Web Hosting

Fix Email Going to Spam (SPF, DKIM & DMARC Explained)

email goes to spamnot deliveredSPF/DKIM fail
6 min read Updated 12 June 2026 ESAGAMES Team

If your email keeps landing in spam, it's almost always missing authentication. Three DNS records — SPF, DKIM and DMARC — prove your mail is genuine. Set all three and deliverability jumps.

Why mail goes to spam

Mail providers (Gmail, Outlook) now require proof that a message really came from your domain. Without it, they assume spoofing and filter you. SPF, DKIM and DMARC are that proof.

SPF — who is allowed to send

An SPF record is a TXT record listing the servers allowed to send mail for your domain. One record only, ending in ~all:

Type  Name  Value
TXT   @     "v=spf1 a mx include:_spf.google.com ~all"
Only one SPF record

Multiple SPF records break SPF entirely. If you use several senders (your host + Google + a newsletter tool), merge them into a single record with multiple include: entries.

DKIM — a tamper-proof signature

DKIM adds a cryptographic signature to every message, which the receiver verifies against a public key in your DNS. Your host or mail provider generates the key and the TXT record (usually at a selector like default._domainkey). Enable DKIM in your mail panel and publish the record it gives you.

DMARC — the policy that ties it together

DMARC tells receivers what to do when SPF/DKIM fail, and where to send reports. Start in monitoring mode (p=none) so nothing legitimate is blocked while you check reports:

Type  Name      Value
TXT   _dmarc    "v=DMARC1; p=none; rua=mailto:you@example.com; fo=1"

Once reports confirm your real mail passes, tighten to p=quarantine then p=reject.

The clean checklist

  1. Publish one SPF TXT record covering all your senders.
  2. Enable DKIM in your mail panel and publish its TXT record.
  3. Add a DMARC record starting at p=none.
  4. Test with a tool (send to a mail-tester and check all three pass).
  5. Tighten DMARC to quarantine/reject once everything passes.
SPF says who can send, DKIM proves it wasn't tampered with, DMARC ties them together. Inboxes want all three.

Hosting with proper mail setup

Our web hosting includes easy DKIM/SPF setup and a clean mail panel, on a protected network.

See web hosting
FAQ

Frequently asked questions

Why do my emails go to spam even though they're legitimate?

Almost always missing or broken authentication. Without valid SPF, DKIM and DMARC records, Gmail and Outlook can't verify your domain and default to the spam folder. Set all three correctly.

Can I have two SPF records?

No — a domain must have exactly one SPF record. Two or more cause a permerror and SPF fails completely. Combine all your senders into a single record with multiple include: statements.

What DMARC policy should I start with?

Start with p=none (monitor only) so you can read the reports without blocking real mail. Once you confirm your legitimate mail passes SPF/DKIM, move to p=quarantine and then p=reject.

Knowledge base

Related articles

Web Hosting

Fix "500 Internal Server Error" on Your Website

A 500 error on your site? The usual causes — .htaccess, file permissions, PHP — and how to fix them.

Read fix Web Hosting

How to Point a Domain to Your Server (DNS A Record)

How to point a domain at your server with an A record — and why it doesn't work instantly.

Read fix Web Hosting

Fix "502 Bad Gateway" on Your Website

A 502 Bad Gateway? It's the backend (usually PHP-FPM) failing — how to find and fix it.

Read fix

Skip the troubleshooting

Managed, protected hosting in Frankfurt — we handle the Linux, the network and the DDoS so you don't have to.

Game hosting All articles
Payments Secure checkout with cards, banking apps and digital wallets.

Choose the payment flow that fits your stack and region without leaving the platform.

Pay by Zen Visa Mastercard Paysafecard PaysafeCash Skrill Trustly Bancontact UnionPay iDeal WebMoney