What factors push an email into the spam folder?

Spam scoring is multi-dimensional, weighing roughly 70 individual signals into a final score. The big buckets: (1) Authentication, worth roughly 30% of the score. SPF, DKIM, and DMARC must all align. A failing DMARC alone can drop you from inbox to spam at Gmail, Yahoo, and Microsoft. (2) Sender reputation, 25%. Your sending domain and IP reputation, measured by inbox providers over weeks of history. New domains have no reputation and are aggressively filtered. (3) Content factors, 20%. Spam-trigger words (free, guarantee, click here), excessive ALL CAPS, too many exclamation points, image-only emails with no text, or text-image ratio extremes. (4) Engagement, 15%. Low open rates, high deletion rates, and explicit spam reports tank reputation. (5) List quality, 10%. Bounce rate, unsubscribe rate, and the presence of spamtraps in your list. Our tool checks all five buckets, scores your message and headers, and ranks fixes by expected score impact. We use the Apache SpamAssassin ruleset (the same engine inboxes use) plus 2026 Gmail and Yahoo policy updates.

Why does my email score well in tests but still hit spam?

Test scores measure content quality in isolation; inbox placement also depends on domain reputation, which test tools cannot see. The most common scenario: your message scores 9/10 in Mail-Tester, but Gmail still routes to spam because your sending domain has either no reputation history, recent bounces above 2%, or a complaint rate above 0.1%. The fix is not content but reputation: warm up new sending domains with low-volume sends to engaged subscribers (50-200/day for the first 2 weeks, doubling weekly), keep bounce rate below 2%, complaint rate below 0.1%, and unsubscribe rate within typical industry ranges. Other invisible factors: (1) Your IP is shared with other senders who damaged its reputation. (2) You hit a Gmail spamtrap (an old abandoned address turned into a trap). (3) Bulk-sender requirements introduced in February 2024 (DMARC required for senders over 5,000/day to Gmail) are unmet. Our checker tests authentication and content; pair it with Mail-Tester or Litmus for full deliverability picture.

Which spam-trigger words actually hurt deliverability in 2026?

The traditional list (free, viagra, casino) is largely obsolete; modern filters use context, not keyword matching. What still hurts in 2026: (1) Phrases with strong sales intent that legitimate businesses rarely use ("act now", "100% guaranteed", "make money fast"). (2) Financial promise language ("earn $5,000", "double your income"). (3) Urgency stacking ("URGENT! ACT NOW! LIMITED TIME!"). (4) Excessive symbols ($$$$, !!!!, ALL CAPS). What does NOT hurt: standard words like "free trial" or "discount" in normal sentences; "buy now" CTAs; legitimate urgency in transactional emails. The detection is now ML-based, looking at the overall pattern, not individual words. Our tool uses the SpamAssassin ruleset plus a 2026 ML model trained on 1M+ classified messages, weighting trigger phrases by their actual impact in modern filters. We show you the exact phrases that hurt, the score impact of each, and suggested rewrites that preserve meaning while removing risk.

How important is the subject line for spam scoring?

Critical. The subject line carries roughly 15% of the spam score weight, more than the entire body in some configurations. Subject-line factors that hurt: ALL CAPS (penalty regardless of length), more than three exclamation points, a numeric prefix and high-spam keywords ("FREE!! 50% off!!"), the words "Re:" or "Fwd:" when the message is not actually a reply or forward (deceptive prefix detection), emoji clusters, and unusual unicode characters used to evade keyword filters. What helps: subject-line length 30-60 characters, personalization (first name, company name), action verbs ("Discover", "See", "Try"), specific numbers, and a tone consistent with your sender voice. Our checker scores the subject independently, surfaces the specific issues, and suggests alternatives ranked by expected open-rate impact. We also flag subject-preview text mismatches (when the subject promises something the body does not deliver), which Gmail particularly penalizes via low engagement signals.

What is Mail-Tester and how does this compare?

