Provider deliverability · Gmail (personal @gmail.com inboxes)
Why are my emails going to spam in Gmail?

By Samuel Chenard · CEO & Co-Founder, Palisade · Reviewed July 17, 2026
Gmail spam-folders outbound mail for four main reasons: SPF, DKIM, or DMARC is missing or unaligned under Google's Email sender guidelines; your user-reported spam rate crossed 0.3%; your domain reputation in Google Postmaster Tools is Low or Bad; or you send bulk mail without one-click unsubscribe. Fix authentication first; everything else builds on it.
The 30-second check
Gmail's first gate is authentication, and it is the one you can fix today. Run the domain you send from through the free DMARC checker below: it shows whether your SPF, DKIM, and DMARC records exist, whether they can align with your From domain, and what policy you are currently asking Gmail to apply.
Check your domain now
Enter your sending domain and the check runs instantly on the next page. Free, no signup.
Why Gmail is blocking your email
| Likely cause | What's happening |
|---|---|
| SPF or DKIM is missing, or passes without alignment | Since February 2024, Google's Email sender guidelines require every sender to authenticate with SPF or DKIM; per Google, unauthenticated messages "might be marked as spam or rejected" (checked 2026-07-17). Alignment matters too: a DKIM pass on your email platform's default domain (like sendgrid.net) does nothing for the domain in your From header, so the mail still reads as unauthenticated for reputation purposes. |
| Your user-reported spam rate crossed Google's line | Google publishes two numbers: keep the spam rate reported in Postmaster Tools below 0.10%, and avoid ever reaching 0.30% or higher. The rate is calculated daily, and since June 2024 bulk senders above 0.30% are ineligible for mitigation until the rate holds below 0.30% for seven consecutive days. Enough recipients pressing Report spam will bury an otherwise perfectly authenticated stream. |
| Your domain reputation in Postmaster Tools is Low or Bad | Google grades sending domains Bad, Low, Medium, or High. Its own definitions: Low means mail is "likely to be marked as spam", Bad means it is almost always marked as spam or rejected. Reputation attaches to the domain that passes DKIM (or SPF if DKIM is absent), so it follows your domain across IPs and email providers. |
| You crossed the bulk-sender bar without the bulk-sender extras | Sending close to 5,000 messages or more to personal Gmail accounts within 24 hours makes you a bulk sender, counted across the whole primary domain (2,500 from yourdomain.com plus 2,500 from promo.yourdomain.com meets it). Bulk senders need SPF and DKIM together, a DMARC record, From-domain alignment, and one-click unsubscribe on marketing mail; missing any of these sends you to spam. |
| Infrastructure basics fail: PTR records or TLS | The guidelines require valid forward and reverse DNS: your sending IP must match the IP of the hostname in its PTR record, and mail must be transmitted over TLS. Hand-built servers and direct-to-MX senders on generic cloud IPs fail this constantly, and Gmail filters them before content is even weighed. |
| No sending history: a new domain or a sudden volume spike | Gmail builds reputation from observed traffic, and a domain with no history gets no benefit of the doubt. A cold start at full volume, or an established domain that suddenly multiplies its output, gets spam-foldered until the pattern proves out. Google publishes no warm-up schedule or numbers, so ramp gradually and watch Postmaster Tools. |

How to fix it, step by step
Check the sending domain's DMARC, SPF, and DKIM in one pass
Run your From domain through the free DMARC checker above (or at /tools/dmarc). It shows whether all three records exist, what your DMARC policy currently orders receivers to do, and where alignment can break, so you fix the record Gmail is actually failing you on.
Authenticate and align every service that sends as your domain
Add each platform's documented include or IP range to your SPF record, then enable DKIM signing with your own domain at each service instead of the provider default. Google's bar for bulk senders is an aligned pass: the SPF or DKIM domain must share the organizational domain of your From header. Verify with /tools/spf and /tools/dkim.
Verify your domain in Google Postmaster Tools
Sign in at postmaster.google.com with any Google account, add your SPF or DKIM domain, and verify it with the DNS TXT record Google gives you. Until the domain is verified, the dashboards stay empty; after it, you get Google's own daily read on spam rate, domain reputation, authentication, and delivery errors.
Drive the spam rate under 0.10%
Cut recipients who never engage, honor unsubscribes immediately, and stop mailing purchased or scraped lists. Google's guideline is a rate below 0.10% with 0.30% as the hard ceiling; if you're a bulk sender who crossed 0.30%, you need seven consecutive days below it before Google will even consider mitigation again.
