To stop email going to spam, you must properly set up email security codes like SPF, DKIM, and DMARC to confirm your business identity.

Hitting “send” often feels like a dice roll 🎲

“Will this actually get to the right destination?”

At worst, your email hits the spam folder, and you have no other way to communicate with your contact.

Effectively putting an end to any hopes you had of delivering a quote, setting up a meeting or just sending a message to a subscriber.

At best, you resort to calling them with a semi-panicked “Just checking to see if you got my last email?”

Either way, getting stuck in spam is an unprofessional look in 2025.

You may have even ended up here and not even known it.

Think about all the times you never heard back from a contact.

On average, 10.5% of emails end up in the spam folder.

This means that roughly 1 in 10 sends fail to reach the primary inbox.

That’s a lot of business development opportunities being left on the table.

And it’s not a fluke.

It’s a direct result of spam filters flagging suspicious messages.

Whether you paid serious $’s to get a professional copywriter to put together an email campaign.

Or, you burnt the midnight oil crafting the perfect customised email.

It’s all worthless if you don’t get the message in front of the audience’s eyes 👁️

Read on to discover the correct way to “spam-proof” your emails.

Landing them front and centre in the primary inbox.

Warning

**The following advice is for those who use their own domain (like a business email). You can’t install the security features needed to prevent spam on a borrowed domain (like a free webmail one, such as “gmail.com”.**

How to Stop Email Going to Spam (Fix Your Sender Domain)

Staying out of spam is built on correctly authenticating your sender domain (the part of your email address after the “@” symbol).

Authentication relies on three critical protocols: SPF, DKIM, and DMARC.

Put simply, these records act like digital ID cards for your emails-they help prove to email providers that your sends really are coming from you.

Not a scammer pretending to be your business.

When you get these set up right, they spike your sender credibility.

And that means increasing your ability to dodge spam filters.

Step by Step: The Path to Authentication

1) Ensuring the SPF and DKIM Are Optimised 📈

a. Make a Complete Sender List

Make a list of every single service sending email on your domain (e.g., primary mailbox host, marketing platform, customer relationship management system, transactional email service).

This list will be needed to craft your single, optimised SPF record.

b. Retrieve DKIM Codes

For each service on your list, retrieve the unique DKIM code (key) from that service’s settings menu.

2) Delegate Implementation of all Protocols 🫵

a) Find Out Who’s Your DNS Management Provider

For the quickest and most secure setup, get in touch with your DNS management provider (this is often your domain host, but may be a separate service).

**Click here to find out who your DNS management provider is if you are unsure.**

Once, you know who to contact provide them with the following information:

b) The Issue

Clearly explain that you need to publish SPF, DKIM, and DMARC records to improve email deliverability and sender credibility.

c) The Codes/Records

SPF: Provide a complete list of authorised sending services from Step 1(a), and ask them to create a single, consolidated SPF record that includes all these services.

DKIM: All the exact unique DKIM codes (keys) you retrieved in Step 1(b), clearly marked by service (e.g., “DKIM code for my marketing service”).

DMARC: Ask your provider to implement a basic DMARC record with a “monitoring policy (p=none)”. You should also provide them with an active email address for receiving DMARC reports, which will help you monitor your traffic and know if further optimisation is needed.

d) The Request

Instruct them to publish all these codes/records as TXT records within the domain’s DNS management area.

3) Verify All Protocols Are Live (Peace of Mind) ✅

Once your DNS management provider confirms they have published the records, you can verify they are live and publicly visible using the following method. Beware, DNS updates can sometimes take a few hours to propagate.

a) Access the DMARC Domain Checker.

b) Enter your email domain in the text box pictured below (not your whole email address, just the text after the “@” symbol).

c) Review the results.

The following outcomes are optimal:

Status	Meaning
✅ A valid DMARC record	DMARC foundation is in place
✅ A valid SPF record	Sending servers are authorised
✅ A valid DKIM record	Emails are digitally signed and verified

If the DMARC Domain Checker indicates all three records are valid, consider the foundational authentication process complete.

⚠️ Caution: The DMARC Domain Checker Can Be Misleading

While the checker confirms your records are published, it does not check if your actual email is working correctly.

To get 100% certainty that all your email is authenticated, you must actively monitor the DMARC reports you set up in Step 2(c).

4) Final Step: Accessing and Understanding Your DMARC Reports 📊

You have successfully published all the necessary protocols.

The final task is to interpret the DMARC reports that confirm everything is working as intended:

a) Use an analyser tool

These reports are complex and unreadable XML files. You must forward them to a free or paid DMARC Analyser service e.g. Dmarcian.

b) Gain Visibility

The Analyser service processes the data into clear, simple dashboards showing the authentication status (pass/fail) for every email source sending mail on your domain.

This is how you will discover any missed services or misconfigurations and ultimately achieve 100% authenticated email.