Most cold outreach lands in the spam folder for the same handful of reasons. None of them are mysterious — and almost all of them are fixable in an afternoon if you know what to check. This is the working list we ship with every MailFlow workspace.
1. Authenticate the domain before sending anything
SPF, DKIM and DMARC are not optional. Receivers use them as the cheapest possible signal of legitimacy. If any one of them is missing or misconfigured, you have already lost the war before your first send. Our Domain Health Center bulk-checks all three across every connected account, plus MX, RBL and TLS-RPT, in under 8 seconds.
2. Warm up cold accounts gradually
A brand-new sending domain trying to do 500 sends/day is a guaranteed reputation disaster. Start at 5–10 sends, ramp +5 per day, max out around 80 for the first month. If your tool does not let you set a per-account daily limit and a daily ramp-up step, replace your tool.
3. Use a custom tracking domain
Generic tracking URLs (think track.someplatform.com) hit every blacklist within weeks because they get used by both legitimate senders and abusers. Set up a CNAME on your own subdomain, even a free one. Open and click tracking should always go through your domain.
4. Ship plain-text whenever possible
Heavy HTML, image-heavy emails, multi-column layouts — all of these correlate with marketing mail and trigger spam filters. Cold outreach should look like a 1:1 message because it functionally is. Plain paragraphs, a single link, no images.
5. List-Unsubscribe + one-click unsubscribe
Both the List-Unsubscribe header and the List-Unsubscribe-Post header. Yahoo and Gmail both started enforcing this in 2024. Without it, your bulk mail will be silently filtered.
6. Spintax + variables on every send
If you send the same exact byte stream to 1,000 inboxes, you are advertising yourself as a bulk sender. Mustache variables ({{firstName}}, {{company}}) are table stakes. Layer spintax on top: {Hi|Hey|Hello} {{firstName}} changes every send and breaks the hash signature.
7. Cap volume per account
Gmail allows about 500 sends per day per account. Workspace allows 2,000. Outlook caps around 300 for personal and 10,000 for business. Stay well under those numbers; aim for 50–80% of the documented limit.
8. Stop on reply, always
Sending a follow-up after someone has already replied is the fastest way to get marked as spam. Your tool should detect replies in real time (IMAP IDLE) and kill the rest of the sequence within minutes, not the next day.
9. Suppression list across the workspace
Hard bounces and complaints are workspace-level signals, not campaign-level. If two of your sequences both hit a bad address, the second one shouldn't fire. A unified suppression list is a deliverability moat.
10. Schedule windows + timezone awareness
Mail at 3am local recipient time looks like spam. Restrict your sends to business hours in the recipient's likely timezone. Per-campaign and per-account scheduling windows are non-negotiable.
11. Test before you launch
Send a copy of your sequence to seed inboxes (Gmail, Outlook, Yahoo, Zoho, Proton) and check where it lands. If it went to Promotions on Gmail, the content needs work. If it went to Spam, your authentication needs work.
12. Watch the numbers daily
Open rate alone is increasingly meaningless (Apple Mail Privacy Protection). Watch reply rate, bounce rate and complaint rate per account. A bounce rate above 5% or complaint rate above 0.1% is your signal to pause and investigate before reputation tanks irrecoverably.
That's the playbook. None of it is theoretical — every step is enforced or surfaced somewhere in MailFlow because we built the product around it. If you want to skip the manual plumbing, start a free trial.