Why most email flows never reach an inbox

Founders usually build flows backwards. They write five clever emails, wire up an automation, hit activate — and then discover open rates near zero because everything landed in spam or was silently dropped. The automation was fine. The sending infrastructure was not.

Mailbox providers like Gmail and Outlook decide whether to deliver your email before anyone reads a word of it. They check whether the sending domain is authenticated, whether it has a history of complaints, and whether the message meets basic compliance requirements. Get those right first and mediocre copy will still get delivered. Get them wrong and great copy goes nowhere.

Step 1: Verify your sending domain

Never send marketing email from a free address like a Gmail account, and never send from a domain you have not authenticated. You need three DNS records on the domain you send from:

  • SPF — a TXT record listing which servers are allowed to send email for your domain.
  • DKIM — a cryptographic signature proving the email was not altered and really came from you.
  • DMARC — a policy telling mailbox providers what to do with mail that fails the first two checks.

Every serious email platform gives you the exact records to paste into your DNS settings, then shows a verified status once they propagate. Do not send a single campaign until you see that verification. Gmail and Yahoo now require authentication from bulk senders, so this is not optional hygiene — unauthenticated mail from any meaningful volume simply gets rejected.

One practical tip: many operators send marketing email from a subdomain (like mail.yourdomain.com) to keep marketing reputation separate from the transactional email their product depends on. It is not mandatory on day one, but it is cheap insurance.

Step 2: Build a list you are allowed to email

A flow is only as good as the list feeding it. Rules worth treating as non-negotiable:

  • Explicit opt-in only. A checkbox they ticked, a form they submitted, a purchase they made. Never scrape, never buy lists, never import "contacts I found." Purchased lists destroy deliverability because they are full of spam traps and people who report you.
  • Say what they are signing up for. "Weekly tips" and "occasional product updates" are different promises. Keep the one you make.
  • Capture at natural moments. The footer signup form, a checkout opt-in, a lead magnet that is genuinely useful, a waitlist. One good capture point beats five popups.
  • Consider double opt-in. A confirmation click shrinks your list slightly but the addresses that remain are real and engaged, which protects your sender reputation.

Step 3: Build the welcome flow first

The welcome sequence is the highest-leverage automation you will ever build, because it fires when interest is at its peak — the moment someone signs up. A solid starter structure:

  1. Email 1, immediately: Deliver whatever you promised (the discount, the guide, the confirmation). Introduce the brand in two sentences. One clear link.
  2. Email 2, day 2-3: Your story or your best content. Why the business exists, what makes the product different. No hard sell.
  3. Email 3, day 5-7: Social context or use cases — how people actually use the product. If you have no real testimonials yet, skip fake ones entirely and show the product instead.
  4. Email 4, day 8-10: A direct ask. Buy, book, reply, start a trial. One call to action, stated plainly.

Three to five emails is enough. Resist the urge to build a fifteen-email labyrinth before you have evidence anyone reads email three. Ship the short version, watch what happens, extend what works.

The compliance basics that are actually legal requirements

These are not best practices; they are law in most markets (CAN-SPAM in the US, GDPR in the EU, CASL in Canada):

  • A working unsubscribe link in every marketing email, honored promptly. Making people log in or email support to unsubscribe is both illegal in many jurisdictions and a guaranteed way to collect spam complaints instead.
  • A physical postal address in the footer. If you work from home and do not want your home address in every email, a registered agent address, virtual office, or PO box (where permitted) solves it.
  • Honest subject lines and sender names. "Re:" on an email that is not a reply, or fake forwarding chains, are deception and treated as such.
  • Only email people who opted in, and stop when they opt out.

Honest sending rules that keep you out of spam long-term

  • Warm up gradually. A brand-new domain blasting thousands of emails on day one looks exactly like a spammer. Start small and scale volume over weeks.
  • Watch complaints and bounces, not just opens. Complaint rates above a fraction of a percent will get you throttled. Remove hard bounces immediately.
  • Prune dead weight. If someone has not opened or clicked in months, send a re-engagement email, then stop mailing them. A smaller engaged list outperforms a large dead one on every metric that matters.
  • Clicks are the signal to trust. Open tracking has been unreliable since Apple began prefetching images in Mail; a recorded open may not mean a human saw anything. Judge flows by clicks and replies.
  • Keep a consistent cadence. Silence for three months followed by a burst of daily emails triggers both spam filters and unsubscribes.

Choosing tooling: dedicated platforms vs. an all-in-one

If email is your primary channel — you are a newsletter business, or a mature ecommerce brand running a dozen segmented flows — a dedicated email platform is the right call. You will want the deep segmentation, branching logic, and A/B tooling those platforms specialize in.

If you are a founder standing up a whole business and email is one of six things you need running, an all-in-one approach makes more sense. Kovaro takes that route: you describe your business in one sentence, and the AI builds the site, brand, store, and email flows together, then runs scheduled email series alongside social posting and analytics as part of daily operations. The same deliverability rule applies there as everywhere — email deliverability on Kovaro needs a verified sending domain, because no tool can make unauthenticated mail deliverable. There is a free tier with 300 starting credits to test the setup, and paid plans from $49/month with a 7-day trial.

The launch checklist

  1. Domain verified: SPF, DKIM, and DMARC all showing green in your email platform.
  2. Signup form live at one natural capture point, with an honest promise.
  3. Welcome flow of 3-5 emails, triggered on signup, spaced over roughly ten days.
  4. Unsubscribe link and postal address in every email footer.
  5. A test send to your own Gmail and Outlook accounts — confirm it lands in the inbox, not spam or promotions purgatory you did not expect.
  6. Volume ramped gradually, complaint and bounce rates checked weekly.

That is the whole system. A verified domain, a permission-based list, a short welcome sequence, and honest sending habits will outperform any amount of automation cleverness built on a foundation mailbox providers do not trust.