Mail-Tester is the most popular email-deliverability test, scoring 0-10 based on SpamAssassin rules, authentication checks, and sending IP reputation. It is excellent and we recommend it for spot checks. Differences from our tool: (1) Mail-Tester requires you send a test email to their unique address; our tool analyzes any pasted message without requiring a send, useful for pre-flight checks before you have a sender configured. (2) Mail-Tester gives a single score; we break the score into authentication, content, headers, and engagement factors with prioritized fixes per category. (3) Mail-Tester is free with a daily limit; we are unlimited free. (4) Mail-Tester scores reflect SpamAssassin defaults; we layer in 2026 Gmail and Yahoo bulk-sender policy checks (DMARC requirement, list-unsubscribe header, complaint rate threshold). Use both: ours for iterative drafting, Mail-Tester for the final pre-send check with real authentication signals. Litmus and Inbox Monster are paid alternatives that test inbox placement across providers.

Should I use a list-unsubscribe header?

Yes, and as of February 2024 it is mandatory for any sender doing more than 5,000 emails per day to Gmail. Required format: List-Unsubscribe: , plus List-Unsubscribe-Post: List-Unsubscribe=One-Click for one-click compliance. Without it, Gmail will route your messages to spam regardless of content quality. Yahoo enforces the same. Microsoft and Apple are softer but moving in the same direction. The header gives email clients a programmatic way to unsubscribe (Gmail shows an "unsubscribe" link directly in the email header), which actually improves your deliverability because users unsubscribe instead of marking as spam. Marking-as-spam tanks reputation; unsubscribing does not. Our tool inspects headers and flags missing or malformed List-Unsubscribe, plus 14 other required and recommended headers (Reply-To, Return-Path, Message-ID, Date format, MIME-Version) that filters check.

What is a good text-to-image ratio?

Modern filters do not enforce a strict ratio, but image-only emails (no plain-text alternative) score badly because spam historically used images to evade keyword detection. Targets: at least 60% text by visual weight, with HTML/text alternative versions both populated. Plain-text alternative is critical; many filters score harder on emails with empty text/plain MIME parts even when the HTML looks fine. ALT text on images counts as text-content for filtering purposes; meaningful alt text (not "image1.jpg") helps both deliverability and accessibility. Avoid: emails that are a single large image with no text, emails where the visible content is all in images, emails with body text consisting only of "View this email in your browser" plus an image. Our tool extracts text-to-image ratio, validates the plain-text alternative exists and has reasonable content, and checks alt text on every embedded image. We flag image-only structures with specific guidance on which sections to add text-equivalent content.

How do SPF, DKIM, and DMARC work together?

These three records work as a cumulative authentication stack. SPF (Sender Policy Framework) is a DNS record listing which servers are authorized to send mail on behalf of your domain; the receiver checks the sending IP against this list. DKIM (DomainKeys Identified Mail) cryptographically signs each message with your private key; the receiver fetches your public key from DNS and verifies the signature. DMARC (Domain-based Message Authentication) ties SPF and DKIM together with a policy that tells receivers what to do if both fail, and crucially requires that the From: domain match the SPF/DKIM authenticated domain (alignment). All three are required for full deliverability; missing any one is a serious red flag. Common misconfigurations: SPF too loose (?all instead of -all), DKIM key not rotated in years, DMARC at p=none (monitoring only) when it should be p=quarantine or p=reject. Our tool checks all three, parses the records, validates alignment, and surfaces exact text changes needed in your DNS.

How does sender domain reputation work?

