) and shared among many senders.

How to act:

Disable email tracking for your email and test it without tracking links to see if your deliverability improves;
Set up a custom domain for email tracking if it is supported by your ESP;
Ignore this action step if your Inbox ratio is at a high level.

The message contains a URL listed in the URIBL greylist

The SpamAssassin filter checks the domains used in URLs in the message for their listings in URIBL. The URIBL greylist contains domains found in Unsolicited Bulk Email (UBE) and Unsolicited Commercial Email (UCE), and possibly honour opt-out requests. Some small inbox providers have the URIBL greylist verification enabled – this will impact the deliverability of your email.

How to act:

Avoid using the domain listed in the URIBL greylist in the message;
Set up a custom domain for email tracking if the greylisted domain is the default tracking domain supplied by your ESP;
Ignore this action step if your Inbox ratio is at a high level.

RAW: Spam with image tags with ridiculously huge HTTP URLs

If a message contains very long URLs, it can be a red flag for some content spam filters and add to your overall spam score. It is recommended to use links with less than 120 characters in length. Most of the time, tracking links stand for very long URLs.

How to act:

Disable email tracking for your email and test it without tracking links to see if your deliverability improves;
Set up a custom domain for email tracking if it is supported by your ESP;
Check the Content Analysis to define problematic links. If they are not associated with email tracking, simply replace or remove them;
Ignore this action step if your Inbox ratio is at a high level.

The plain text part is missing

HTML-only messages are more likely to be subject to content filters than emails sent in a MIME format. In a MIME format, different parts of the email, like a plain text version, an HTML version, and attachments, are separated by a boundary. This allows the recipients reading emails in plain text to access the content.

How to act:

Use an ESP, which sends the emails in a MIME format;
Verify a plain text version if it is accessible to ensure it can be read and understood, and includes URLs as full links.

The action steps related to the sending infrastructure are labeled with a yellow Settings icon. These action steps are created based on the analysis of the configuration of the crucial email authentication protocols (SPF, DKIM, and DMARC), the server’s settings (rDNS, HELO to IP), and the sending process. Failure to fix these issues may lead to Spam placements or message rejections.

Below, we examine the most common action steps related to the sending process and configuration:

The sender domain does not have a valid SPF record

Senders must authenticate their domain with a valid SPF record published in DNS. An invalid record is likely to cause Spam folder placements, especially with the major inbox providers such as Google, AOL, Yahoo, and Outlook.

How to act:

Verify the SPF record for your sender’s domain with our free SPF Checker;
Make the needful corrections if the record is returned as invalid;
Make sure the SPF record is 10-DNS lookup compliant and includes all of your legitimate sending sources;
If you use a custom Return-Path domain, publish a valid SPF record for the Return-Path domain as well;
Set an uptime monitor for the SPF record to have it tested on a regular basis and receive alerts from GlockApps when the record goes invalid.

Your message failed the SPF alignment test

SPF alignment fails when the domain used in the “Return-Path” email address doesn’t match the domain used in the header’s “From” email address, nor is a subdomain of the “From” domain. If both SPF alignment and DKIM alignment fail, the email will fail DMARC authentication and will be filtered to Spam or rejected.

The implementation of this action step depends on the email service provider. Many email service providers automatically put an email address set up on their own domain in “Return-Path” without an option to change this. Some providers allow clients to configure their own domain for “Return-Path.”

How to act:

Contact your ESP about the ability to set up a custom domain for “Return-Path”;
Follow the instructions to set up a custom “Return-Path” domain provided by your ESP;
Consider setting up a subdomain on your main domain for “Return-Path”, for example, @bounce.domain.com.
Verify the DMARC record published for your domain, and if it has the “aspf” tag, make sure it is set to “relaxed” (aspf=r) to allow the use of a custom subdomain in the “Return-Path” field;
Make sure your emails are properly authenticated with DKIM if your ESP doesn’t support custom domains for “Return-Path”.

Your message failed the DKIM alignment test

DKIM alignment fails when the domain used in the d= tag in the DKIM signature doesn’t match the domain used in the header’s “From” email address, nor is a subdomain of the “From” domain. If both SPF alignment and DKIM alignment fail, the email will fail DMARC authentication and will be filtered to Spam or rejected.

It’s highly important for your emails to pass DKIM alignment because SPF alignment may fail due to restrictions of the ESP – custom “Return-Path” domain is not allowed.

How to act:

Enable DKIM signing on behalf of your custom domain in Google Workspace or Office365 if you send emails using either of these providers, or follow the instructions to set up a custom domain for DKIM signing provided by your ESP;
Verify the DMARC record published for your domain and if it has the “adkim” tag, make sure it is set to “relaxed” (adkim=r) to allow the use of a custom subdomain in the DKIM signature.

