EasyApps Ecommerce1. DNS Authentication (SPF, DKIM, DMARC)
DNS authentication is the foundation of email deliverability. Without it, email providers have no way to verify your emails are legitimate. Think of it as your email passport — without it, you cannot enter the inbox.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | SPF record published for your domain | Critical | Add a TXT record: v=spf1 include:_spf.google.com include:shops.shopify.com ~all (adjust includes for your ESP). Only one SPF record per domain. |
| ☐ | SPF record includes all sending services | Critical | List every service that sends from your domain: Shopify, Klaviyo/Mailchimp, Google Workspace, helpdesk, etc. Missing an include means those emails fail SPF. |
| ☐ | DKIM records configured for email marketing platform | Critical | Your ESP (Klaviyo, Mailchimp, Omnisend) provides DKIM CNAME records. Add them to your DNS and verify in your ESP dashboard. |
| ☐ | DKIM records configured for Shopify Email (if using) | Critical | If using Shopify Email for marketing, verify DKIM authentication in Shopify Settings > Notifications > Sender email. |
| ☐ | DMARC record published | Critical | Start with monitoring mode: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com. After 2-4 weeks of clean reports, move to p=quarantine. |
| ☐ | DNS records verified with online checker | Critical | Use MXToolbox.com or mail-tester.com to verify SPF, DKIM, and DMARC are all passing. Fix any failures before sending. |
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | SPF record does not exceed 10 DNS lookups | Important | SPF has a 10-lookup limit. Too many includes causes SPF to fail. Use SPF flattening tools if you exceed 10. |
| ☐ | Return-path (bounce) domain aligned with From domain | Important | DMARC alignment requires the bounce domain to match or be a subdomain of your From domain. Check ESP settings for custom return-path. |
| ☐ | BIMI record set up (brand logo in inbox) | Nice-to-have | BIMI displays your brand logo next to emails in supported inboxes (Gmail, Yahoo). Requires DMARC enforcement (p=quarantine or p=reject) and a VMC certificate. |
2. Domain & IP Warm-Up
Sending high volume from a new domain or IP is the fastest way to get blacklisted. Warm-up builds your sender reputation gradually so email providers learn to trust your sending patterns.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Warm-up plan created (2-4 week schedule) | Critical | Day 1-3: 200-500 emails/day. Days 4-7: 500-1000. Week 2: 1000-5000. Week 3: 5000-15000. Week 4: full volume. Never jump straight to full list. |
| ☐ | First sends go to most engaged subscribers | Critical | Start warm-up by sending only to subscribers who opened or clicked in the last 30 days. High engagement signals teach ISPs you are legitimate. |
| ☐ | Bounce rate monitored during warm-up (under 2%) | Critical | If bounces exceed 2% during warm-up, pause immediately. Clean your list before continuing. High bounces during warm-up permanently damage reputation. |
| ☐ | Spam complaint rate under 0.1% during warm-up | Critical | Google's threshold is 0.3% — but aim for under 0.1%. If complaints spike, stop sending and investigate content/targeting. |
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Dedicated sending domain configured (if high volume) | Important | For 50K+ emails/month, use a subdomain (mail.yourdomain.com) so marketing reputation does not affect transactional email delivery. |
| ☐ | Warm-up volume increases gradually (25-50% per step) | Important | Never double volume between sends. Increase by 25-50% every 2-3 days. Sudden spikes trigger spam filters. |
3. List Hygiene & Collection
A dirty list destroys deliverability faster than any other factor. One campaign to a dirty list can damage your sender reputation for months. Clean lists convert better and cost less.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Never use purchased or scraped email lists | Critical | Purchased lists contain spam traps, invalid addresses, and unengaged contacts. One send can get you blacklisted and your ESP account suspended. |
| ☐ | Double opt-in enabled for new subscribers | Critical | Double opt-in confirms the subscriber owns the email. Reduces bounces, spam complaints, and bot signups dramatically. |
| ☐ | Email validation on signup forms | Critical | Use real-time email validation to catch typos (gamil.com, yaoo.com) and disposable addresses at the point of capture. |
