Operations

Deliverability checklist — pre-launch & ongoing

About to launch a 50k campaign? This checklist covers everything that kills deliverability before, during, and after a large send. Work through it top to bottom. Every item here is a real failure mode seen in production.

1. Warm-up curve

A new sending domain has zero reputation. Gmail, Outlook, and Yahoo use historical sending patterns to decide whether to inbox or defer your mail. The fix is a slow, clean ramp.

• SendBolt enforces a 11-tier warm-up gate automatically — you cannot blast past it without buying a pre-warmed IP pool. See the full warm-up guide for the daily cap curve (50 → 100k+).
• New domains reach tier 10 (100k/day) in ~14-21 days of clean traffic.
• Keep your first sends to high-engagement lists (recent sign-ups, confirmed opt-ins). Fresh engagement signals are the fastest way to build reputation.
• Separate your transactional and marketing sending on distinct sub-domains (tx.acme.com vs news.acme.com). A spam complaint on a newsletter should never touch your transactional reputation.

2. Bounce-rate budget (< 2%)

A bounce rate above 2% is the fastest route to an IP or domain block. Gmail publishes 2% as its threshold for immediate action. SendBolt auto-pauses a domain at 3% bounces to protect platform reputation.

• Hard bounces (550 5.1.1 — address does not exist) are the dangerous ones. Soft bounces (mailbox full, temporary DNS failure) resolve on their own.
• Run your list through a verification pass before the first large send. Aim for < 0.5% hard bounces on send day.
• Never re-send to an address that has hard-bounced. SendBolt adds it to the suppression list automatically; make sure your code honours the skipped_suppressed response and does not retry. See bounces & suppressions.
• Check GET /api/v1/events?type=bounce daily during warm-up. If you see a spike, pause your campaign before the auto-pause does it for you.

3. Complaint-rate budget (< 0.1%)

A complaint is a recipient clicking "This is spam" in Gmail / Outlook. Google Postmaster Tools publishes your complaint rate daily. Above 0.1% you enter the "review" zone; above 0.3% you will start seeing bulk deferral.

• Include a clear, one-click unsubscribe link in every marketing email. Frustrated recipients who cannot unsubscribe hit "Report spam" instead.
• Honour list-unsubscribe headers (List-Unsubscribe + List-Unsubscribe-Post). SendBolt adds these automatically when you include the unsubscribe_url field in the send payload.
• Send only to people who explicitly signed up for this type of email. Surprise-sending a marketing campaign to a list that only signed up for transactional receipts will spike complaints.

4. DMARC reporting setup

DMARC alignment (SPF + DKIM both pass and both align with your From: domain) is the baseline for modern inbox placement. DMARC reports tell you who is sending on your behalf — including attackers.

• Publish a DMARC record: v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com; ruf=mailto:dmarc@yourdomain.com; pct=100. Start with p=none for the first week to see reports without blocking anything.
• Use a free DMARC aggregation tool (Valimail, Postmark DMARC) to turn the XML reports into readable dashboards.
• Once the report shows > 99% of sends passing DMARC, move to p=quarantine then p=reject.
• SendBolt publishes the correct DKIM record for your domain during onboarding. Verify it with: dig TXT sendbolt._domainkey.yourdomain.com.

5. SPF flat-file check

SPF records have a 10 DNS lookup limit. Exceed it and your SPF record is "permerror" — which counts as a fail.

• Run dig TXT yourdomain.com | grep spf and count your include: directives. Each one costs a lookup.
• If you're over 10, flatten the includes into explicit IP ranges using a tool like MXToolbox SPF flattener, or use a dynamic SPF provider that auto-flattens for you.
• SendBolt's sending IPs are published at include:spf.sendbolt.io— add this to your domain's SPF record during onboarding (covered in the DNS setup guide).

6. ARC seal verification

ARC (Authenticated Received Chain) preserves the original DKIM signature through mailing list re-sends and forwarding chains. Google and Microsoft both honour ARC seals for forwarded mail.

• SendBolt adds an ARC seal to every outbound message automatically. You do not need to configure anything.
• To verify: send a test email to a Gmail address, open the raw message headers, and look for ARC-Authentication-Results and ARC-Message-Signature headers from sendbolt.io.
• If you use a forwarding service (e.g., Cloudflare Email Routing), the ARC chain is preserved through the hop.

7. List hygiene tips

A clean list is more important than a large one. 100k engaged recipients beat 1M cold ones every time.

• Remove unengaged contacts— anyone who has not opened or clicked in 6+ months is hurting your reputation more than helping your reach. Sunset them with a re-engagement campaign first; suppress those who don't respond.
• Use double opt-in for new signups. It adds friction but eliminates typo addresses and fake sign-ups that immediately bounce.
• Add reCAPTCHA / rate-limiting to your signup form. Bot signups create fake addresses that hard-bounce and inflate your bounce rate before you know what happened.
• Suppression list sync — if you have an existing ESP, export its suppression list and import it into SendBolt before your first send (POST /api/v1/suppressions/bulk). Sending to previously-unsubscribed addresses is a compliance violation (CAN-SPAM, GDPR).
• Monitor role addresses (postmaster@, abuse@, noreply@). These are honeypots for spam traps on many lists. Filter them out before import.