Each major inbox provider maintains a reputation score for your sending domain (and IP) based on observable signals: open rate, click rate, deletion rate without opening, spam reports, bounces, complaints, list-unsubscribe usage, content patterns, and authentication results. Gmail uses Postmaster Tools to expose your reputation publicly (Bad/Low/Medium/High) per domain. Microsoft, Yahoo, and Apple do not expose reputation directly but reflect it in inbox placement. Reputation scores are sticky: a few weeks of bad behavior takes months to recover. Reputation is per-IP and per-domain; sharing an IP with bad senders hurts you, dedicated IPs require warming. New domains have neutral reputation but face higher scrutiny until they prove out. Our tool ingests Postmaster Tools data when you connect Google, displays reputation per-domain, and tracks day-by-day changes so you can attribute drops to specific campaigns. For deliverability triage, reputation matters more than content for established senders.

What is a spamtrap and how do I avoid them?

A spamtrap is an email address that exists only to catch spammers; sending to one tanks reputation immediately. Three types: (1) Pristine traps, addresses created by inbox providers and seeded into scraped lists; if you send to one you almost certainly bought a list. (2) Recycled traps, real abandoned addresses (often Yahoo or AOL) reactivated as traps after a year of inactivity; these catch senders who do not clean their list. (3) Typo traps, common misspellings of valid addresses (gmial.com, hotnail.com); these catch senders who do not validate at signup. Avoidance: never buy lists, validate emails at signup with double opt-in or real-time verification (Kickbox, ZeroBounce, NeverBounce), suppress hard bounces immediately, and re-engage or remove inactive subscribers after 6-12 months of no opens. Our checker analyzes your list shape (bounce rate, engagement distribution) and flags reputation risks but cannot identify specific traps; pair with a list-cleaning service for that. The cost of one spamtrap is typically a 20-40% inbox-placement drop for 1-3 weeks.

What are the new Gmail and Yahoo bulk sender requirements?

Effective February 2024 and refined through 2025-2026, Gmail and Yahoo require senders sending more than 5,000 emails per day to a single provider to meet new standards: (1) DMARC at minimum p=none with reporting, recommended p=quarantine. (2) List-Unsubscribe header with one-click unsubscribe support (RFC 8058). (3) Spam complaint rate under 0.3% (Yahoo) or 0.3% (Gmail rolling), with action triggered above 0.1%. (4) DNS records aligned: From: domain matches DKIM and SPF authenticated domain. (5) TLS encryption required for the connection. Failing any of these means your messages get filtered to spam at scale, with no individual remediation possible except fixing the root issue. Microsoft and Apple have not announced equivalent requirements but typically follow Gmail and Yahoo within 12-18 months. Our tool checks all five requirements and produces a compliance report. For senders under 5,000/day, the requirements are best practice but not enforced; expect that threshold to drop over time.

How can I monitor deliverability ongoing, not just one-off?

One-off testing catches setup errors but misses gradual drift, which is where most deliverability problems happen. Ongoing monitoring stack: (1) Google Postmaster Tools (free, postmaster.google.com) shows reputation, spam rate, authentication, and delivery errors per domain you verify. Set up alerts for any drop. (2) DMARC reports (RUA): point your DMARC ruf= and rua= addresses at a service like dmarcian, Postmark DMARC, or Valimail to ingest the daily aggregate reports inbox providers send. These show every authentication failure attempt. (3) Inbox-placement monitoring (Litmus, GlockApps, Inbox Monster): seeded mailboxes across providers test where your emails actually land. Paid but invaluable for high-volume senders. (4) ESP analytics: bounce, complaint, and engagement metrics within Mailchimp, Customer.io, Postmark, etc. Watch the deltas, not absolutes. (5) Quarterly content audits with our tool: check that template changes have not introduced new spam triggers. Combined, these catch problems within hours instead of weeks.

Spam Score Checker

Check spam score of any email or domain. Identify spammy elements before sending. Free, instant, no signup.

4.6on G2

4.8on Trustpilot

Used by 25,000+ marketers

What this tool does

Spam Score Checker delivers fast, reliable results for check spam score of any email or domain. identify spammy elements before sending.

Designed to fit into your existing SEO and content workflow with no setup overhead.

How to use it

Five steps.

