Email Deliverability Guide for Spiritual Business Newsletters: 2026
Spam rate above 0.30% = Gmail blocks your domain. Feb 2024 mandate requires SPF+DKIM+DMARC. Full setup and list hygiene guide for practitioners.
Authenticated email with good technical setup still landed in spam more than 30% of the time in 2025 when engagement was low. Authentication is required - it is not sufficient. The practitioners who see 40-50% open rates on their spiritual newsletters are not running secret technical configurations; they are sending to people who actually want to read them and pruning everyone else. This guide covers both layers: the technical requirements that became mandatory in February 2024, and the list hygiene that determines whether authenticated mail gets read.
Sources: support.google.com/a/answer/81126 (Google official); chronos.agency/blog/gmail-yahoo-email-sender-requirements-2026 (2026).
What Changed in February 2024 (and What It Means Now)
On February 1, 2024, Google and Yahoo began enforcing authentication requirements for bulk senders - anyone sending 5,000 or more emails per day to Gmail addresses. The requirements:
1. SPF record configured for your sending domain
2. DKIM signature set up and passing
3. DMARC policy published at `p=none` minimum
4. One-click unsubscribe in every email header
5. Spam complaint rate below 0.10% (safe zone)
Microsoft/Outlook added similar requirements in 2025. For practitioners under 5,000 sends per day - which is most solo operators - SPF and DKIM are strongly recommended; DMARC is becoming standard. The enforcement for small senders is softer but the directional pressure is clear: unauthenticated mail gets increasingly deprioritized.
Practitioners using Gmail or a personal email address to send newsletters to 500+ subscribers are sending unauthenticated bulk mail. Gmail throttles or spam-folders these sends.
Setting Up SPF
SPF (Sender Policy Framework) is a DNS TXT record on your domain that lists which mail servers are authorized to send email from your domain address.
How to set it up:
1. Log into your domain's DNS provider (Cloudflare, Namecheap, GoDaddy, etc.)
2. Add a new TXT record with the name `@` (or your root domain)
3. The value depends on your email sending platform:
- ConvertKit/Kit: `v=spf1 include:spf.infusionsoft.com ~all`
- Mailchimp: `v=spf1 include:servers.mcsv.net ~all`
- Beehiiv: check your Beehiiv domain settings panel for the current record
4. DNS propagation: 10-15 minutes on most providers
If you use multiple sending services, combine their includes in one SPF record. You cannot have two separate SPF TXT records on the same domain - the second one overrides the first.
Verify your SPF is passing using MXToolbox (mxtoolbox.com/spf.aspx) - free, no account required.
Setting Up DKIM
DKIM (DomainKeys Identified Mail) adds a cryptographic signature to outgoing emails. The recipient's mail server verifies the signature against a public key in your DNS. If the email was modified in transit, the signature fails.
Most email service providers (Kit, Mailchimp, Beehiiv, MailerLite) handle DKIM signing on their end automatically once you verify your domain with them. Setup:
1. In your ESP's domain settings, find the DKIM configuration section
2. Your ESP provides one or two DNS CNAME or TXT records to add to your domain
3. Add those records to your DNS provider
4. Click "Verify" in your ESP dashboard after DNS propagation (10-60 minutes)
Once verified, all email sent from that ESP on behalf of your domain is DKIM-signed automatically. You don't need to do anything per-send.
Setting Up DMARC
DMARC ties SPF and DKIM together. It tells receiving servers what to do with mail that fails both checks - ignore it (`p=none`), send it to spam (`p=quarantine`), or reject it entirely (`p=reject`).
Start with `p=none` to monitor without disrupting mail:
1. Add a DNS TXT record with the name `_dmarc.yourdomain.com`
2. Value: `v=DMARC1; p=none; rua=mailto:[email protected]`
3. The `rua` address receives aggregate reports from mail servers showing what they're seeing from your domain
Leave it at `p=none` for at least 30 days. Read the DMARC reports (or use a free tool like dmarcian.com to interpret them). Once you confirm SPF and DKIM are passing on all legitimate mail, upgrade to `p=quarantine`, then eventually `p=reject`.
Don't jump straight to `p=reject` without monitoring first - you risk quarantining legitimate mail if your setup has any gaps.
Sources: redsift.com/guides/bulk-email-sender-requirements (2026); egenconsulting.com/blog/email-deliverability-2026.html (2026).
Spam Rate Thresholds You Must Know
Gmail publishes its spam rate thresholds. These apply to your sending domain as measured in Google Postmaster Tools:
Rate | Status |
|---|---|
Below 0.10% | Safe zone |
0.10% - 0.30% | Warning zone - Gmail may throttle delivery |
0.30% or above | Domain ineligible for delivery mitigation; takes 7 consecutive days below 0.30% to recover |
One spam complaint per 333 emails sent crosses the 0.30% threshold. A list of 1,000 subscribers: 3 spam complaints in one send puts you in warning territory.
