Provider deliverability · Gmail (personal @gmail.com inboxes)

Why are my emails going to spam in Gmail?

Samuel Chenard

By Samuel Chenard · CEO & Co-Founder, Palisade · Reviewed July 17, 2026

Gmail spam-folders outbound mail for four main reasons: SPF, DKIM, or DMARC is missing or unaligned under Google's Email sender guidelines; your user-reported spam rate crossed 0.3%; your domain reputation in Google Postmaster Tools is Low or Bad; or you send bulk mail without one-click unsubscribe. Fix authentication first; everything else builds on it.

The 30-second check

Gmail's first gate is authentication, and it is the one you can fix today. Run the domain you send from through the free DMARC checker below: it shows whether your SPF, DKIM, and DMARC records exist, whether they can align with your From domain, and what policy you are currently asking Gmail to apply.

Check your domain now

Enter your sending domain and the check runs instantly on the next page. Free, no signup.

Why Gmail is blocking your email

Likely causeWhat's happening
SPF or DKIM is missing, or passes without alignmentSince February 2024, Google's Email sender guidelines require every sender to authenticate with SPF or DKIM; per Google, unauthenticated messages "might be marked as spam or rejected" (checked 2026-07-17). Alignment matters too: a DKIM pass on your email platform's default domain (like sendgrid.net) does nothing for the domain in your From header, so the mail still reads as unauthenticated for reputation purposes.
Your user-reported spam rate crossed Google's lineGoogle publishes two numbers: keep the spam rate reported in Postmaster Tools below 0.10%, and avoid ever reaching 0.30% or higher. The rate is calculated daily, and since June 2024 bulk senders above 0.30% are ineligible for mitigation until the rate holds below 0.30% for seven consecutive days. Enough recipients pressing Report spam will bury an otherwise perfectly authenticated stream.
Your domain reputation in Postmaster Tools is Low or BadGoogle grades sending domains Bad, Low, Medium, or High. Its own definitions: Low means mail is "likely to be marked as spam", Bad means it is almost always marked as spam or rejected. Reputation attaches to the domain that passes DKIM (or SPF if DKIM is absent), so it follows your domain across IPs and email providers.
You crossed the bulk-sender bar without the bulk-sender extrasSending close to 5,000 messages or more to personal Gmail accounts within 24 hours makes you a bulk sender, counted across the whole primary domain (2,500 from yourdomain.com plus 2,500 from promo.yourdomain.com meets it). Bulk senders need SPF and DKIM together, a DMARC record, From-domain alignment, and one-click unsubscribe on marketing mail; missing any of these sends you to spam.
Infrastructure basics fail: PTR records or TLSThe guidelines require valid forward and reverse DNS: your sending IP must match the IP of the hostname in its PTR record, and mail must be transmitted over TLS. Hand-built servers and direct-to-MX senders on generic cloud IPs fail this constantly, and Gmail filters them before content is even weighed.
No sending history: a new domain or a sudden volume spikeGmail builds reputation from observed traffic, and a domain with no history gets no benefit of the doubt. A cold start at full volume, or an established domain that suddenly multiplies its output, gets spam-foldered until the pattern proves out. Google publishes no warm-up schedule or numbers, so ramp gradually and watch Postmaster Tools.
Flowchart titled Gmail spam placement: find the failing gate, with six connected boxes: failing SPF, DKIM, or DMARC headers means fix authentication first; a Postmaster Tools spam rate near 0.30% means cut non-engaging segments and hold below 0.30% for 7 days; Low or Bad domain reputation means keep sending clean authenticated mail; bulk marketing mail without one-click unsubscribe needs the RFC 8058 headers; a PTR mismatch or missing TLS needs reverse DNS and TLS fixed; a new domain or volume spike needs a gradual ramp watched in Postmaster Tools

How to fix it, step by step

  1. Check the sending domain's DMARC, SPF, and DKIM in one pass

    Run your From domain through the free DMARC checker above (or at /tools/dmarc). It shows whether all three records exist, what your DMARC policy currently orders receivers to do, and where alignment can break, so you fix the record Gmail is actually failing you on.

  2. Authenticate and align every service that sends as your domain

    Add each platform's documented include or IP range to your SPF record, then enable DKIM signing with your own domain at each service instead of the provider default. Google's bar for bulk senders is an aligned pass: the SPF or DKIM domain must share the organizational domain of your From header. Verify with /tools/spf and /tools/dkim.

  3. Verify your domain in Google Postmaster Tools

    Sign in at postmaster.google.com with any Google account, add your SPF or DKIM domain, and verify it with the DNS TXT record Google gives you. Until the domain is verified, the dashboards stay empty; after it, you get Google's own daily read on spam rate, domain reputation, authentication, and delivery errors.

  4. Drive the spam rate under 0.10%

    Cut recipients who never engage, honor unsubscribes immediately, and stop mailing purchased or scraped lists. Google's guideline is a rate below 0.10% with 0.30% as the hard ceiling; if you're a bulk sender who crossed 0.30%, you need seven consecutive days below it before Google will even consider mitigation again.

  5. Add one-click unsubscribe if you send bulk

    Marketing and subscribed messages from bulk senders must carry the RFC 8058 headers: a List-Unsubscribe header with an HTTPS URL and List-Unsubscribe-Post: List-Unsubscribe=One-Click. Most reputable email platforms add both when you switch the feature on; confirm in a sent message's raw headers.