The sender domain doesn’t have a DMARC record

DMARC records are essential for email authentication and deliverability. According to the latest sender requirements published by Google, Yahoo, and Microsoft, any sender’s domain must have a valid DMARC record. Bulk senders must publish a DMARC record with the “quarantine” or “reject” policy.

How to act:

Generate a DMARC record with the GlockApps DMARC Analytics tool and publish it in your domain’s DNS;
Monitor the domain’s data in the DMARC Analytics dashboard to see how your emails are authenticated and if there are any issues or anomalies;
Address SPF, DKIM, and DMARC failures for your legitimate (known) sources;
Gradually enforce your DMARC policy to enhance domain protection and security, and adhere to the sender requirements;
Set an uptime monitor for the DMARC record to have it tested on a regular basis and receive alerts from GlockApps when the record goes invalid.

The DMARC policy is set to “none”

The DMARC policy set to “none” means the domain is unprotected against email spoofing or unauthorized use. While emails failing DMARC authentication may still be delivered, it is important to understand that this opens the door to bad actors who may be sending their harmful messages on behalf of your domain, hurting your sender reputation and email deliverability.

How to act:

Use GlockApps DMARC Analytics to collect and process DMARC reports;
Investigate unauthorized (unknown) sources for your domain to see who might be affecting your deliverability;
Examine and address authentication failures, in particular DMARC failures, for your known sources;
Gradually adjust your DMARC policy to “quarantine” and then “reject” to enhance email security.

The DMARC policy is set to “quarantine”

The implementation of an enforcement policy allows you to block malicious messages that may be sent by bad actors on behalf of your domain.

However, in case of DMARC failures, legitimate emails may be mistakenly quarantined. Therefore, ongoing monitoring and adjustments are necessary to maintain email deliverability while enhancing security.

How to act:

Use GlockApps DMARC Analytics to collect and process DMARC reports;
Investigate sending sources and examine email authentication outcomes for your known sources;
Ensure the messages sent by your legal sources pass DMARC based on either SPF or DKIM alignment or both to avoid them being quarantined or sent to Junk;
Use DMARC Analytics Digests to watch the status of your domain, notice changes in the authentication ratios, and fix the issues in a timely manner.

The DMARC policy is set to “reject”

The DMARC policy set to “reject” gives the highest level of domain protection against spoofing attacks. However, while it secures your domain, it can affect your ability to deliver email communications if your emails fail DMARC. Thus, regular monitoring of your email authentication outcomes is necessary.

How to act:

Use GlockApps DMARC Analytics to collect and process DMARC reports;
Investigate sending sources and address DMARC failures for your legitimate (known) sources if they happen;
Ensure the messages sent by your legal sources pass DMARC based on either SPF or DKIM alignment or both to avoid message rejections;
Use DMARC Analytics Digests to watch the status of your domain, notice changes in the authentication ratios, and fix the issues in a timely manner.

The sender domain has a DMARC record, but it is not pointing to GlockApps DMARC Analytics

This action step is not a real issue but rather a statement of the fact that you may not be taking advantage of the data received in DMARC reports.

When you implement DMARC for your domain, it is important to analyze the data that is sent in DMARC reports to ensure your legitimate messages pass SPF, DKIM, and DMARC authentication. Without this, many critical issues and unauthorized sources may stay unnoticed, harming your deliverability and increasing Spam placements.

How to act:

Start using GlockApps DMARC Analytics to collect and process DMARC reports;
Analyze the DMARC data to get visibility on how your emails are authenticated;
Address authentication failures for your legitimate messages if they happen and investigate unauthorized sources;
Gradually adjust your DMARC policy to “quarantine” or “reject” to enhance email security if it’s currently set to “none”;
Use DMARC Analytics Digests to watch the status of your domain, notice changes in the authentication ratios, and fix the issues in a timely manner.

The DMARC record on the sender domain has errors

These errors can be associated with the record syntax, configuration, or ability to receive DMARC reports and can lead to DMARC test failures if a receiving server is unable to find a DMARC record or correctly read it.

How to act:

Use our free DMARC Checker to verify the DMARC record for your domain;
Examine the detailed report to see which tags in the DMARC record needs to be fixed;
Pay attention to the email addresses used in the RUA and RUF tags and make sure they are set up on the same domain for which the DMARC record is published;
Add a verification DNS TXT record to the domain used in the RUA and RUF tags if the email addresses are set up on a domain other than your sender’s domain;
Set an uptime monitor for the DMARC record to have it tested on a regular basis and receive alerts from GlockApps when the record goes invalid;
For additional information about DMARC tags, use this guide: DMARC Tags: Explanation and Examples.