Add one-click unsubscribe if you send bulk
Marketing and subscribed messages from bulk senders must carry the RFC 8058 headers: a List-Unsubscribe header with an HTTPS URL and List-Unsubscribe-Post: List-Unsubscribe=One-Click. Most reputable email platforms add both when you switch the feature on; confirm in a sent message's raw headers.
Re-test at a Gmail mailbox, then keep DMARC reports flowing
Send a test to a personal Gmail address, open Show original, and confirm spf=pass, dkim=pass, and dmarc=pass with your own domain named. Then watch DMARC aggregate reports weekly: the next unauthenticated service, or the next spoofer forging your domain, shows up in a report before it becomes a deliverability problem.
Related free tools: SPF checker · DKIM checker · Domain reputation · Email security score
If you send in volume: Gmail's published rules
Since February 1, 2024, Google's Email sender guidelines require senders of close to 5,000 or more daily messages to personal Gmail accounts to pass both SPF and DKIM, publish a DMARC record (an enforcement policy of p=none is accepted), align the From domain with the SPF or DKIM domain, support one-click unsubscribe (RFC 8058) on marketing and subscribed mail, and keep the Postmaster Tools spam rate below 0.30% with 0.10% as the working guideline. The 5,000 count aggregates all mail from the same primary domain, subdomains included. Enforcement is documented as gradual and progressive, ranging from spam-foldering to temporary or permanent failure codes (per Google's sender FAQ, checked 2026-07-17). Below 5,000 a day you still need SPF or DKIM, valid PTR records, TLS, and the same spam-rate ceiling.
Check your standing with Gmail
- Google Postmaster Tools
Google's own daily dashboards for your domain: user-reported spam rate, domain and IP reputation, authentication success, and delivery errors. Free; verify your domain with a DNS TXT record.
- Postmaster Tools setup guide
Google's setup steps. Note the scope: dashboards cover mail sent to personal @gmail.com and @googlemail.com accounts only, not Google Workspace recipients.
- Email sender guidelines
The requirements document itself: authentication, spam-rate thresholds, one-click unsubscribe, and infrastructure rules for all senders and bulk senders.
Bounce codes you may be seeing
Blocks in this cluster surface as specific SMTP codes. Match yours below; the linked guides cover each code's verbatim provider messages and full fix.
- 550 5.7.26 (unauthenticated email is not accepted): Gmail's outright rejection when mail fails SPF and DKIM; spam-foldering is the softer stage of the same enforcement Full guide →
- 550 5.7.1: Gmail's policy rejection, seen when Google blocks the mail instead of filing it to spam Full guide →
- 421 4.7.0: temporary deferral for suspicious traffic or rate limits, common while your reputation is poor Full guide →
The real root cause: unenforced authentication
Gmail's spam folder is a reputation verdict, and reputation starts with identity. Unaligned or unauthenticated mail scores badly, badly scored mail lands in spam, spam-foldered mail collects more Report spam clicks, and the rising complaint rate drags your Postmaster reputation from Medium to Low to Bad, where even clean campaigns get filtered. Worse, while DMARC sits at p=none, forged mail using your domain is still delivered, which erodes recipient trust and pollutes your DMARC reports. The way out is to make authentication a settled fact: SPF and DKIM for every sending service, DMARC aligned on the From domain, and a policy enforced at p=reject so receivers can discard spoofed mail outright. Monitoring tells you which senders are failing; enforcement is what makes the reputation recover and stay recovered.
Enforce it — don't just monitor it
Palisade's AI agent takes domains all the way to enforcement: hosted SPF, DKIM, DMARC, and MTA-STS records, DMARC reports monitored continuously, and policies advanced to p=reject automatically. Your first domain is free, and the full product is open for 15 days, no card.
Free 15-day trial · No credit card · Your own domain free forever (NFR)
Fixing this across every client domain
One domain stuck in Gmail's spam folder is an afternoon of DNS work; a client fleet drifting there is a quarter of lost deliverability tickets, because Google scores every domain separately and each one needs SPF, DKIM, DMARC, Postmaster verification, and list hygiene of its own. Palisade does the authentication layer once per fleet: it hosts and manages the SPF, DKIM, DMARC, and MTA-STS records for every client domain, surfaces failing and unauthorized senders from DMARC reports before they dent the spam rate, and walks each domain to p=reject automatically. Tickets land in ConnectWise, HaloPSA, or Autotask through native PSA integrations, pricing is per domain ($9, dropping to $7 at 100+ and $5 at 1,000+), and your own MSP domain is a free NFR domain to prove it on.
Frequently asked questions
Related guides
550 5.7.26550 5.7.1421 4.7.0p=rejectadkim / aspfp=noneinclude: