Content Scoring Systems and What Triggers Them in High-Volume Sending: 2026 Operator Guide

← Operational Notes

Content Scoring Systems and What Triggers Them in High-Volume Sending: 2026 Operator Guide

 February 9, 2025 ·  16 min read ·  Marek Novák

Content scoring in ISP filtering systems is widely discussed in email marketing circles, usually in the context of "spam words" to avoid. This framing is wrong. It has been wrong for at least a decade, and the gap between the folklore and the operational reality has widened since the February 2024 Gmail and Yahoo bulk-sender enforcement and the 2025 Gemini integration into Gmail. Modern content classifiers do not maintain static word lists that automatically penalise specific terms. They evaluate content patterns in the context of sender reputation, authentication, recipient engagement history, and cross-reference signals between subject line, preview, body, and the landing pages your links point to.

This note covers what content scoring actually looks at in 2026, what the relative weights are between different signals, and where operators should focus their content engineering work. It is written for senders running high-volume programmes (5,000+ messages per day to Gmail or Yahoo, which is the threshold at which bulk-sender requirements apply) where small content-evaluation differences compound across many messages and the deliverability impact is measurable. The intended reader is an operator or engineer making infrastructure-level decisions about content patterns rather than a marketer choosing subject lines.

15B+
Emails Gmail processes daily, with ML models updated hourly
5,000
Daily messages to Gmail/Yahoo at which bulk-sender requirements apply
87.2%
Gmail inbox placement average for compliant 2026 senders
22-34%
Spam-folder placement for non-compliant bulk senders post-enforcement

How content classifiers actually work in 2026

The mental model worth carrying is that modern content classifiers are machine-learning systems trained on enormous corpora of labelled email data. They are not rule-based engines. They do not have a list of "bad words" against which incoming email is checked. Gmail processes over 15 billion emails per day, with ML models updated hourly based on incoming engagement signals, complaint patterns, and the constantly shifting landscape of legitimate and abusive sending behaviour. The classifiers are pattern recognisers, and the patterns they recognise are statistical regularities in how spam content looks compared to how legitimate content looks.

This has several operational consequences. First, the same content can score differently for different senders depending on the sender's reputation history. A message that delivers to the inbox when sent from a high-engagement domain may route to spam when sent from a new or low-reputation domain, with no content changes between the two cases. The classifier is using reputation as conditioning context for content evaluation. Second, the classifiers respond to engagement signals in close to real time. A campaign that gets unusually high spam complaints in its first few hours can produce classifier updates that affect the subsequent sending in the same campaign, which is why operators sometimes see deliverability degrade within a campaign rather than across campaigns.

Third, the classifiers are adversarially trained. As spammers adapt to evade detection, the classifiers update to detect the new patterns. The result is that content patterns that worked for spam senders in 2020 do not necessarily work in 2026, and the historical "spam word" folklore that operators still circulate is largely the residue of patterns the classifiers learned to detect and then evolved past. Avoiding "free", "urgent", or "act now" in subject lines has near-zero operational benefit in 2026 because the classifiers no longer treat those specific words as strong signals; they look at the patterns those words historically indicated, which means the words themselves are at most weak proxies for what the classifier actually cares about.

Signal weight: what matters and what is folklore

The signal-weight diagram below summarises our 2024-2026 observations of which content factors actually move deliverability at high volume.

Content signal weights — relative impact on classifier scoring in 2026
URL/domain reputation
Very high
~30% weight
Authentication alignment
Very high
~25% weight
Subject-body trust gap
Substantial
~15% weight
Image-to-text ratio
Moderate
~10% weight
Header consistency / RFC compliance
Modest
~8% weight
List-Unsubscribe / one-click headers
Modest
~7% weight
"Spam words" / urgency language
Minor
~3% weight
All caps / excess punctuation
Minor
~2% weight

The percentages are approximate. They reflect operational pattern observation across multiple client deployments rather than published vendor data, which the ISPs do not provide. The directional shape of the chart, though, is consistent across what we see in production and what the public ISP postmaster documentation alludes to. The structural signals (URL reputation, authentication, subject-body alignment) dominate. The folklore items (spam words, all caps) contribute marginally at best.

Operators allocating limited content-engineering time should work through the chart from top to bottom. Fixing URL reputation produces large deliverability improvements. Removing the word "free" from subject lines produces small to undetectable improvements. The relative effort-to-benefit ratio strongly favours the structural signals.