Spam rate is visible in Google Postmaster Tools (postmaster.google.com) - free, requires domain verification. Check it monthly. The default dashboard shows your domain reputation as "High," "Medium," "Low," or "Bad" - you want High.
Source: support.google.com/a/answer/81126 (Google official).
List Hygiene: The Part That Matters More Than Technical Setup
Authentication gets your emails to the inbox door. Engagement determines whether they're let in.
Gmail's algorithm weights: opens, clicks, replies, and complaint rates - in that order of influence. A domain with perfect SPF/DKIM/DMARC that sends to 5,000 unengaged subscribers will see its domain reputation drop faster than an imperfectly authenticated sender with highly engaged readers.
The 90-day pruning rule: Remove subscribers who haven't opened any email in 90 days. It feels counterintuitive when you've spent months building the list. The math is: a 4,000-subscriber list with 40% open rate outperforms a 10,000-subscriber list with 12% open rate on every deliverability metric. Smaller engaged list beats larger cold list.
Re-engagement sequence before pruning: Before removing cold subscribers, run a 3-email "are you still there?" sequence over two weeks. Anyone who opens or clicks stays. Anyone who doesn't gets removed. This recovers 5-15% of cold subscribers as genuinely re-engaged.
One-click unsubscribe: Required by Google and Yahoo since 2024. Your ESP must include a `List-Unsubscribe` header with a one-click URL. Most major ESPs (Kit, Mailchimp, Beehiiv) handle this automatically. Verify yours is included by sending yourself a test email and checking the message headers.
Sources: emailverify.io/blog/email-deliverability-guide (2026); krotovstudio.com/blog/email/what-are-the-bulk-email-sender-requirements-in-2026-and-how-do-you-stay-compliant (2026).
Diagnostic Tools (All Free)
Tool | What It Checks |
|---|---|
Google Postmaster Tools | Your domain reputation, spam rate, authentication status - the definitive source |
Mail-tester.com | Score your email setup before sending; 10 free tests/day |
MXToolbox | SPF, DKIM, DMARC record syntax and validity |
dmarcian.com | DMARC report interpretation (free tier available) |
Run mail-tester.com on your first send from any new domain setup. Send a test email to the address mail-tester generates, then check your score. You want 9/10 or higher before sending to your real list.
Setup Checklist
- [ ] SPF TXT record added and verified (MXToolbox)
- [ ] DKIM configured and passing in ESP dashboard
- [ ] DMARC TXT record at `p=none` minimum; `rua` reporting address set
- [ ] Google Postmaster Tools domain verified and monitored
- [ ] One-click unsubscribe confirmed in email headers
- [ ] 90-day inactive subscribers identified and queued for re-engagement
- [ ] Spam rate below 0.10% in Postmaster Tools
For building the list itself alongside deliverability setup, see the email list building guide for spiritual practitioners.
Frequently Asked Questions
My list is under 500 people. Do I still need SPF/DKIM/DMARC? The 5,000/day threshold for Google's enforcement applies to the largest senders. Under that volume, strict enforcement is lighter. That said: SPF and DKIM take 30-60 minutes to set up and improve your domain reputation permanently. DMARC at `p=none` costs nothing and provides reporting data. Setting them up at 500 subscribers is far easier than retrofitting them at 10,000 when something breaks.
I use Kit (ConvertKit). Does it handle authentication automatically? Kit provides DKIM configuration instructions in its domain settings. You set up the DNS records Kit specifies, Kit verifies them, and outgoing email from your custom domain is DKIM-signed. SPF and DMARC you configure on your domain's DNS directly. Kit's documentation walks through all three. Kit does not handle DMARC for you - that record is on your domain.
My open rate dropped suddenly. What happened? Apple's Mail Privacy Protection (MPP) since 2021 pre-loads email content and registers opens even when a subscriber doesn't read the email. This inflated open rates in Apple Mail clients, masking true engagement. A sudden drop often reflects a platform-side change in how opens are counted rather than actual disengagement. Check your click rate - that signal is not affected by MPP and is a cleaner engagement metric.
How do I know if my emails are going to spam? Send yourself a test to a Gmail address and check the spam folder. Also set up Google Postmaster Tools - it shows the percentage of your mail that Gmail users mark as spam, which is the actual ground truth. A sudden spike in Postmaster Tools spam rate is actionable data; "my friend said they didn't see my email" is not.