| ☐ | List cleaned of invalid/bounced addresses | Critical | Run your entire list through a verification service (ZeroBounce, NeverBounce) before any campaign. Remove hard bounces, role addresses, and disposable emails. |
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Unengaged subscribers suppressed (no opens in 90+ days) | Important | Create a sunset flow: re-engage inactive subscribers, then suppress those who do not respond. Sending to dead addresses hurts everyone. |
| ☐ | Email capture uses legitimate incentive | Important | Use EA Email Popup & Spin Wheel for gamified, high-quality opt-ins. Relevant incentives attract engaged subscribers. |
| ☐ | Honeypot or reCAPTCHA on signup forms | Important | Bot signups inflate your list with fake addresses that bounce. Add hidden honeypot fields or CAPTCHA to prevent automated submissions. |
4. Email Content & Design
Even with perfect authentication and a clean list, poorly structured content triggers spam filters. Content matters for both deliverability and engagement.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Text-to-image ratio is at least 60:40 | Critical | Image-only emails trigger spam filters. Include meaningful text content alongside images. Never send an email that is just one large image. |
| ☐ | Subject lines avoid spam trigger words | Critical | Avoid ALL CAPS, excessive punctuation (!!!), and trigger phrases like "FREE!!!," "Act now," "Limited time." Use honest, relevant subject lines. |
| ☐ | Unsubscribe link visible and functional | Critical | Required by CAN-SPAM and GDPR. Place at bottom of every email. Process unsubscribes within 24 hours. A hidden unsubscribe forces recipients to mark as spam instead. |
| ☐ | From name is recognizable (brand name, not "no-reply") | Critical | Use your brand name or "Name from Brand." Recipients open emails from names they recognize. "no-reply@" feels impersonal and untrustworthy. |
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Plain text version included alongside HTML | Important | Multipart emails (HTML + plain text) score better with spam filters. Most ESPs generate plain text automatically — verify it looks readable. |
| ☐ | All links point to valid, non-blacklisted domains | Important | Broken links and links to blacklisted domains (URL shorteners, suspicious redirects) trigger spam filters. Check all links before sending. |
| ☐ | Physical mailing address included | Important | CAN-SPAM requires a valid physical address in every marketing email. Use your business address or a PO box. |
| ☐ | Preheader text optimized (not blank) | Important | The preheader is visible in inbox previews. A blank preheader shows code or "View in browser" — write a compelling preview that supports the subject line. |
5. Sending Practices
How and when you send matters as much as what you send. Consistent, well-timed sends build sender reputation; erratic blasts destroy it.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Consistent sending schedule established | Critical | Send at regular intervals (1-3x per week). Going from 0 emails for 2 months to a massive blast triggers spam filters and unsubscribes. |
| ☐ | Segment by engagement for campaigns | Critical | Send to engaged subscribers first. If a campaign performs well with engaged users, expand to less engaged segments. This protects your reputation. |
| ☐ | Bounce processing automated | Critical | Hard bounces must be automatically removed after first occurrence. Soft bounces after 3-5 consecutive failures. Most ESPs handle this — verify it is enabled. |
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Send time optimized for your audience | Important | Test different send times. Generally: Tuesday-Thursday, 10am-2pm in recipient's timezone performs best for ecommerce. Use send-time optimization features in your ESP. |
| ☐ | A/B testing subject lines regularly | Important | Test two subject lines with 10-20% of your list, then send the winner to the rest. Higher open rates improve sender reputation over time. |
6. Transactional Email
Order confirmations, shipping notifications, and password resets must reach the inbox. These have 60-80% open rates and are the most critical emails your store sends.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Order confirmation reaches inbox (test with Gmail, Yahoo, Outlook) | Critical | Place a test order and verify the confirmation arrives in the primary inbox on all major providers. Check spam folder. |
| ☐ | Shipping notification emails deliver correctly | Critical | Fulfill a test order and verify the shipping notification email arrives with tracking link. This is the most anticipated email after purchase. |