URL and domain reputation as the dominant content signal

The most consistently impactful content signal is URL reputation. Receiving ISPs check every URL in an email against real-time reputation databases. A link to a domain that has been flagged for phishing, malware, or spam promotion negatively affects the message's classification regardless of the sender's reputation. The penalty is significant: a single bad URL can route an otherwise high-reputation message to spam.

The mechanics are mostly invisible to operators. Reputation databases include Spamhaus DBL, SURBL, URIBL, and several proprietary databases maintained by major receivers. URLs are checked against these databases at delivery time. The check happens before the message is delivered to the inbox. Operators who include third-party links (affiliates, syndicated content, partner links) effectively delegate part of their deliverability to those third parties, because their URLs are now subject to those third parties' reputation.

For high-volume senders using tracking links: the tracking domain's reputation is evaluated, not just the destination domain. A tracking domain that handles click events from multiple senders, including senders with lower list quality, accumulates URL reputation signals from all of them. Dedicated tracking domains per sender (or per traffic type) isolate this exposure. Using a tracking domain that is a subdomain of your primary sending domain connects the tracking URL's reputation to your brand domain's reputation, which can cut both ways depending on your domain's standing.

The operational pattern that protects URL reputation in 2026:

  • Per-sender tracking domains. No shared tracking domains across senders or programmes with different reputation profiles.
  • URL screening before send. Check destination URLs against reputation databases as part of send-time validation.
  • Redirect chain minimisation. Long redirect chains through multiple domains amplify URL-reputation exposure; minimise to direct destination where possible.
  • Affiliate link audit. Periodic review of affiliate destination domains for reputation issues; affiliate networks rotate their links and the URL you used last month may now point through a compromised intermediary.
  • Postmaster Tools monitoring. Google Postmaster Tools and Microsoft SNDS reveal when your URLs trigger reputation issues on the receiver side.

The trust-gap score and cross-reference signals

Modern content classifiers cross-reference message components against each other. They do not evaluate the subject line in isolation, nor the body, nor the linked landing pages. They look at the relationships between these components and penalise mismatches that look like the bait-and-switch patterns historically associated with low-quality bulk sending.

How classifiers cross-reference message components
Subject line

What is being promised?

Preview text

Does it extend or contradict subject?

Body content

Does it deliver on the subject?

Landing pages

Are linked destinations on-topic?

Inconsistencies across these layers produce a "trust gap" score that contributes negatively to classification

The principle is straightforward. A legitimate sender writing a marketing email about a sale typically has a subject line about the sale, preview text that introduces the sale, body content that explains the sale, and links pointing to landing pages about the sale. The components reinforce each other. A low-quality bulk sender promising one thing in the subject and delivering another in the body produces classifier penalties because the pattern is statistically associated with spam.

The practical content engineering implications:

Subject lines should describe what the body actually contains. Promising a percentage discount and then delivering a generic newsletter produces trust-gap penalties even if the recipient never marks the message as spam. The classifier sees the mismatch and counts it against the message. Similarly, preview text (the first ~90 characters often rendered after the subject in inbox previews) should extend the subject rather than introducing a new topic. Body content should deliver on the subject; landing pages should match the body's topic.

The trust-gap signal explains a class of deliverability problems that operators sometimes find mysterious: campaigns where the content seems fine in isolation but the deliverability is poor. The fix is usually content alignment across the layers rather than changes to any one layer individually.

Common trust-gap pattern that fails

The most common pattern we see fail is teaser-style subject lines combined with generic body content. A subject like "Your account requires attention" sounds urgent and specific; the body says "Check out our latest products this week." The mismatch is recognisable to humans (the subject promised account information; the body delivered marketing) and equally recognisable to classifiers. Repeated trust-gap penalties accumulate into sender-level reputation impact that affects subsequent sends, not just the offending message.

Header structure and RFC compliance

Email headers that deviate from RFC 5322 specifications, or that contain inconsistencies between the envelope and the message headers, create scoring signals. A From: address that does not match the Reply-To domain, a Date: header in an unexpected format, missing standard headers (Message-ID, MIME-Version), or non-standard header ordering all contribute minor negative signals that accumulate.

