Modern email services like Gmail and Outlook are equipped with strict filtering algorithms that block anything that seems suspicious. But without guaranteed delivery of outreach emails, building a consistent link-building process is impossible. That’s why we decided to look “under the hood” of email systems and get to know mail bots better.
In this blog, we’ll explain what SMTP is, how to set up identifiers like SPF and DKIM, which triggers to avoid, and why proper mailbox warming is essential for effective mass email outreach.
What is SMTP and why is it important to know about it
SMTP (Simple Mail Transfer Protocol) is the protocol used by one server to send emails to another. Metaphorically, it’s like a personal courier for your emails. When you click “Send,” this protocol takes your message and carries it across the network to the recipient’s mail server.
For individual personal emails, standard email client settings are usually enough. But when you start an outreach campaign and send dozens or hundreds of emails, free email services may flag that activity as suspicious. Professional SMTP servers (like SendGrid, or tools like Instantly or Lemlist) improve deliverability — they have better technical reputations and are designed for high-volume outreach. However, SMTP has a critical flaw: it doesn’t verify whether you’re really the sender you claim to be (you can send emails from any address — even someone else’s, as in phishing). And without proof, the message ends up in spam. What to do?
SPF and DKIM — building trust with email services
To make the recipient’s email system trust your messages, it needs proof that you are who you say you are and not a scammer spoofing your identity. That proof comes from SPF and DKIM — special records added to your domain settings.
SPF, or permission to send
To understand SPF (Sender Policy Framework), imagine a list of trusted senders published on your website. It says: "Only servers with these IP addresses are allowed to send emails from @example.com."
When an email server receives a message that appears to be from you, it checks your SPF record. If the sender’s IP is on your “whitelist,” the email passes. If not, it likely goes to spam.
How to configure SPF:
- Log into your domain's DNS management panel (via your hosting provider or domain registrar).
- Create a new TXT record.
- Add server authorization details in the record body. For example, for Google Workspace (Gmail), use:
v=spf1 include:_spf.google.com -all
This tells the world: "I allow Google’s servers to send emails on my behalf."
DKIM, or digital signature
If SPF is a list of trusted senders, DKIM (DomainKeys Identified Mail) is a digital "seal on the envelope." It proves two things: first, the message really came from you; second, that its content wasn't altered in transit.
DKIM adds a unique signature to each of your emails. The recipient’s mail server uses a public key from your DNS records to verify that signature. A valid signature means greater trust.
How to configure DKIM:
- In your email platform (e.g. Google Workspace admin panel), generate a DKIM key.
- The service will give you a TXT record name and value (your public key).
- Create a new TXT record in your DNS panel and paste in the provided data.
Setting up SPF and DKIM is the minimum requirement for link builders — without them, your emails are almost guaranteed to end up in spam filters.
How to warm up a mailbox for outreach campaigns
When you create a new mailbox, its reputation in the eyes of email algorithms is a blank slate. If you immediately start sending mass emails from it (even just 20–30 per day), it will look highly suspicious. The expected outcome? Instant ban.
In contrast, “warming up” is the process of gradually increasing mailbox activity to build a positive sender reputation (we explain here how to prepare the outreach email itself).
How to warm up a mailbox:
1. Manual start (week 1–2)
Send 10–15 emails a day to friends, colleagues, or your own addresses on other services. Ask recipients to open, reply, mark them as “important,” or drag them out of the spam folder — all are strong positive signals for email algorithms.
2. Automation (week 2–4 and beyond)
Use specialized warm-up services (e.g., Lemwarm by Lemlist, Mailshake, Woodpecker). These tools simulate real communication between users, sending, opening, and replying to emails.
At the same time, slowly increase the number of your outreach emails — start with 20–30 a day and gradually scale.
3. Warm-up duration
A proper warm-up takes 3 weeks to a month. Don’t rush — better to spend this time preparing than to spend months trying to remove your domain from blacklists.
If you’re using a new domain, the warm-up may take longer. Some providers don’t trust domains younger than 30 days, even with perfect technical setup.
How not to burn your domain with your outreach
Another critical point — never use your main corporate domain for mass outreach. If you send from yourname@company.com and some emails get flagged, land in spam, or are marked as such, it will affect the reputation of your entire domain.That means regular emails like commercial offers or partner communication might not be delivered at all.
Better approach: build separate outreach infrastructure:
- subdomain like out.company.com
- mailbox like hello@out.company.com
- separate SPF and DKIM records for this subdomain
This creates an isolated space where you can safely test outreach campaigns without risking the entire domain’s deliverability.
Suspicious links, attachments — what else triggers filters and can kill your campaign
Even if SPF and DKIM are configured correctly, the mailbox is warmed up, and SMTP is solid — email services still check the content. And that alone can ruin your deliverability.
Filters analyze words, structure, HTML layout, number of links, images, fonts, and caps lock. If something feels off or spammy, your email might not even land in the “Promotions” tab, let alone the Primary inbox.
What exactly triggers filters in outreach campaigns?
Suspicious links. URLs with bad reputations, unclear redirects, shorteners like bit.ly — all lower your deliverability. Always check if the visible link text matches the actual destination.
Correct example:
- visit our website
- confirm participation — example.com/confirm
Bad example:
Attachments. Especially .zip, .doc, .exe, .js files. If sent without context or prior agreement, they almost guarantee spam. Better to keep the first email “clean” — at most, include links to Google Docs or Notion.
Inconsistent From fields and DKIM. If the sender name, “from” domain, and DKIM records don’t align — filters notice and act.
How to reduce risks:
- Write simply and human-like
- Avoid excessive emotion or pushy CTAs
- Include a plain-text version
- Limit to 1–2 links max
- Always include a signature with name, title, and website
- Test emails via mail-tester.com or similar
- Use Google Postmaster Tools — an official service to track your domain’s reputation, spam complaints, and authentication status
Conclusions
Deliverability depends on the whole infrastructure — from technical setup to communication tone. Key takeaways:
- SMTP sends the email but doesn’t prove its authenticity
- SPF and DKIM confirm you're the legitimate sender
- A warmed-up mailbox builds trust — even the best setup won’t help if you skip this
- A separate outreach subdomain reduces risks for your main domain
- Content matters: tricky links or attachments can ruin a technically perfect campaign
Effective email outreach doesn’t start with the “Send” button — it starts with solid technical prep and understanding how filters work.
