For lead generation, cold email gives you a high return on your investment of time and money. But sending cold emails without proper setup is a recipe for trouble. To land in the inbox, you need to complete four steps we outline below.
Let’s look at what’s required, why, and how to set it up.
Deliverability Is Key
Success with email hinges on your ability to show up in the prospect’s inbox. But hitting “Send” doesn’t guarantee that will happen.
Email servers have identified certain elements that make an email look like SPAM: a new email domain, high bounce rates, link tracking, shortened URLs, and a poor reply rate to name a few.
To avoid your emails landing in the spam folder, you need to do some setup on the backend before you start sending emails.
Sending Cold Emails: Best Practices
Here are a few tips for getting your cold email campaign the best chances of success.
Step 1: Use a separate domain name for cold emails
Cold emails are sent to people uninvited. As a result, there’s a higher chance they’ll be marked as spam. If you’re using your primary email account in these campaigns, you’ll hurt your reputation among email services. Your emails will be blocked by spam filters.
We recommend getting a new domain (or subdomain) just for your cold email campaigns. The key is to make sure you use a domain that’s similar enough, it doesn’t set off people’s trust alarms.
A few ways to do that. Let’s assume your primary domain is business.com. You might buy one of these related domains:
You might also set up a subdomain: email.business.com.
You may also need to set up several domains, because over time, people will mark your emails as spam (yes, it does happen) and your deliverability will begin to suffer.
Step 2: Set up SPF, DKIM, and DMARC
You may be tempted to skip this step, because, frankly, it’s technical and seems complicated. But setting up SPF, DKIM, and DMARC validates your emails. That improves your reputation and deliverability, because it’s clear when someone is spoofing or hacking your emails.
SPF (Sender Policy Framework)
SPF is an email authentication protocol that specifies the email servers you’ve authorized to send emails, say Gmail or ConvertKit.
Every email service provider provides a snippet of text for your SPF record. You’ll need to add this text to your DNS at your domain provider.
For example, if you only send emails from Google Workspace, use this text:
v=spf1 include:_spf.google.com ~all
The first bit, “v=spf1 include:” starts the record.
The middle bit is the SPF record for any and all servers you use. “_spf.google.com” is used for Google Workspace. If you send from another email service, you’ll need to ask them for their SPF record, and you’ll add that after Google’s and before the “~all.”
You should only enter one SPF record to your DNS. All approved servers will go in this one record.
DKIM (Domain Keys Identified Mail)
DKIM adds a digital signature to your emails, so it’s clear it came from you. This prevents spoofing and keeps your emails out of the spam folder.
If your domain provider is Google Domains, Google automatically creates a DKIM key, and adds the key to your domain’s DNS records when you set up Google Workspace. Go directly to Turn on DKIM in your Admin console to set it up.
A DKIM record is a TXT or CNAME record published in the DNS on your domain, under _(selector).domainkey.yourdomain.com. In this record, “yourdomain.com” is your actual domain or subdomain.
To generate your DKIM record for any third-party email delivery service:
- Log into the dashboard.
- Go to Setting > Sender Authentication.
- Choose your DNS host and enter the domain you want to authenticate.
- You’ll be given two DKIM records: s1 and s2.
- Copy these records and add them to your DNS.
DMARC is another authentication method that tells receiving servers what to do with emails that don’t pass SPF or DKIM.
DMARC records have several tags: v, p, rua, fo, pct, and ruf. The most important are v, p, fo, and rua.
The V tag specifies the version of DMARC.
The P tag specifies the action that should be performed if DMARC fails. For this tag, you have three options:
- None – take no action
- Quarantine – add to the receiver’s junk folder
- Reject – don’t allow emails that fail DMARC to be delivered
The FO tag generates a forensic report containing details of a failed authentication.
The RUA tag names the email address for DMARC reports.
When you put these tags together, your DARC might look like this:
v=DMARC1; p=reject; rua=mailto:[email protected]
A DMARC checker like MXToolbox will check your DNS records to see if you’ve already got this record. Enter your domain name, and click “DMARC Lookup.” If they don’t find a DMARC record, you’ll need to create yours.
- In your DNS, click “Add record.”
- Select TXT as the record you want to create.
- Name the record _dmarc. (Include the period at the end.)
- Paste this record: v=DMARC1; p=none; fo=1; rua=mailto:[email protected]
- Change the email address to yours.
- Click “Save.”
Step 3: Warm up your email domain
A new domain doesn’t have a reputation, good or bad. But most email servers are suspicious of new emails — they know spammers sign up for new domains and blast a few thousand emails before they’re shut down.
Warming up a new domain takes time (something spammers won’t do), and it shows that the email is being used properly, for communication and engagement.
To warm up your new email:
- Send your first email to a friend and ask them to reply.
- Send a handful of emails to people you know. Let them know you’re warming up your email, and ask them to reply.
Now you’re ready to begin sending cold emails, but you need to go slow. Start with five to 10 emails per campaign, slowly increasing the number of emails per campaign to 20 and then 50.
It can take three months to warm up your email domain, so be patient. In the long run, it will save you time and money — you’re much less likely to burn up this domain and need to purchase another.
Step 4: Create a signature that identifies who you are
You may be world-famous in your circles, but you need to assume cold email recipients have never heard of you before. Use an email signature that includes your name, company, and any other helpful information.
This is key, because legally, emailers are required to identify who they are and to have a legitimate reason for emailing. A good signature leaves no doubt about who you are. The body of your email will explain why you’re reaching out.
Email deliverability is key to cold outreach success. But it doesn’t happen by accident. Before sending cold emails, you need to do some technical setup to validate your email.
Here’s your checklist:
- Get a distinct domain for sending cold emails.
- Set up SPF, DKIM, and DMARC records on your DNS.
- Warm up your email address and domain.
- Create a professional signature.
Do that, and you should see good results on your campaigns.