Note: the GlockApps domains (ar.glockapps.com and fr.glockapps.com) are already configured to receive DMARC reports for other domains.

The “To:” field has more than 25 recipients

When you put many email addresses in the email’s “To:” field, spam filters may consider this a bulk mailing. In particular, SpamAssassin adds 0.2 points to the email spam score.

How to act:

Create a new list in your ESP, import the seed list, and send the message to the list instead of pasting the email addresses in the “To:” field;
Use a split seed list and send the same message with the same test id to each list of 25 email addresses.

The message is sent via a relay listed in spamcop.net

The SpamCop Blocking List (SCBL) lists IP addresses that have transmitted reported email to SpamCop users, fueled by a number of sources, including automated reports and SpamCop user submissions. SpamCop, service providers ,and individual users then use the SCBL to block and filter unwanted email. The IP is automatically de-listed when spam reports stop.

How to act:

Stop sending emails from the listed IP address;
Switch to a different IP address to let the listing in SpamCop automatically expire (applicable if your dedicated IP address is listed);
Inform your ESP about the IP address listed in the SpamCop blacklist if the listed IP is in a shared IP pool;
Change the ESP if your current provider doesn’t exclude the listed IP from the pool;
Verify your email list acquisition sources to ensure you have opt-in people on your list;
Ensure you send relevant messages;
Verify your sending frequency to ensure you don’t send too often or make your list freeze;
Double-check your unsubscribe process to ensure you honor unsubscribes timely;
Sign up for feedback loop services to receive alerts when your email is reported as spam in order to remove the user from your list (applicable if you are operating your own SMTP server).

The action steps related to the particular Inbox provider are labeled with the provider icon. GlockApps returns the action steps for the major providers Gmail, Yahoo, AOL, and Outlook if the spam test report shows Spam folder placements for any of these.

It’s important to understand that Inbox providers don’t return a clear reason of why the message was filtered out to Spam. Thus, the action steps mostly give general recommendations, best practices, and provide references to useful resources that may help you troubleshoot deliverability issues.

The message hit the Yahoo Spam folder

How to act:

Manage your mailing list by removing hard bounce and complaining recipients;
Exclude inactive users (6+ months of inactivity) from your mailing list;
Keep your user-reported spam ratio below 0,3%;
Implement DKIM, SPF, and DMARC authentication for your outbound emails;
Check the IP Analytics report to see if any of the sending IP addresses are spotted in blacklists;
Click on an IP address that was spotted in blacklists and follow the provided links to submit a removal request with the blacklist (applicable for dedicated IP addresses);
Set up an uptime monitor to test the sending IP address against blacklists and receive an alert when it gets listed (applicable for dedicated IP addresses);
Implement a one-click unsubscribe header if it’s applicable;
Read Yahoo Sender Practices to see if you are compliant.

The message hit the AOL Spam folder

AOL has its own IP reputation monitor and rates the sender’s IP reputation as “bad”, “neutral”, and “good”. A “neutral” reputation is generally OK. If your IP reputation is “bad” with AOL, you’ll see your emails filtered out as junk mail or blocked altogether.

How to act:

Manage your mailing list by removing hard bounce and complaining recipients;
Exclude inactive users (6+ months of inactivity) from your mailing list;
Keep your user-reported spam ratio below 0,3%;
Implement DKIM, SPF, and DMARC authentication for your outbound emails;
Verify the sender score of the sending IP address (applicable for dedicated IP addresses);
Check the IP Analytics report to see if any of the sending IP addresses are spotted in blacklists;
Click on an IP address that was spotted in blacklists and follow the provided links to submit a removal request with the blacklist (applicable for dedicated IP addresses);
Set up an uptime monitor to test the sending IP address against blacklists and receive an alert when it gets listed (applicable for dedicated IP addresses);
Read AOL sender practices to see if you are compliant.

The message hit the Gmail Spam folder

How to act:

Manage your mailing list by removing hard bounce and complaining recipients;
Exclude inactive users (6+ months of inactivity) from your mailing list;
Keep your user-reported spam ratio below 0,3%;
Implement DKIM, SPF, and DMARC authentication for your outbound emails;
Check the IP Analytics report to see if any of the sending IP addresses are spotted in blacklists;
Click on an IP address that was spotted in blacklists and follow the provided links to submit a removal request with the blacklist (applicable for dedicated IP addresses);
Set up an uptime monitor to test the sending IP address against blacklists and receive an alert when it gets listed (applicable for dedicated IP addresses);
Connect to your Google Postmaster account in the GlockApps Integrations and examine the domain reputation dashboards;
Read Google Sender Guidelines to see if you are compliant.

