Why are my emails going to spam?

Most likely you're missing SPF, DKIM, or DMARC records. Without these, receiving servers can't verify your domain's authenticity and may flag your emails as suspicious.

What's the difference between SPF, DKIM, and DMARC?

SPF specifies which servers can send email for your domain. DKIM adds a cryptographic signature to each message. DMARC tells receivers what to do if SPF/DKIM checks fail (quarantine, reject, or do nothing).

Do I need all three (SPF, DKIM, DMARC)?

Yes. Google and Yahoo require all three for bulk senders since February 2024. Even for low-volume senders, having all three significantly improves deliverability.

Improve Email Deliverability — SPF, DKIM & DMARC Setup

Step-by-step guide to configure SPF, DKIM, and DMARC records to prevent emails from landing in spam.

Diagnose your site now

Problem

Your emails are landing in spam folders or being rejected by recipients’ mail servers.

Top 3 Causes

Missing SPF record — Receivers can’t verify your sending server is authorized. Add a TXT record like v=spf1 include:_spf.google.com -all.
No DKIM signing — Without a cryptographic signature, messages can’t be authenticated. Configure DKIM in your email provider and publish the public key as a DNS TXT record.
No DMARC policy — Without DMARC, receivers decide independently what to do with unauthenticated mail. Add v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com.

Diagnosis with DechoNet

DNS Lookup — Check the Email Security tab to see if SPF, DKIM, and DMARC records are present and valid.
Look for warnings about missing or misconfigured records.

Resolution Checklist

SPF: Add a TXT record at @ → v=spf1 include:<your-provider> -all. Keep under 10 DNS lookups.
DKIM: Generate a key pair in your email provider, publish the public key as a TXT record at <selector>._domainkey.example.com.
DMARC: Add a TXT record at _dmarc.example.com → v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@example.com.
Start DMARC with p=none to monitor, then escalate to quarantine → reject once verified.
Test by sending to a Gmail account and checking the “Show original” headers for SPF/DKIM/DMARC pass status.