How to stay out of spam: SPF, DKIM, DMARC & domain warm-up
The short answer
To reach the inbox in 2025 you need three things: email authentication (SPF, DKIM and DMARC — now mandatory for bulk senders), dedicated sending domains that are warmed up for about two weeks, and a spam-complaint rate kept under 0.3%. Miss any one and even a perfect campaign lands in spam.
Deliverability is the silent killer of cold outreach. If your emails don't reach the primary inbox, nothing else — targeting, copy, offer — matters. And in 2024 the rules got stricter.
The 2024 rule change you can't ignore
In February 2024, Google and Yahoo rolled out new requirements for bulk senders. To keep landing in Gmail and Yahoo inboxes, senders must now:
- Authenticate with SPF, DKIM and DMARC — all three, not just one.
- Offer one-click unsubscribe and honor it promptly.
- Keep the spam-complaint rate below 0.3% — Google's stated threshold.
As sysadmin and deliverability communities now put it bluntly: in 2025, without SPF, DKIM and DMARC configured, your mail will be marked spam or rejected by Gmail, Outlook and others.
What SPF, DKIM and DMARC actually do
| Record | What it proves |
|---|---|
| SPF | Which servers are allowed to send mail for your domain. |
| DKIM | The message wasn't tampered with in transit (a cryptographic signature). |
| DMARC | What receivers should do when SPF or DKIM fails — and where to send reports. |
Together they tell Gmail and Outlook that you are who you say you are. The 2025 deliverability benchmark data ties the worst inbox-placement scores to exactly these gaps — poor authentication, weak IP segregation and inconsistent list hygiene.
Never send from your main domain
This is the single most important rule of cold outreach. Cold email should never go out from your primary company domain. Instead:
- Register dedicated lookalike domains (e.g. try-yourbrand.com) purely for outreach.
- Configure SPF, DKIM and DMARC on each.
- Warm them up for ~2 weeks — low volume that ramps gradually — before any real campaign.
The payoff: even an aggressive campaign, or an accidental spam-trap hit, can never drag your real business domain into spam. Your primary domain stays clean and trusted.
The pre-send deliverability checklist
- ✅ SPF, DKIM, DMARC live on every sending domain
- ✅ Sending domains warmed for ~2 weeks
- ✅ List verified — no dead or catch-all addresses (bounces hurt reputation)
- ✅ One-click unsubscribe in every message
- ✅ Spam complaints monitored and kept under 0.3%
- ✅ Volume per inbox kept low and human-paced
You can pressure-test the targeting side in our cold email benchmarks guide — but none of it works until the deliverability fundamentals above are in place.
Frequently asked
Do I need SPF, DKIM and DMARC to send cold email in 2025?
How long should you warm up a new sending domain?
Should you send cold email from your main company domain?
Sources
- MailReach — Email Deliverability Statistics 2025: Benchmarks & Trends
- Google — Email sender guidelines (bulk sender requirements, 2024)
- Superhuman Prospecting — Email Deliverability 101: Warm-Up, SPF, DKIM & DMARC
We protect your domain by design
Dedicated sending domains, full SPF/DKIM/DMARC setup, and a ~2-week warm-up are built into every campaign — your primary domain never gets touched.
Book a strategy call