Email deliverability involves a specialised vocabulary that spans network protocols, cryptographic standards, ISP policies, and marketing analytics. This glossary defines the 100+ terms that appear in deliverability guides, ISP postmaster documentation, MTA accounting logs, and authentication specifications — providing clear definitions for both technical operators and marketing professionals navigating the deliverability landscape.
Authentication Terms: SPF, DKIM, DMARC, ARC, BIMI
ARC (Authenticated Received Chain) — RFC 8617. A chain of authentication records added by each email intermediary (mailing list, forwarding service, email gateway) that preserves the original authentication state through forwarding and re-delivery. Allows receiving servers to evaluate whether the original message was authenticated before forwarding, solving the DMARC failure problem for legitimate forwarded email.
BIMI (Brand Indicators for Message Identification) — An email specification that displays a brand's verified logo in the inbox next to the sender name in supporting email clients (Gmail, Apple Mail, Yahoo). Requires DMARC at p=quarantine or p=reject and a VMC or CMC certificate for Gmail display.
CMC (Common Mark Certificate) — A certificate type for BIMI that does not require a registered trademark, only proof of 12 months of public logo use. Enables Gmail and Apple Mail BIMI logo display without the trademark requirement of VMC. Less expensive than VMC (~$800-1,500/year vs $1,500-2,000/year).
DKIM (DomainKeys Identified Mail) — RFC 6376. An email authentication method that adds a cryptographic signature to outbound email headers and body. The receiving server verifies the signature against the public key published in DNS, confirming the email has not been tampered with in transit and that the signing domain authorises the message.
DKIM selector — The subdomain prefix used to locate the DKIM public key in DNS. A domain can publish multiple DKIM keys under different selectors (e.g., "mail._domainkey.domain.com", "mail2026._domainkey.domain.com"), enabling key rotation and multiple signing configurations.
DMARC (Domain-based Message Authentication, Reporting and Conformance) — RFC 7489. A policy framework that ties SPF and DKIM results together and instructs receiving servers how to handle messages that fail authentication alignment. DMARC policies: p=none (monitor only), p=quarantine (route to spam), p=reject (block delivery). Requires both a DMARC record and passing alignment from either SPF or DKIM.
DMARC alignment — The requirement that the From: header domain matches the domain that passes SPF or DKIM. SPF alignment: MAIL FROM domain matches From: domain. DKIM alignment: d= signing domain matches From: domain. DMARC requires alignment from at least one source.
DMARC aggregate reports (RUA) — XML reports sent by receiving ISPs to the rua= address in a domain's DMARC record. Reports summarise the volume, authentication results, and disposition of email claiming to be from the domain. Used to identify authentication failures and monitor compliance.
DMARC forensic reports (RUF) — Per-message reports sent to the ruf= address when individual messages fail DMARC evaluation. Contains partial or full message content for forensic analysis of authentication failures. Less commonly implemented by ISPs than aggregate reports.
DNSSEC (Domain Name System Security Extensions) — A suite of DNS extensions that adds cryptographic signatures to DNS records, protecting against DNS spoofing and cache poisoning attacks that could redirect email to attacker-controlled servers. Not yet universally required for email deliverability but increasingly recommended for financial and regulated domain environments.
FCrDNS (Forward-Confirmed reverse DNS) — A DNS consistency check where the sending IP's PTR record resolves to a hostname, and that hostname's forward DNS (A record) resolves back to the same IP. Strictly required by Microsoft 365 and increasingly enforced by other ISPs. Missing or broken FCrDNS is a common cause of SMTP connection rejection at corporate ISPs.
MTA-STS (Mail Transfer Agent Strict Transport Security) — RFC 8461. A mechanism allowing mail server operators to declare TLS support and require receiving MTAs to connect only via TLS, preventing downgrade attacks that could expose email in transit.
PTR record (Pointer record) — A reverse DNS record mapping an IP address to a hostname. Required for all commercial email sending IPs. The PTR hostname should match the EHLO/HELO hostname used by the MTA and resolve back to the same IP (FCrDNS).
SPF (Sender Policy Framework) — RFC 7208. An email authentication method that specifies which IP addresses are authorised to send email claiming to be from a specific domain. Published as a DNS TXT record. Evaluated by receiving servers at the SMTP MAIL FROM stage.
