Since 2024, major mailbox providers have tightened the rules to reduce spam and protect users. That raises the minimum standard for legitimate marketing email.
For high-volume senders, you are expected to prove who you are and make it easy for people to opt out. In practice, that means solid authentication and one-click unsubscribe using List-Unsubscribe headers and the one-click mechanism defined in RFC 8058.
Providers also judge trust based on recipient behaviour. If engagement is weak, or people mark your emails as spam, it affects how your future emails are treated.
When this is mis-managed well, fewer customers see your messages, engagement falls, revenue drops, and sender reputation becomes harder to recover.
Executive Summary
1. The rules have changed
Since 2024, deliverability has shifted from best practice to enforceable baseline. Providers now treat authentication and recipient control as mandatory.
2. Identity and alignment are non-negotiable
SPF, DKIM and DMARC with domain alignment are expected for all high-volume senders.
3. Unsubscribe signals are part of sender trust
One-click unsubscribe, using List-Unsubscribe and RFC 8058, is required for marketing and subscription mail.
4. Better deliverability drives better business performance
Google and other mailbox providers confirm that easy opt-out improves engagement. The basics protect both inbox reach and revenue.
If you want a prioritised fix list for your current setup, book a consultation.
What deliverability means in 2026, and why it has become harder
Deliverability in 2026 is usually a combination of factors rather than one root cause. Some failures are binary, such as missing authentication or basic sending infrastructure gaps, while others are cumulative, such as weak database hygiene and negative recipient signals that erode trust over time.
Inbox placement is not “delivered”
“Delivered” means that the message was accepted by a receiving server. Inbox placement is a separate decision, and it has worsened. Validity’s 2025 benchmark reports 83.5% inbox placement globally, with 6.7% placed in spam and 9.8% missing.
Baseline controls are now enforced for higher-volume mail
Since 2024, major mailbox providers have tightened requirements for higher-volume senders, often framed around 5,000+ messages per day to their users.
In practice, that means SPF, DKIM and DMARC with alignment, one-click unsubscribe using List-Unsubscribe headers and RFC 8058, and keeping user-reported spam complaints low. Google’s guidance is to aim below 0.1%, and treat 0.3%+ as a red flag because it has a stronger negative impact on inbox placement.
User response shapes future placement
Mailbox providers are explicit that frequent spam reports increase the likelihood that future messages from the same sender are marked as spam, and that spam reports can lower a domain’s reputation over time. They are also clear on mechanism. If unwanted messages do not offer one-click unsubscribe, recipients are more likely to report them as spam, which increases future spam placement risk.
This is why deliverability deteriorates even when “nothing changed” technically. Audience selection, cadence, and relevance drive the signals providers use to protect users.
Database hygiene is deliverability control
When database quality degrades, it doesn’t solely waste money. It generates more bounces, dilutes engagement, and increases the risk of complaints and spam traps. All of these weaken the trust signals that underpin that email providers rely on.
Hygiene reduces exposure, but it does not eliminate it. Trap addresses can still enter through typos, form abuse or broken acquisition logic. That is why prevention matters as much as suppression. If long-inactive or bouncing records are left in your audience, they will drag your reputation down over time.
Privacy changes make open tracking less reliable than ever
Opens have never been a perfect measure of engagement. They were always affected by things like blocked images and security tools. But they were often used as a rough proxy to judge whether an address was active. Now, privacy features in mail clients make that signal even weaker. Some clients preload content or mask user activity, which means opens can occur without any real engagement.
The practical implication is operational: if you use opens to drive suppression, reactivation, or journey branching, you increase the risk of keeping unengaged records (false positives) and misreading performance. Treat opens as directional and lean more on clicks, on-site behaviour, conversions, and negative signals such as complaints and bounces.
Deliverability is a system outcome
Deliverability is a system outcome and not usually determined by one factor. A small set of technical controls decides whether your messages are treated as legitimate, then inbox placement is shaped by the recipient signals mailbox providers observe over time.
Deliverability reflects how well your entire programme is managed. Sustainable improvement comes from clear ownership, disciplined operations and ongoing adjustment. It does not come from last-minute creative changes or switching up send times.
What to do about it in 2026
Make the baseline non-negotiable
Mailbox providers now expect authenticated identity and recipient control from all high-volume senders. In practical terms, that means SPF, DKIM and DMARC with alignment, plus one-click unsubscribe using the correct headers and protocols. If these aren’t in place, inbox placement will stay fragile no matter how brilliant the creative content is.
Stop unwanted mail before it starts
Deliverability is shaped by recipient engagement and response signals. Provider guidance makes clear that higher spam reporting increases the likelihood of future messages landing in spam, and also positions easy opt-out as a mechanism that can improve engagement outcomes.
The commercial lever is not more volume. It is sharper targeting, tighter positioning, sensible frequency, and cleaner data that reduces bounces, complaints, and spam trap exposure. Be strategic in your approach, ensure the targeting and positioning of your communications are aligned.
Put change control around deliverability
Most programmes create deliverability regressions through change: new sending domains, new subdomains, authentication changes, tracking domain changes, or a sudden volume shift. Mailbox-provider guidance explicitly warns against sudden spikes and recommends gradual increases after significant changes.
Treat deliverability like a production system. Changes need ownership, testing, and a controlled ramp, not “ship it and see”.
Use decision signals you can trust
Privacy features in some mail clients reduce the reliability of opens as a proxy for attention, which makes open-led suppression and reactivation riskier. Engagement still matters, but your decisioning should lean more on clicks, on-site behaviour, conversions, and negative signals such as complaints and bounces.
If you are under pressure to fix this quickly, a deliverability review is the fastest way to confirm what is failing, quantify the impact by mailbox provider, and prioritise remediation in the right order.
Common questions about inbox placement
What is inbox placement?
Inbox placement is the share of your delivered emails that land in the inbox rather than the spam folder. A message can be delivered but still land in spam.
Why does deliverability drop when nothing changed?
Because mailbox providers evaluate ongoing recipient signals and reputation trends. Changes in audience quality, frequency, complaints, or list hygiene can reduce inbox placement even when authentication is unchanged.
What should I check first if Gmail or Microsoft inboxing drops?
Start with authentication alignment and list unsubscribe setup, then review recent changes in audience selection, cadence, and complaint signals. Next, check suppression logic, bounces, and any changes to domains, IPs, or tracking.
When is a deliverability review worth doing?
When you see spam folder drift, inconsistent results by mailbox provider, or a step change after a domain, platform, or sending pattern change.
References
This article reflects published sender requirements and standards that govern authentication, unsubscribe signalling, and privacy behaviour in consumer inboxes. Where enforcement varies by provider, the sources referenced are the provider’s own guidance and the underlying IETF RFCs.
Want a clear deliverability action plan
Book a consultation and bring your latest deliverability signals, sending domains, and a sample of recent campaigns. You will leave with a prioritised remediation plan.