At high volume, these become statistically significant. A campaign of 1 million messages with subtle header inconsistencies produces 1 million instances of the inconsistency, each of which contributes a small classifier signal that accumulates into measurable deliverability impact. Standardised header generation from a properly configured MTA eliminates most of these issues by default; the problems we see are usually from application-layer email generation that bypasses the MTA's header handling, particularly from older marketing platforms or custom-built sending code.

The specific header signals that matter most:

Header signalWhy it mattersTypical issue source
From / Reply-To domain alignmentMismatch suggests unusual routing or spoofingMarketing platforms with different reply infrastructure
Date header formatNon-RFC formats indicate non-standard sendingCustom-built email generators with locale issues
Message-ID presence and formatRequired by RFC; absence suggests non-compliant senderBare-bones SMTP submission without ID generation
MIME-Version headerRequired for multipart messages; missing suggests low-effort sendingSingle-part text-only emails with embedded HTML
Content-Type completenessCharset and boundary must be specified correctlyOlder email libraries with incomplete MIME handling
List-Unsubscribe headerRequired for bulk senders since February 2024 enforcementSenders not yet compliant with one-click unsubscribe
List-Unsubscribe-Post headerRequired for true one-click unsubscribe (RFC 8058)Senders with List-Unsubscribe but not the Post variant

The last two rows in the table are particularly important post-2024. The Gmail and Yahoo bulk-sender requirements explicitly demand both List-Unsubscribe and List-Unsubscribe-Post headers for one-click unsubscribe functionality. Senders that have the older List-Unsubscribe header but not the Post variant fail the requirement and accumulate classifier penalties accordingly. The fix is mechanical (add the header, configure the unsubscribe handler) but is often missed in older sending infrastructure that pre-dates the 2024 requirements.

The image-to-text ratio and modern visual classification

Emails with very high image-to-text ratios continue to score negatively in content filters. The pattern of "most visible content is in images rather than HTML text" is associated with spam that attempts to obscure message content from text-based analysis. The classifier behaviour around this has evolved in 2026: modern ML classifiers can extract text from images via OCR and evaluate that text as part of the content analysis, but the structural signal of low text-to-image ratio still contributes negatively because legitimate senders generally include substantial text.

This does not mean avoiding images. It means ensuring that substantive text content accompanies images so that the text-to-image balance is reasonable. The practical test: read the email with images disabled (which is how Outlook users see it by default, and how some classifiers evaluate the message). If the message is unintelligible without images, it will score poorly. If the message conveys its core value through text and uses images to enhance rather than substitute, it scores well.

The 2026 OCR layer in classifiers has produced an interesting secondary effect. Text embedded in images is now extracted and analysed against URL reputation databases and content patterns. A spam-style call-to-action embedded in an image is increasingly likely to be detected via OCR rather than escaping detection by being non-textual. This means that the historical strategy of putting "risky" content in images has reduced effectiveness compared to a few years ago, while the structural signal against low text-to-image ratios persists.

Gemini and the LLM layer on top of traditional classifiers

Google's integration of Gemini into Gmail and Workspace from 2025 added an LLM-based content analysis layer on top of the existing ML classifier stack. The most visible operational consequence is prompt-injection defence: Gemini blocks or excludes content that appears to attempt manipulating an AI assistant via instructions embedded in email body. For legitimate senders, the practical impact is minimal because legitimate content does not look like prompt injection. For senders crafting unusual content patterns, particularly heavy obfuscation, hidden text, or embedded instructions intended to influence recipient AI tools, the Gemini layer adds a new content filter that operates independently of traditional spam classification.

The mechanism is not a separate spam filter. Gemini operates as part of the user-facing AI features (Gmail compose suggestions, smart reply, conversation summarisation) and excludes content from those features when it triggers safety filters. The downstream effect on deliverability is indirect: a message excluded from AI features may also be flagged for additional review by traditional spam classification, and the user-facing AI exclusion produces a security notification that recipients can see, which affects user trust in the sender.

For email infrastructure operators, the Gemini layer is mostly background noise. The relevant operational adjustments are minor: avoid content patterns that look like prompt injection (which legitimate marketing content does not), do not embed hidden text or invisible instructions, and treat Gemini security notifications as signals worth investigating if recipients report seeing them. The vast majority of legitimate sending is unaffected by the Gemini layer in normal operation.

The folklore we keep hearing about

Several content factors are widely discussed as deliverability concerns but have near-zero operational impact in 2026. Treating them as significant wastes content-engineering time that would produce larger deliverability gains if applied to the structural signals above.