The message hit the Outlook Spam folder

How to act:

Sign up for Microsoft’s Smart Network Data Services and analyze the traffic originating from your IP address, noticing spam trap hits and user complaints (applicable if you send emails from a dedicated IP address);
Check your current IP Reputation data and request removal if you are listed (applicable if you send emails from a dedicated IP address);
Track your complaint rate, bounce rate, blocked and dropped messages as they influence Outlook’s inbox placement;
Use a different “From” email address set up on the same or on a different domain;
Create a subdomain and set up a new mailbox on the subdomain, warm up the new mailbox up and send the emails to your Outlook users from a new mailbox;
Use a different SMTP server or email service provider to send messages to Outlook users;
Get the domain added to Microsoft’s whitelist.

The message was marked as Suspected Spam

The Microsoft spam filtering system assigns the Spam Confidence Level (SCL) to any message sent to Microsoft domains. SCL ranges from 0 to 9. The assigned value is added to the message headers. The message is marked as Suspected Spam if SCL is 5 or 6. This means the email is likely to be delivered to the recipients’ Junk folders at Microsoft domains.

How to act:

Sign up for Microsoft’s Smart Network Data Services and analyze the traffic originating from your IP address, noticing spam trap hits and user complaints (applicable if you send emails from a dedicated IP address);
Ensure your emails are properly authenticated with SPF, DKIM, and DMARC;
Use URLs hosted on reputable sites in the message;
Avoid sending suspicious or large attachments;
Use a clean HTML code;
Use an ESP that automatically adds a plain text version to an HTML-formatted message;
Create a message with a 65:35 text-to-image ratio;
Control email volume from the domain;
Switch the sending email address, domain, and/or IP for your Microsoft recipients.

The message was marked as High Confidence Spam

The message is marked as High Confidence Spam if SCL is 7, 8, or 9. This means the email will be delivered to the recipients’ Junk folders at Microsoft domains.

How to act:

Sign up for Microsoft’s Smart Network Data Services and analyze the traffic originating from your IP address, noticing spam trap hits and user complaints (applicable if you send emails from a dedicated IP address);
Ensure your emails are properly authenticated with SPF, DKIM, and DMARC;
Use URLs hosted on reputable sites in the message;
Avoid sending suspicious or large attachments;
Create a message with a 65:35 text-to-image ratio;
Change the email template or rewrite the message content;
Control email volume from the domain;
Switch the sending email address, domain, and/or IP for your Microsoft recipients;
Create a subdomain on your current domain, set up a new mailbox, and work on a good warmup to use the new mailbox for your Microsoft users.

Bulk Complaint Level (BCL) is medium

In addition to the Spam Confidence Level, the Microsoft Exchange Online Protection (EOP) assigns the Bulk Complaint Level (BCL) to inbound messages. BCL ranges from 0 to 9.

BCL 4, 5, 6, and 7 indicates that the message is from a bulk sender that generates a mixed number of complaints.

How to act:

Use an opt-in method to collect recipients;
Put an unsubscribe link in a visible place;
Preferably use a one-click unsubscribe process;
Control your sending volume and frequency;
Remove the recipients who complained from your mailing list;
Exclude inactive recipients (6+ months of inactivity) from your list.

Bulk Complaint Level (BCL) is high

BCL 8 and 9 indicates that the message is from a bulk sender that generates a high number of complaints.

How to act:

Check your email address acquisition methods to ensure you send emails to opted-in recipients;
Avoid sending emails to people who did not request your messages;
Avoid buying or scraping email addresses on the Internet;
Exclude inactive recipients (6+ months of inactivity) from your list;
Exclude complaining users from future mailings;
Put an unsubscribe link in a visible place;

Preferably use a one-click unsubscribe process;
Honor unsubscribe requests within 24 hours;
Make sure to send relevant content meeting the recipients’ expectations;
Control your sending volume and frequency.

Closing Thoughts

The Action steps in GlockApps point you to the weak sides in your email environment, sending practices, and messages. Implementing the recommendations can definitely help you improve the Inbox placement ratios.

However, it’s important to understand that email deliverability is mostly determined by your sender reputation, which is built based on your list management and sending habits. Sometimes, it is only possible to improve deliverability by improving sender reputation or starting with a new reputation by getting a new dedicated IP address or sender’s domain.

If you are hesitating about your next steps, you can book a consulting call with a delivery expert. In a 1-hour consultation, you will be given step-by-step instructions on how to proceed in order to improve your Inbox placement in general or with particular providers.