| ☐ | Transactional and marketing emails separated | Critical | If possible, use different sending domains/IPs for transactional vs. marketing email. This prevents marketing reputation issues from blocking order confirmations. |
7. Monitoring & Maintenance
Deliverability is not a one-time setup. It requires ongoing monitoring. A single bad campaign can damage reputation that took months to build.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | Google Postmaster Tools set up | Important | Free tool that shows your domain reputation, spam rate, and authentication status with Gmail. Essential for monitoring deliverability. |
| ☐ | Blacklist monitoring active | Important | Check your domain and sending IP against blacklists monthly using MXToolbox. Being blacklisted can drop deliverability to zero overnight. |
| ☐ | Monthly list cleaning scheduled | Important | Remove hard bounces, unsubscribes, and 90-day inactive contacts monthly. A clean list maintains high deliverability. |
| ☐ | Inbox placement testing before major campaigns | Important | Use tools like GlockApps or Mail Tester to check inbox placement across providers before holiday campaigns or major sends. |
| ☐ | DMARC reports reviewed weekly | Important | Review DMARC aggregate reports to identify unauthorized senders using your domain and authentication failures. |
8. Compliance & Legal
Email compliance is not just about avoiding fines — it directly affects deliverability. ISPs use compliance signals to determine sender trustworthiness.
| Checklist Item | Priority | Details / Action | |
|---|---|---|---|
| ☐ | CAN-SPAM compliance verified (US) | Critical | Accurate From/Reply-to, no deceptive subject lines, physical address, functional unsubscribe processed within 10 business days. |
| ☐ | GDPR compliance verified (EU customers) | Critical | Explicit consent required for marketing emails. Consent must be freely given, specific, informed, and unambiguous. Pre-checked boxes do not count. |
| ☐ | CASL compliance verified (Canadian customers) | Critical | Canada's anti-spam law requires express consent with clear identification of the sender and easy unsubscribe mechanism. |
Frequently Asked Questions
What is SPF and why does my Shopify store need it?
SPF (Sender Policy Framework) is a DNS record that tells email providers which servers are authorized to send email on behalf of your domain. Without SPF, your marketing and transactional emails may land in spam. Add SPF records for Shopify, your email marketing platform, and any other service that sends email from your domain.
What is DKIM and how do I set it up for Shopify?
DKIM (DomainKeys Identified Mail) adds a digital signature proving your emails were not altered in transit. Your email marketing platform provides DKIM records (usually two CNAME records) that you add to your DNS. Shopify Email, Klaviyo, Mailchimp, and Omnisend all provide DKIM setup instructions in their settings panels.
How long does email domain warm-up take?
A proper warm-up takes 2-4 weeks. Start by sending to your most engaged subscribers at low volume (200-500/day), then gradually increase by 25-50% every 2-3 days. Sending your full list on day one from a new domain will trigger spam filters and damage your sender reputation for months.
Why are my Shopify emails going to spam?
The most common causes: missing SPF/DKIM/DMARC authentication, sending from a new domain without warm-up, high bounce rates from dirty lists, spam trigger words in subject lines, low engagement dragging down sender reputation, and image-heavy emails with little text. Work through this checklist systematically to diagnose the root cause.
What is a good email open rate for Shopify stores?
Average open rates: 15-25% for marketing emails, 60-80% for transactional emails. If marketing open rates are below 15%, you likely have a deliverability problem. If transactional emails have low opens, check spam folders and authentication records immediately. Open rates vary by industry — compare against ecommerce benchmarks, not all-industry averages.
Apps That Improve Email Performance
EA Email Popup & Spin Wheel
Gamified email capture that converts 2-3x better than static popups. Build a high-quality list from day one.
EA Free Shipping Bar
Show free shipping thresholds to increase AOV and give you better incentives for email campaigns.
EA Announcement Bar
Promote email signup incentives, flash sales, and limited-time offers that drive email engagement.