SPF permerror — An SPF evaluation result indicating the SPF record is invalid or causes more than 10 DNS lookups during evaluation. Treated as a neutral or negative signal by ISPs. The most common cause is exceeding the 10-lookup limit through nested include: mechanisms.
SPF flattening — The practice of replacing include: mechanisms in an SPF record with the explicit IP ranges they resolve to, reducing DNS lookup count to near zero and eliminating permerror from lookup limit violations.
TLS-RPT (TLS Reporting) — RFC 8460. A mechanism for receiving MTA TLS connection diagnostic reports at a specified address, enabling identification of TLS negotiation failures that prevent encrypted email delivery.
VMC (Verified Mark Certificate) — A BIMI certificate type requiring a registered trademark for the logo. Enables Gmail logo display and the Gmail verified checkmark (not available with CMC). Issued by DigiCert or Entrust. Costs ~$1,500-2,000/year.
Delivery and Reputation Terms
Bulk folder / Promotions tab — The secondary inbox folder where email clients route marketing and promotional email separate from the primary inbox. Gmail's Promotions tab is inbox placement (not spam), but engagement rates from the Promotions tab are lower than from the Primary tab.
Domain reputation — The reputation assessment assigned to a sending domain by ISPs based on the aggregate engagement signals (opens, clicks, complaints, spam trap hits) of email sent from that domain. Gmail Postmaster Tools domain reputation is expressed as High, Medium, Low, or Bad.
Engagement signal — Any recipient action (open, click, reply, move to primary inbox, mark as not spam) that ISPs use as input to their reputation models. Positive engagement signals improve sender reputation; negative signals (spam complaints, moves to junk folder) degrade it.
IP reputation — The reputation assessment assigned to a sending IP address by ISPs. IP reputation is separate from domain reputation — a domain with High reputation can have a new IP with no reputation history, and vice versa.
IP warming — The practice of gradually increasing email volume from a new IP address over several weeks, allowing ISPs to build a reputation assessment based on sending history before full production volume is reached. Required for any new dedicated sending IP.
Inbox placement rate — The percentage of delivered emails that reach the primary inbox (vs spam folder or other folders). Distinguished from delivery rate, which only measures whether the email was accepted by the receiving server, not where it was delivered within the mailbox.
Sender reputation — The aggregate reputation signal used by ISPs to determine inbox vs spam placement. Combines IP reputation, domain reputation, and content signals. High sender reputation = inbox; Low or Bad = spam folder or rejection.
Shared IP pool — A pool of sending IP addresses used by multiple senders simultaneously. ESP shared IPs mean co-tenant senders' complaint and bounce rates affect the shared pool's reputation, creating risk for all senders on the pool.
Dedicated IP — A sending IP address used exclusively by a single sender. Dedicated IPs mean the sender's own sending practices entirely determine the IP's reputation — no co-tenant risk, but also no pre-existing reputation from the ESP's shared pool warmup.
Bounce, Complaint, and Suppression Terms
Hard bounce — A permanent delivery failure caused by an invalid, non-existent, or permanently rejected email address. SMTP 5xx response code. Hard-bounced addresses must be immediately added to the global suppression list and never sent to again.
Soft bounce — A temporary delivery failure (full mailbox, temporary server unavailability). SMTP 4xx response code. The MTA retries soft-bounced messages for a configurable period. Persistent soft bounces from the same address over multiple attempts should be reclassified as hard bounces and suppressed.
Complaint / Spam complaint — An event generated when a recipient marks an email as spam or junk using their email client's "Report Spam" button. Spam complaints are the most damaging reputation signal — sustained complaint rates above 0.10% at Gmail cause progressive inbox placement degradation.
FBL (Feedback Loop) — A mechanism where ISPs forward spam complaint notifications to the sender via an ARF (Abuse Reporting Format) email. Major FBL providers include Yahoo JMRP (formerly Yahoo FBL), Microsoft JMRP, and various regional ISPs. Gmail does not provide individual complaint FBL but provides aggregate spam rate data in Postmaster Tools.
Spam trap — An email address used by blacklist operators, ISPs, or anti-spam organisations to identify senders with poor list hygiene. Types: pristine traps (addresses that never opted in to anything), recycled traps (abandoned legitimate addresses reclaimed for trap use), and typo traps (addresses at misspelled domain variants). Sending to spam traps generates blacklist listings.
Global suppression list — The master list of email addresses that must never receive email from the programme — containing all hard bounces, unsubscribes, FBL complaints, and manually suppressed addresses. Must be maintained and enforced across all sending systems and imported before any new list or platform is used.