Folklore: "Avoid spam words like FREE, URGENT, WIN"

Modern ML classifiers do not maintain static word lists. They evaluate content patterns in the context of sender reputation, authentication, and engagement history. The same word from a trusted sender delivers to the inbox; from an unknown sender, it may not. The word itself is at most a weak proxy for what the classifier actually cares about, which is the pattern the word historically indicated. Spending content engineering time on word avoidance produces small to undetectable improvements; spending the same time on URL reputation or authentication produces large improvements.

Folklore: "All caps and exclamation marks trigger filters"

They contribute marginally at best. A subject line in all caps still delivers if the sender has good reputation, authentication is aligned, and the content matches what the subject promises. A subject line in mixed case fails to deliver if reputation, authentication, or content alignment are weak. The all-caps signal is a minor tiebreaker, not a determining factor. Same with exclamation marks. Same with emoji.

Folklore: "Use plain text instead of HTML to improve deliverability"

Untrue in 2026. Plain text emails do not have a deliverability advantage over well-formatted HTML emails. Modern classifiers expect HTML for marketing and transactional emails because that is what legitimate senders produce. A plain-text version as a multipart/alternative alongside HTML is standard practice for compatibility, not a deliverability strategy. Senders who switch to plain-text-only based on this folklore typically see no deliverability change and sometimes see worse engagement because the message looks less professional.

Folklore: "Adding the recipient's name in the subject improves placement"

Marginal effect at best. Personalisation in subject lines has small positive engagement effects in some contexts but does not materially affect deliverability. The classifier does not credit personalisation per se; it credits whatever sender reputation the personalisation builds through better engagement over time. Senders who personalise carefully often have better deliverability, but the personalisation is a downstream effect of caring about content quality rather than a direct deliverability lever.

Field observation: content rewrite with wrong target

A 2025 client had inbox placement around 71% on a daily 200K-message marketing programme. They spent six weeks rewriting subject lines, removing "spam words", reformatting body copy with more whitespace, and adjusting image counts. Inbox placement after the rewrite: 73%. Marginal improvement at best. Investigation revealed the real issue was a tracking domain that had been used by another company for affiliate marketing two years before, with residual reputation damage in receiver databases. Moving to a fresh tracking subdomain produced a 14-percentage-point inbox placement improvement in three weeks. The content rewrite was directionally fine but missed the dominant signal; the URL reputation fix moved the needle.

Content audit checker for high-volume sending

The interactive checker below produces a prioritised content audit based on the sender's volume, current deliverability state, and historical patterns.

Content audit prioritisation

Prioritised audit checklist
  • Computing...

Operational guidance for 2026 content engineering

The summary worth carrying away from this note is short. Modern content classifiers care about a small number of structural signals (URL reputation, authentication alignment, subject-body coherence, image-text balance, header consistency) much more than they care about the surface-level content choices that occupy most deliverability discussion. Content engineering work that focuses on the structural signals produces large deliverability improvements. Content engineering work that focuses on the folklore items produces small to undetectable improvements.

The operational pattern that consistently performs in 2026 high-volume programmes:

Authentication and infrastructure first. SPF, DKIM, and DMARC must be aligned with the actual sending behaviour, not just present in DNS. DMARC at p=quarantine or p=reject (not just p=none) is required for full deliverability. Per-brand tracking domains, per-brand sending domains, and isolated MTA configuration prevent the structural failure modes that cause most deliverability incidents.

URL reputation as ongoing operational practice. Audit destination URLs against reputation databases. Monitor tracking domain health. Avoid third-party link inclusion where possible. Treat URL reputation as something that decays without active maintenance.

Content alignment over content avoidance. Subject lines should describe what the body delivers. Body content should match the subject's topic. Landing pages should be on-topic for the body. Spend content engineering time on alignment rather than on avoiding specific words.

Engagement as the long-term lever. The content factor that ultimately matters most is recipient engagement, because engagement drives sender reputation, which conditions every other content signal. Sending less to people who do not engage, more to people who do, and more accurately to both groups is the highest-leverage content work most programmes can do.

M
Marek Novák

Email Security Engineer at Cloud Server for Email. Works on production deliverability and content-classifier behaviour analysis. Related notes: building a multi-brand sending architecture, Postmark vs Amazon SES, PowerMTA reference.