SPF (Sender Policy Framework) is a DNS record that tells receiving mail servers which servers are allowed to send email on behalf of your domain. Without it, your emails are far more likely to be marked as spam or rejected outright.
✕ Without SPF
Receiving servers have no way to verify the email is legitimate — high spam rate, frequent rejection
✓ With SPF
Your domain is verified as the authorised sender — significantly improved inbox placement
Add a TXT record to your domain's DNS. The exact value depends on where your email is hosted:
If using Google Workspace (Gmail)
Type: TXT
Name: @ (or your subdomain, e.g. hello)
Value: v=spf1 include:_spf.google.com ~all
If using Microsoft 365
Type: TXT
Name: @
Value: v=spf1 include:spf.protection.outlook.com ~all
Custom SMTP (e.g. your own mail server)
Type: TXT
Name: @
Value: v=spf1 ip4:YOUR.SERVER.IP.ADDRESS ~all
💡
Verify it works: Go to
mxtoolbox.com/spf.aspx, enter your sending domain, and confirm it passes. DNS changes can take up to 24 hours to propagate.
DKIM (DomainKeys Identified Mail) adds a digital signature to every email you send. Receiving servers use this signature to verify the message wasn't tampered with in transit and that it genuinely came from your domain.
DKIM is configured inside your email provider's settings — they generate a key pair and give you a DNS record to add.
1
Google Workspace: Admin Console → Apps → Google Workspace → Gmail → Authenticate email → Generate new record. Copy the TXT record and add it to your DNS.
2
Microsoft 365: Microsoft 365 Defender → Email & collaboration → Policies & rules → Threat policies → DKIM. Enable and copy the CNAME records to your DNS.
3
Custom SMTP: Your mail server or hosting panel (cPanel, Plesk, etc.) will have a DKIM section under Mail settings. Enable it and copy the generated TXT record.
DMARC (Domain-based Message Authentication, Reporting & Conformance) tells receiving servers what to do when an email fails SPF or DKIM checks. It also sends you reports so you can see if anyone is spoofing your domain.
Recommended starting record (monitoring only — won't block legitimate mail)
Type: TXT
Name: _dmarc
Value: v=DMARC1; p=none; rua=mailto:YOUR@EMAIL.COM
Once you're confident SPF and DKIM are working correctly
Type: TXT
Name: _dmarc
Value: v=DMARC1; p=quarantine; rua=mailto:YOUR@EMAIL.COM
p=none
Monitor only — no action taken on failed mail. Good starting point while you verify setup
p=quarantine
Failed mail goes to spam. Use once SPF + DKIM are confirmed working
p=reject
Failed mail is rejected outright. Use only when you're sure all legitimate sending is authenticated
💡
Verify: mxtoolbox.com/dmarc.aspx. Replace
YOUR@EMAIL.COM with a real address — Google and Microsoft send aggregate reports weekly so you can monitor who's sending as your domain.
This is one of the most important decisions before running cold outreach. Do not use your main business domain for cold email campaigns — if it gets flagged or blacklisted, it affects all your business email too.
✕ Avoid
Free providers (gmail.com, hotmail.com, yahoo.com) — spam filters heavily distrust cold outreach from these
△ Risky
Your primary domain (yourbusiness.com) — if blacklisted, it affects all your email including customer support and invoices
✓ Recommended
A dedicated outreach domain — e.g. helloyourbusiness.com, outreach.yourbusiness.com, or getyourbusiness.com
A dedicated domain keeps your primary domain's reputation clean. Register a variation of your brand name (like hellodataslug.com), set up a simple landing page on it, and configure SPF/DKIM/DMARC for that domain specifically.
🔑
Domain age matters. Brand-new domains have zero reputation with spam filters. Register your outreach domain at least 2–4 weeks before launching campaigns, and complete the warm-up process below before sending at volume.
Email providers build a sender reputation over time based on engagement (opens, replies) and complaint rates. Sending hundreds of emails from a brand-new domain immediately will trigger spam filters and likely get you blacklisted.
1
Week 1: Send 5–10 emails per day. These can be real outreach or test emails to accounts you control. Aim for opens and replies to build a positive signal.
2
Week 2: Increase to 20–30 per day. Monitor your spam placement — send a test to a Gmail and Outlook account and check which folder it lands in.
3
Week 3–4: Increase to 50–80 per day. At this point your domain should have enough reputation to sustain higher volumes.
4
Ongoing: Dataslug already rate-limits campaigns to one email per minute (~60/hour). This pacing works well for a warmed-up domain and avoids burst-sending flags.
📈
Use a warm-up service for faster results. Tools like Instantly.ai, Lemwarm, or Mailreach automatically send and engage with emails between real inboxes to build your reputation. Many are free or low cost for the warm-up period.
Good authentication gets your email into the inbox — good copy gets it read and clicked. Here's what to focus on in your Service Description and Key Points.
Service Description — be specific about what you do:
✓
Name specific features, not vague benefits. Say "finds real email addresses and LinkedIn profiles" not "connects you with potential customers".
✓
Mention your free plan or trial if you have one — it lowers the barrier to clicking through.
✓
Describe who your ideal customer is — the AI uses this to personalise how it frames the pitch for each recipient's business type.
Spam trigger words to avoid in Key Points:
free money
guaranteed
click here
limited time offer
act now
no credit card required
earn money
winner
risk-free
100%
These phrases appear in a high proportion of spam and trigger content filters even when used legitimately.
Phrases that work better:
try it free
see how it works
no credit card needed
find your first leads
takes 30 seconds
free account
✎
Plain text outperforms HTML for cold outreach. A formatted email with logos and buttons looks like a newsletter blast. A short plain-text email looks like a real person reached out. Dataslug sends plain text — this is intentional.
Go through this before starting any campaign.
✓
SPF record is published on your sending domain and passes at mxtoolbox.com/spf.aspx
✓
DKIM is enabled in your email provider and the DNS record is live
✓
DMARC record is published — at minimum p=none with a reporting address
✓
Sending domain is not your primary business domain — use a dedicated outreach domain
✓
Domain is at least 2 weeks old and has been through a warm-up period
✓
Landing page exists on your sending domain so recipients can verify it's legitimate
✓
SMTP credentials entered in Dataslug are for the same domain you're sending from
✓
Service description names specific features, not vague claims
✓
Key points do not contain spam trigger words
✓
Test email sent to a personal Gmail and Outlook — confirm it lands in inbox, not spam
✓
Ready to launch your campaign?
Search for your target businesses, set up your outreach, and let Dataslug handle the sending.
Start searching →