Unsubscribe — A recipient's request to stop receiving email from the sender. Must be processed within 10 business days under CAN-SPAM (2 days recommended for MAGY compliance). One-click unsubscribe (RFC 8058) allows processing without requiring the recipient to visit a website.
ISP and Infrastructure Terms
MAGY — Abbreviation for Microsoft, Apple, Google, Yahoo — the four major consumer ISPs that collectively account for approximately 87% of commercial email delivery. MAGY bulk sender requirements (announced 2024-2025) set the minimum authentication and compliance standards for inbox delivery.
SNDS (Smart Network Data Services) — Microsoft's IP reputation monitoring portal providing daily data on complaint rates and spam trap hits for registered sending IPs. Essential for monitoring Microsoft 365 delivery and identifying IP-level reputation issues.
Postmaster Tools (GPT) — Google's domain reputation monitoring portal providing daily spam rate data, domain reputation tier, and authentication compliance status for registered sending domains. The primary monitoring tool for Gmail deliverability.
EOP (Exchange Online Protection) — Microsoft's cloud-based email filtering service that protects Microsoft 365 mailboxes. EOP applies spam filtering, malware scanning, and reputation-based filtering for all email delivered to Microsoft 365 tenants.
Spamhaus — The most influential anti-spam organisation and blacklist operator. Spamhaus maintains the SBL (spam block list), XBL (exploits block list), DBL (domain block list), and ZEN (combined list). Spamhaus blacklist listings affect delivery at virtually all major ISPs and corporate email gateways.
BRBL (Barracuda Reputation Block List) — Barracuda Networks' IP reputation blocklist, used by Barracuda email security gateways deployed at many corporate environments. BRBL listings cause delivery failures at Barracuda-protected organisations.
Cisco Talos / SenderBase — Cisco's threat intelligence platform that provides IP and domain reputation scores used by Proofpoint and other corporate email security gateways. Cisco Talos reputation scores (Good, Neutral, Poor, or Untrusted) significantly affect delivery at Proofpoint-filtered corporate environments.
List Management and Hygiene Terms
List hygiene — The ongoing practice of removing invalid, inactive, and complaint-prone contacts from the active email list. Includes hard bounce suppression, complaint suppression, spam trap removal, and engagement-based suppression of long-inactive contacts.
Email verification — The process of checking whether an email address is valid, deliverable, and not a known spam trap. Real-time verification checks the address at signup; bulk verification processes an existing list before a campaign. Verification services include NeverBounce, ZeroBounce, Kickbox, and Validity BriteVerify.
Double opt-in (DOI) / Confirmed opt-in (COI) — A list building practice that sends a confirmation email to new subscribers and only adds them to the active list after they click the confirmation link. Double opt-in produces higher list quality (lower bounce rates, higher engagement, lower complaint rates) than single opt-in at the cost of a smaller list size.
Sunset policy — A programme policy that automatically suppresses contacts who have not engaged (opened or clicked) for a specified period (typically 90-180 days). Sunset policies maintain list quality by removing disengaged contacts before they generate complaint signals during high-frequency sends.
Re-engagement campaign — A targeted campaign sent to disengaged contacts asking them to confirm they want to continue receiving email. Contacts who do not respond to re-engagement campaigns are moved to the suppressed/inactive list.
Co-registration — A list acquisition method where subscribers opt in to multiple email programmes simultaneously through a shared sign-up form. Co-registration typically produces lower engagement and higher complaint rates than organic opt-in because subscribers are less aware of the specific sender they are subscribing to.
Monitoring and Diagnostic Tool Terms
Seed testing — A deliverability monitoring technique that sends campaigns to a set of "seed" addresses at major ISPs and checks whether each seed address received the campaign in the inbox or spam folder. Seed testing tools include GlockApps, Mailability, Litmus Spam Testing, and Email on Acid.
Mail-tester.com — A free diagnostic tool that provides a multi-factor content and configuration score (0-10) for a test email, checking authentication, blacklists, content scoring, and HTML validity in a single report.
MXToolbox — A free and paid tool providing DNS record lookups, blacklist monitoring, email header analysis, and DMARC/SPF/DKIM validation. MXToolbox Monitor provides automated alerting for DNS record changes and blacklist listings.
Blacklist monitoring — The practice of continuously checking whether a programme's sending IPs and domains appear on any email blacklist. MXToolbox, Hetrix Tools, and similar services check against 100+ blacklists and alert on new listings.
