RevrepRevrep

Product

Sequences
AI Messaging
Analytics
Deliverability
Inbox Management
Contact Management

Use Cases

🏢Agencies🚀SaaS Founders📈Sales Teams💼Small Business
PricingBlog
Get StartedLog in
Back to Blog
Deliverability8 min read

Cold Email Deliverability Guide: How to Hit the Primary Inbox in 2026

SPF, DKIM, DMARC, warm-up schedules, and the sending habits that keep you out of spam.

RT

Revrep Team

March 7, 2026

Why Deliverability Is the Foundation of Cold Email

Nothing else matters if your emails land in spam. Not your offer, not your copy, not your list. Deliverability is the prerequisite that makes everything else possible. In 2026, mailbox providers have gotten significantly stricter about filtering unsolicited email, which means the fundamentals matter more than ever.

This guide covers the full deliverability stack from domain authentication to daily sending habits. Whether you're launching your first campaign or troubleshooting declining open rates, start here.

Step 1: Domain Authentication (SPF, DKIM, DMARC)

Domain authentication tells mailbox providers that you are who you say you are. Without it, your emails are essentially unsigned letters — easy to ignore and easy to flag.

SPF (Sender Policy Framework)

SPF tells receiving servers which IP addresses are allowed to send email on behalf of your domain. You publish an SPF record in your DNS that lists your authorized senders. If an email comes from an IP not in that list, it fails SPF and is more likely to be rejected.

Key rule: You can only have one SPF record per domain. If you use multiple sending services, combine them into a single record using the include: mechanism.

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to every email you send. The receiving server checks this signature against a public key published in your DNS. If the signature matches, the email passes DKIM — proving it wasn't tampered with in transit.

Most email sending platforms generate DKIM keys for you. Your job is to add the CNAME or TXT record they provide to your domain's DNS settings.

DMARC (Domain-based Message Authentication)

DMARC ties SPF and DKIM together and tells mailbox providers what to do when authentication fails. Start with a monitoring policy (p=none) to collect reports, then move to p=quarantine or p=reject once you're confident everything is configured correctly.

Revrep Pro tip: On our Pro plan, we handle all domain authentication for you — SPF, DKIM, and DMARC are configured automatically when we provision your sending domains.

Step 2: Use Separate Domains for Outbound

Never send cold email from your primary business domain. If your outbound reputation takes a hit, it should not affect your team's regular business communication or your marketing email deliverability.

Set up dedicated sending domains that are similar to your main domain. For example, if your company domain is acme.com, use variations like acme-mail.com,getacme.com, or tryacme.com. Each domain should have its own authentication records and its own reputation.

How many domains? Plan for 2-3 sending domains per campaign. Each domain should have 2-3 inboxes. This gives you enough rotation to distribute volume without overloading any single sender.

Step 3: Warm Up Before You Send

New domains and inboxes have no sending history. Mailbox providers treat unknown senders with suspicion. Warm-up is the process of gradually building a positive sending reputation before you start your actual campaigns.

A proper warm-up takes 14-21 days. During this period, your inboxes exchange emails with a warm-up network — sending, receiving, opening, and replying to build engagement signals that tell Google and Microsoft this is a legitimate sender.

Warm-up schedule:

  • Days 1-3: 5-10 emails per day per inbox
  • Days 4-7: 10-20 emails per day
  • Days 8-14: 20-30 emails per day
  • Days 15-21: Ramp to your target sending volume

Keep warm-up running even after you start campaigns. The ongoing engagement signals help maintain your reputation as you scale.

Step 4: Respect Sending Limits

Every mailbox provider has daily sending limits. Exceeding them triggers rate limiting or account suspension. Here are the practical limits for cold outbound:

ProviderDaily Limit (New Account)Daily Limit (Warmed Up)
Google Workspace20-3050-75
Microsoft 36520-3050-80
Custom SMTPVaries100-150

These numbers are per inbox, not per domain. With 3 warmed-up inboxes across 2 domains, you can send 300-450 emails per day while staying well within safe limits. The key is distributing volume evenly and randomizing send times.

Step 5: Write Emails That Humans Actually Engage With

Deliverability is not purely technical. Engagement signals — opens, replies, clicks — feed directly into your sender reputation. If people open and reply to your emails, providers learn to trust your sending patterns. If people ignore or report you, your reputation degrades.

Practical rules for engagement-friendly cold emails:

  • Keep it short. Aim for 50-80 words in the body. Shorter emails get higher reply rates and signal that you respect the recipient's time.
  • One ask per email. Don't include multiple CTAs. Ask one simple question or propose one clear next step.
  • Skip the HTML. Plain text emails look more personal and avoid rendering issues that trigger spam filters.
  • Avoid spam trigger words. Words like "guarantee," "free," "act now," and excessive exclamation marks raise red flags.
  • Personalize beyond the first name. Reference something specific about the recipient's company, role, or recent activity. Generic templates feel like spam because they are spam.

Step 6: Monitor and React

Deliverability is not a set-it-and-forget-it exercise. You need to watch your metrics and adjust when something shifts.

Key metrics to track:

  • Open rate: Below 30%? Check your subject lines and sender reputation.
  • Bounce rate: Keep this under 3%. Higher means your list has bad data.
  • Spam complaint rate: Must stay below 0.3% — this is now a hard rule enforced by Google and Microsoft.
  • Reply rate: Positive replies are the strongest signal. If replies drop, your copy or targeting needs work.

When metrics decline, pause and diagnose before sending more volume. Sending into a deteriorating reputation makes things worse, not better.

Step 7: Include a One-Click Unsubscribe

As of 2024, Google and Yahoo require bulk senders to include a one-click unsubscribe mechanism. Microsoft followed in 2025. Even though cold email operates in a gray area compared to marketing email, including an unsubscribe option reduces spam complaints and signals good faith to mailbox providers.

This doesn't mean adding a big unsubscribe footer that kills your reply rate. You can implement it via the List-Unsubscribe header, which shows the unsubscribe option in the email client UI without cluttering your message body.

The Deliverability Checklist

Before launching any cold email campaign, verify:

  1. SPF, DKIM, and DMARC are configured and passing
  2. You're sending from a dedicated outbound domain (not your primary domain)
  3. Inboxes have been warmed for at least 14 days
  4. Sending volume is within safe limits per inbox
  5. Your contact list has been verified (bounce rate under 3%)
  6. Emails are personalized and under 80 words
  7. One-click unsubscribe is implemented via List-Unsubscribe header
  8. You have monitoring in place for open rates, bounces, and complaints

Revrep handles all of this. Our platform automates domain setup, warm-up, sending limits, and reputation monitoring. On the Pro plan, your dedicated team manages the entire deliverability stack so you can focus on closing deals.

Ready to improve your cold email results?

Start sending smarter cold emails with Revrep. AI-powered personalization, built-in deliverability, and managed infrastructure.

Start FreeRead More Articles