  6. Re-test at a Gmail mailbox, then keep DMARC reports flowing

    Send a test to a personal Gmail address, open Show original, and confirm spf=pass, dkim=pass, and dmarc=pass with your own domain named. Then watch DMARC aggregate reports weekly: the next unauthenticated service, or the next spoofer forging your domain, shows up in a report before it becomes a deliverability problem.

Related free tools: SPF checker · DKIM checker · Domain reputation · Email security score

If you send in volume: Gmail's published rules

Since February 1, 2024, Google's Email sender guidelines require senders of close to 5,000 or more daily messages to personal Gmail accounts to pass both SPF and DKIM, publish a DMARC record (an enforcement policy of p=none is accepted), align the From domain with the SPF or DKIM domain, support one-click unsubscribe (RFC 8058) on marketing and subscribed mail, and keep the Postmaster Tools spam rate below 0.30% with 0.10% as the working guideline. The 5,000 count aggregates all mail from the same primary domain, subdomains included. Enforcement is documented as gradual and progressive, ranging from spam-foldering to temporary or permanent failure codes (per Google's sender FAQ, checked 2026-07-17). Below 5,000 a day you still need SPF or DKIM, valid PTR records, TLS, and the same spam-rate ceiling.

Check your standing with Gmail

Bounce codes you may be seeing

Blocks in this cluster surface as specific SMTP codes. Match yours below; the linked guides cover each code's verbatim provider messages and full fix.

The real root cause: unenforced authentication

Gmail's spam folder is a reputation verdict, and reputation starts with identity. Unaligned or unauthenticated mail scores badly, badly scored mail lands in spam, spam-foldered mail collects more Report spam clicks, and the rising complaint rate drags your Postmaster reputation from Medium to Low to Bad, where even clean campaigns get filtered. Worse, while DMARC sits at p=none, forged mail using your domain is still delivered, which erodes recipient trust and pollutes your DMARC reports. The way out is to make authentication a settled fact: SPF and DKIM for every sending service, DMARC aligned on the From domain, and a policy enforced at p=reject so receivers can discard spoofed mail outright. Monitoring tells you which senders are failing; enforcement is what makes the reputation recover and stay recovered.

Enforce it — don't just monitor it

Palisade's AI agent takes domains all the way to enforcement: hosted SPF, DKIM, DMARC, and MTA-STS records, DMARC reports monitored continuously, and policies advanced to p=reject automatically. Your first domain is free, and the full product is open for 15 days, no card.

Free 15-day trial · No credit card · Your own domain free forever (NFR)

Fixing this across every client domain

One domain stuck in Gmail's spam folder is an afternoon of DNS work; a client fleet drifting there is a quarter of lost deliverability tickets, because Google scores every domain separately and each one needs SPF, DKIM, DMARC, Postmaster verification, and list hygiene of its own. Palisade does the authentication layer once per fleet: it hosts and manages the SPF, DKIM, DMARC, and MTA-STS records for every client domain, surfaces failing and unauthorized senders from DMARC reports before they dent the spam rate, and walks each domain to p=reject automatically. Tickets land in ConnectWise, HaloPSA, or Autotask through native PSA integrations, pricing is per domain ($9, dropping to $7 at 100+ and $5 at 1,000+), and your own MSP domain is a free NFR domain to prove it on.

Frequently asked questions

Passing isn't the same as aligned: a pass on your email platform's domain does nothing for your From domain. If alignment checks out, the answer is reputation: open the spam rate and domain reputation dashboards in Google Postmaster Tools. Above 0.3% user-reported spam, Gmail filters you regardless of clean authentication.

Google's sender guidelines say to keep the spam rate reported in Postmaster Tools below 0.10% and to avoid ever reaching 0.30%. Since June 2024, bulk senders above 0.30% are ineligible for mitigation, and eligibility only returns once the rate stays below 0.30% for seven consecutive days (checked 2026-07-17).

Verify your domain in Google Postmaster Tools (free, done with a DNS TXT record) and open the domain reputation dashboard. Google grades senders Bad, Low, Medium, or High; Low means your mail is "likely to be marked as spam". The data covers personal @gmail.com accounts only, not Google Workspace recipients.

You're a bulk sender if you send close to 5,000 messages or more to personal Gmail accounts within 24 hours, counted across your whole primary domain: 2,500 from yourdomain.com plus 2,500 from mail.yourdomain.com meets the bar. Bulk senders need SPF and DKIM together, DMARC, and one-click unsubscribe.

Google publishes no recovery timeline. DNS fixes propagate in minutes to hours, but reputation moves on observed traffic, so plan for days to weeks of consistently clean sending. The one published number: a spam rate held below 0.30% for seven consecutive days restores mitigation eligibility. Postmaster Tools shows the trend daily.

Google only requires DMARC of bulk senders, and accepts a policy of p=none. Publish one anyway: DMARC reports show you every service sending as your domain and every forger abusing it, and an enforced policy protects the reputation this whole page depends on. Below the threshold you still need SPF or DKIM.

No. Google provides no per-message, sender-facing explanation. Your evidence is aggregate: the spam rate, domain reputation, and authentication dashboards in Postmaster Tools, plus Gmail's DMARC aggregate reports, which break down authentication results by source IP. Between those two you can usually isolate which mail stream or service drags you into spam.

Related guides

Email deliverability, fixed: the full guide