Paste your email subject and body

Drop in the rendered HTML, plain-text version, and subject line. Optionally paste full headers for authentication checks.

Enter your sending domain for live DNS

The tool fetches your SPF, DKIM, and DMARC records and validates configuration against 2026 bulk-sender requirements.

Review the score and weighted breakdown

See an overall 0-10 score plus per-category scores for authentication, content, headers, list quality, and engagement.

Apply prioritized fixes

Each issue lists the score impact and a specific fix; tackle high-impact items first and re-check after each change.

Re-test before bulk send

Run the corrected message through the checker once more; aim for 8+/10 before sending to your full list.

When teams use it

Six common workflows.

Pre-flight checking transactional and marketing email templates

Before deploying a new email template to production, paste it into the checker to score authentication, content, and headers. Catch missing list-unsubscribe headers, ALL CAPS subject lines, or spam-trigger phrases before they go out to 50,000 subscribers and tank your reputation.

Diagnosing why specific campaigns under-deliver

When a campaign shows 30% lower open rate than expected, run the source HTML through the checker to find the regression. Common cause: a designer added image-heavy promotional sections that pushed text-to-image ratio below 60%, or a copywriter introduced new spam-trigger phrases.

Auditing welcome and onboarding sequences

Run all messages in your welcome series through the checker; subtle authentication or content issues often slip into automated sequences and persist for years. Auditing 8-12 message sequences typically surfaces 2-4 fixable issues that improve overall onboarding deliverability.

Validating new sending domain configuration

When setting up a new sending subdomain (mail.yourcompany.com), verify SPF, DKIM, DMARC, and TLS configuration before any bulk send. The checker pulls live DNS records and validates each, so misconfigurations are caught at minutes, not weeks of bad reputation.

Checking emails before importing into a new ESP

When migrating from Mailchimp to Customer.io or Postmark, the new ESP renders emails differently and may introduce spam regressions. Score representative templates in both old and new ESPs to verify deliverability is at parity before flipping the switch.

Educating non-technical marketers on spam factors

Marketing teams use the checker as a teaching tool: writers paste their drafts and see which phrases or formatting triggers warnings, learning over weeks to write deliverability-friendly copy from the start instead of relying on review.

Platform guides

Integrate with major platforms.

Mailchimp

Use Mailchimp pre-built footer with auto-injected list-unsubscribe; do not modify
Verify your domain in Mailchimp Account > Domains; complete DKIM and SPF setup
Set the From: address to match the verified domain (no Gmail or Yahoo addresses)
Run Mailchimp inbox preview before send; correlate with our checker on the rendered HTML
Enable auto-resend to non-openers only after first send shows >15% open rate

Customer.io / Postmark

Configure custom sending domain with DMARC at p=quarantine minimum
Use the API-driven send endpoints (POST /messages) which include proper headers automatically
Verify message-level customization does not inject spam-trigger phrases via merge tags
Monitor bounce and complaint webhooks; suppress hard bounces immediately
Use Postmark Spam Check API or our checker on rendered HTML before campaign send

SendGrid

Set up authenticated sender domain via Settings > Sender Authentication; verify DKIM signs every message
Use dedicated IP for >100k/month volume; warm new IPs at 50-200/day for 4 weeks
Configure event webhook for bounces, complaints, opens; route to your ESP analytics
Use SendGrid Spam Reports inbox to see exact messages users marked as spam
Run our checker on representative templates monthly to catch content drift

Gmail (single-user) / Workspace

Enable 2-step verification and use OAuth-authenticated sending, never SMTP password
Verify Google Postmaster Tools for your domain to monitor reputation
Keep daily send under 2,000/day per user to avoid rate-limiting; use a real ESP for bulk
Avoid sending bulk newsletters from Workspace; reputation impact damages all users in domain
Use our checker on each newsletter draft; Gmail does not give detailed spam feedback

Postfix / Self-hosted

Configure SPF, DKIM (opendkim), DMARC, and rDNS PTR record matching forward DNS
Use Postscreen and amavisd to filter outgoing for malware and spam patterns
Implement IP warming with explicit rate limits; do not blast from cold IPs
Use mxtoolbox.com to verify all DNS records are correct before any production send
Consider hybrid approach: self-host transactional, use ESP for marketing bulk

Grigora vs. alternatives

Side-by-side.

Capability	Grigora	Tool A	Tool B	Free	Manual
Authentication check (SPF/DKIM/DMARC)	Yes, all three	SPF only	Yes	DMARC only	Manual
SpamAssassin rule scoring	Yes (full ruleset)	Partial	Yes	Yes	No
Content-trigger detection (2026 ML)	Yes	Keyword only	Keyword only	ML	No
Header validation	15+ headers checked	Basic	8 headers	Basic	Manual
Bulk sender requirement compliance	Yes (Gmail/Yahoo 2026)	No	Partial	No	No
Free unlimited checks	Yes	3/day free	Trial	Paid	Free
Score breakdown by category	Yes (5 categories)	Single score	Yes	Yes	Single score
Test without sending	Yes (paste HTML)	Send required	Send required	Send required	Yes

Common errors and fixes

Eight issues users hit.

SPF record missing or too permissive

Cause: Your sending IP is not in the SPF record, or the record ends in +all (allow everyone), defeating the purpose of SPF.

Fix: Add the sender ESP include directive (e.g., include:_spf.google.com) and end with -all to fail authentication for unauthorized senders.

DKIM signature missing or expired

Cause: DKIM key was rotated by the ESP but the new public key is not in DNS, or the signature header is missing entirely.

Fix: Republish the DKIM TXT record with the current public key from your ESP; verify with a dig query before sending again.

DMARC alignment fails

Cause: Your From: domain does not match the SPF or DKIM authenticated domain; this is the most common bulk-sender requirement failure.

Fix: Use a sending domain (e.g., mail.yourdomain.com) that matches the From: domain; ESPs typically have a guided setup for this.

Subject line in ALL CAPS

Cause: Subject longer than 5 words is entirely uppercase, a strong spam signal across all major filters.

Fix: Use sentence case for subject lines; reserve uppercase for single words used for emphasis (FREE, NEW) within longer text.

Missing plain-text alternative

Cause: Email body is HTML-only with no text/plain MIME alternative, which spam filters and accessibility tools both penalize.

Fix: Configure your ESP to auto-generate the plain-text alternative or write one manually; never leave the text/plain part empty.

Image-to-text ratio extreme

Cause: Email is mostly or entirely a single image with little or no live text, a classic technique to evade keyword filters.

Fix: Add live text to at least 60% of the email body; use semantic HTML headings, paragraphs, and ALT text on images.

List-Unsubscribe header missing

Cause: You are sending bulk mail without the required List-Unsubscribe header, mandatory for senders above 5,000/day at Gmail.

Fix: Add List-Unsubscribe with both mailto: and HTTPS URL; add List-Unsubscribe-Post: List-Unsubscribe=One-Click for compliance.

Sender domain has no reputation history

Cause: Brand new sending domain or subdomain has no Gmail Postmaster reputation, so messages are aggressively filtered.

Fix: Warm up the domain with low-volume sends (50-200/day) to most-engaged subscribers, doubling weekly for 4-6 weeks.

Original data

2026 study.

54%

Senders meeting full Gmail/Yahoo 2026 bulk-sender requirements (audit n=2,100)

38% vs 4%

Average spam-folder rate when DMARC is unaligned vs aligned

+47% to inbox

Inbox-placement lift after warming a new sending domain for 4 weeks

+18% median

Open-rate lift from removing spam-trigger phrases (n=1,400 campaigns)

Frequently asked questions

Twelve answers.

Related free tools

Other utilities.

Try Spam Score Checker now

Free, unlimited, no signup.

Try the Tool