Why your email ends up in spam (and what to do about it)

By: , tS-X

You send a quote to a potential client. A day later, silence. You call: “I never received anything.” You check your sent folder — it’s there. But at the client’s end, it’s nowhere to be found. Except in the spam folder.

This happens to business owners daily. And the problem isn’t your text, your attachment, or your subject line. The problem is your domain.

Why email providers don’t trust you

Gmail, Outlook and other email providers must filter billions of messages every day. They use a simple principle: prove you are who you say you are. Can’t do that? You go to spam.

That proof is delivered by three technical settings on your domain: SPF, DKIM and DMARC. Without those three, your email is like a letter without a return address and without a stamp — the recipient doesn’t know if it’s genuine.

The three pillars of email trust

SPF (Sender Policy Framework)

SPF tells the world which servers are authorised to send email on behalf of your domain. Without SPF, anyone can pretend to be you — and email providers know it. So if you don’t have SPF, they treat you as suspicious.

DKIM (DomainKeys Identified Mail)

DKIM places a digital signature on every email you send. The recipient can verify whether the message was altered in transit. Without DKIM, your email is like a letter without a seal — unverifiable.

DMARC (Domain-based Message Authentication)

DMARC gives you back control. It tells email providers exactly what to do if a message fails the SPF or DKIM check: let it through, quarantine it, or reject it. Without DMARC, providers just guess — and that guess rarely falls in your favour.

The numbers

The impact of these three settings is enormous:

Since 2024, Google and Yahoo explicitly require all senders to have SPF, DKIM and DMARC configured. Without those three, you’re actively filtered — not as punishment, but as default policy.

What it costs you

Every email that lands in spam is a missed opportunity:

It’s like sending letters, but the postman throws half of them in the wrong letterbox. You don’t know, the recipient doesn’t know — and meanwhile you’re losing clients.

Why DIY sites don’t handle this

Most DIY platforms (Wix, Squarespace, WordPress.com) don’t offer email as standard, or only as an add-on. And if you arrange your email through an external provider (Gmail, Outlook), you have to configure the DNS settings yourself.

That means: logging into your domain registrar, adding TXT records, generating DKIM keys, setting up a DMARC policy. For the average business owner, that’s an incomprehensible technical exercise.

The result: most small business owners have no or incomplete email authentication. Their email works — until it doesn’t. And then they don’t know why.

And it gets more complex: the moment you use an invoicing system, a CRM or a newsletter tool (like Mailchimp) alongside your regular email, each of those systems needs to be separately authorised in your DNS. If that doesn’t happen, an email provider sees it as abuse — and blocks.

The solution

Email authentication isn’t rocket science. It’s a one-time configuration that, when set up correctly, works flawlessly for years:

After that configuration, your emails reach the inbox. Not the spam folder. Not oblivion.

It’s the difference between a letter with a clear return address, a stamp and a signature — and an anonymous note without an envelope. Both contain the same message. But only one is taken seriously.

Curious how your website performs? Try the free website check.

Matt ten Seldam helps business owners with fast, secure and findable websites via tS-X.