SMTP and Technical Protocol Terms
SMTP (Simple Mail Transfer Protocol) — The protocol governing email transmission between mail servers. Operates on port 25 (server-to-server), port 587 (client submission with authentication), and port 465 (SMTPS, submission over TLS).
4xx response code — A temporary SMTP rejection (deferral) indicating the receiving server temporarily cannot accept the message. The sending MTA should retry after a delay. Common examples: 421 Too many connections, 450 Requested mail action not taken, 451 Requested action aborted.
5xx response code — A permanent SMTP rejection indicating the message will never be delivered to this recipient. The sending MTA should not retry and should classify the message as a hard bounce. Common examples: 550 User unknown, 551 User not local, 552 Mailbox full, 553 Mailbox name invalid.
EHLO / HELO — The command sent by the sending MTA to identify itself at the start of an SMTP conversation. The EHLO hostname should match the sending server's PTR record for FCrDNS compliance.
MAIL FROM — The envelope sender address specified in the SMTP transaction — distinct from the From: header visible to the recipient. Used for SPF evaluation. Also called the "return path," "envelope from," or "bounce address."
MTA (Mail Transfer Agent) — Software that transfers email between servers using SMTP. Commercial MTAs: PowerMTA, Message Systems Momentum. Open-source MTAs: Postfix, Exim, Sendmail. The MTA is responsible for SMTP connection management, queue management, retry logic, and authentication signing.
VMTA (Virtual MTA) — A logical sending identity within a single MTA instance, with its own IP address, sending domain, and configuration. PowerMTA supports multiple VMTAs, enabling IP pool separation and per-client configuration within a single PowerMTA installation.
Queue — The set of messages waiting to be delivered or being retried after temporary failure. MTA queue management controls include message hold, flush, delete, and priority adjustment.
TLS (Transport Layer Security) — Encryption protocol used to secure SMTP connections. TLS 1.2 and 1.3 are required for MAGY-compliant sending. Required for all SMTP connections carrying commercial email in 2026.
Campaign Metrics and Analytics Terms
Delivery rate — The percentage of sent emails that were accepted by the receiving mail server (not bounced). Delivery rate does not indicate inbox placement — delivered email may land in the spam folder.
Inbox placement rate — The percentage of delivered emails that reach the primary inbox rather than the spam folder, promotions tab, or other secondary folders. More useful than delivery rate for commercial programme performance evaluation.
Open rate — The percentage of delivered emails that generate an open event (tracking pixel load). In 2026, open rates are significantly inflated by Apple Mail Privacy Protection (pre-loading all images) and Gmail Gemini AI (auto-opening emails for summary generation). Open rate is less reliable as an engagement indicator than in previous years.
Click rate / Click-through rate (CTR) — The percentage of delivered emails that generate a click on a tracked link. Not affected by Apple MPP or Gemini AI pre-loading — clicks require human action and remain the most reliable engagement metric in 2026.
Click-to-open rate (CTOR) — Clicks divided by opens. Inflated by Apple MPP and Gemini AI which inflate the open denominator. A declining CTOR in programmes with significant Apple Mail audience is often a measurement artifact rather than an engagement quality change.
Unsubscribe rate — The percentage of recipients who click the unsubscribe link per send. A reliable human-action metric unaffected by MPP or AI pre-loading. Rising unsubscribe rate indicates frequency or relevance problems.
Spam rate — In Gmail Postmaster Tools, the percentage of messages per day that Gmail users mark as spam from the sending domain. Distinct from the complaint rate reported by FBL systems. The 0.10% threshold is Google's published maximum for MAGY-compliant senders.
Bounce rate — The percentage of sent emails that result in a bounce (hard or soft). Hard bounce rate and soft bounce rate are typically tracked separately because they have different implications and management responses.
ROI (Return on Investment) — For email, calculated as email-attributed revenue divided by total email programme cost (infrastructure, ESP fees, labour). Industry consensus: email generates $36-42 for every $1 invested when deliverability is optimised — the highest ROI of any digital marketing channel.
This glossary provides definitions for the terminology that appears throughout deliverability management, MTA operations, authentication configuration, and email analytics. Familiarity with these terms enables faster diagnosis of deliverability problems, clearer communication between technical and marketing teams, and more confident evaluation of the ISP documentation and deliverability tools that commercial email programmes depend on.