Cold Email Still Works, It's Just Harder
About 2 years ago, while running the same outbound strategy that propelled us to a $519m exit, we noticed our email deliverability collapsed. The same exact playbook we had used successfully for years was now failing to land us in inboxes.
We hadn’t changed a thing. We were still following all the best practices:
Only sending from .com domains
Pre-verifying every email before sending
Limiting our volume to 50 emails/day/mailbox
Ensuring SPF, DKIM, and DMARC were set up correctly
Using pre-warmed secondary domains for all non-customer contacts
We spoke with countless email experts, and by all accounts we were doing everything right. Yet, we found that when we would follow up by phone, about 20% of our prospects couldn’t find our email.
It didn’t bounce. It wasn’t marked as spam. It simply never made it.
The worst part was we had no idea which emails this was happening to. There was no report. No feedback.
This drove us to spend the next two years understanding every aspect of B2B email deliverability. What we learned surprised us. So much so that we ended up building our own email outreach tools from the ground up, optimized for delivery.
Email delivery is a BIG topic, and it’s constantly evolving. However, we can distill it down to three core areas:
Email Infrastructure
Content and Campaign Mechanics
The Email Setup of Your Recipient
Lots of ink has been spilled on #1 and #2, so today we’re going to tackle the biggest campaign killer you’re not monitoring–your recipient’s email setup.
At least 20% of your “delivered” emails never reach the inbox
Ever notice that gmail and outlook put all your outgoing emails in a “Sent” folder? Why “Sent” and not “Delivered”?
The short answer is, they don’t know if it was delivered or not. No outbound mail server does.
So when all your outbound tools talk about delivery rates, what are they actually referring to?
They look at 2 things:
Did the recipient’s mail server accept the email for processing?
Did they subsequently get a notice of non-delivery?
Notice, there’s no delivery confirmation in email. The best we can do is infer delivery.
We can infer if we receive a bounce report that our email wasn’t delivered. We can infer from a feedback report that our email was rejected due to suspected spam or misconfigured SFP or whatever.
But these notifications are not strictly required. They’re common, but optional.
So I started asking, are there scenarios where the recipient’s mail server accepts the email for processing, but does not actually deliver the message?
Yes there is. In fact, it can happen a lot.
In our subsequent testing we found it could happen as much as 20% of the time. And oftentimes, you’d never know.
What happens when you send an email to elonsucks@spacex.com?
Answer: The same thing that happens if you send to elonisgod@spacex.com. Or any email address at SpaceX for that matter.
SpaceX’s email server is configured as a catch-all, meaning they always accept the email for delivery, regardless if it’s real or not.
Will it bounce? Maybe.
It depends on how they have configured their email server. It could bounce immediately. It could bounce two days from now. It could be routed to an unmonitored mailbox used as a spam trap, and now your domain is blacklisted from sending emails to anyone at SpaceX (true story).
The truth is, to the sender it looks like it was “delivered”, but in reality we have no idea.
This works the same for all SpaceX email addresses, legitimate or not. This is because they have configured their email servers to accept everything that is sent, regardless of whether it’s destined for a real mailbox.
They are in control of delivery (or not).
They are in control over the timing in which they provide feedback (or not).
Compare this with an email sent to gtan@ycombinator.com.
If you tried to reach Garry Tan at this address, you would be greeted with an immediate rejection by Google’s mail servers. The mailbox doesn’t exist.
Google, by default, is configured to reject all mailboxes that don’t exist and provide immediate feedback to the sender. This can be changed, but Y Combinator (like most smaller companies) has opted for the default behavior.
In our testing across hundreds of thousands of companies, we found that 68% of companies are like Y Combinator.
The other 32% operate like SpaceX.
And the bigger and more regulated the company, the more likely they are to accept everything and not tell you a damn thing.
Secure Email Gateways destroy deliverability if undetected
A secure email gateway (SEG) is essentially a firewall for your mail server. They have policies that:
Score sender reputation
Check known spam blacklists
Quarantine or greylist unknown emails
Detect abnormal sending behavior from a domain
Block emails from domains registered in the last 30 days
Filter out all messages that contain tracking pixels or 3rd party tracking links
…and, in general, make it as difficult as possible for you to spam to send bulk messages.
How do you know if you’re sending to a domain protected by an SEG? The best way is to look up the MX records for the domain in question and compare it with a database of known SEGs (we’ve open sourced a comprehensive list). Or you can use an email verification service that includes SEG detection.
As with catch-alls, the bigger and more regulated the company, the more likely you are to battle an SEG. For example, we recently had a customer selling to datacenters tell us over 80% of their list was behind a SEG.
Why does this matter?
Recently registered domains are blocked by default.
Only sender domains with good reputations make it through.
If you send the same email with the same subject line and body text to multiple addresses, you’ll get flagged
Many SEGs have catch-all configured by default, so you never know if you’re sending to a good address or not until you send. Maybe.
Most SEGs share information with other SEGs in real time through DNS blocklists. Once you are flagged, anyone on that SEG network blocks you too.
Given the high-risk nature of these addresses, we advise manually sending all emails and only using your best domains. We use a “SEG-only” domain for these and make sure the content is highly relevant before sending.
Your email tracking is killing your deliverability
Last month (Aug 2024), Google made a lot of noise by “killing the tracking pixel”. Now every time you attempt to track opens or get a read receipt, they put a lovely prison-wall gray banner across your email. This includes emails sent from Salesforce, Hubspot, or any other app that tracks email opens. They also make it super easy to report the message as spam.
All those newsletter opens your marketing team tracks as their primary KPI? Done. Kaput.
Now, the truth is email tracking has been silently dead for a few years now. Google, as is their MO lately, is simply catching up to the rest of the industry.
You can rest assured that Google will never be the first to STOP tracking you…
Apple, Microsoft, and all the secure email gateway providers have been silently filtering emails with tracking links for years. This is why your Docusign occasionally ends up in spam (nothing more annoying…).
So stop tracking email opens. Immediately.
Going forward, there is only one way to track the performance of your emails: engagement.
Engagement comes in two forms:
Link clicks
Replies
Replies are the gold standard. They boost your sender reputation and get you whitelisted with the SEGs (even if the reply is to tell you to fuck off). Sometimes you want to optimize for clicks instead of replies. This is ok too, just make sure you are doing your click tracking via UTM tags or via a subdomain that you own. And the fewer links, the better.
Just remember it’s critical to always, always design your content for engagement (let me know in the comments if a post on how to optimize for engagement would be helpful).
Know what you’re up against before you send
As we grappled with catch-alls, secure email gateways, and the death of tracking, a realization hit. The key to solving the email deliverability black hole is in knowing what we’re up against before we hit send.
By understanding what’s lurking behind an email, we can then devise strategies and campaigns that consistently land in the inbox. For example:
If an email is valid, not configured as a catch-all, and not protected by a SEG, then campaign as normal.
If an email is protected by a SEG, send manually or use a campaign with a track record of high engagement. Ensure you send from an aged domain in good standing.
If an email is a catch-all, further validation is required. We set up burner infrastructure to send generic test emails to these addresses before we include them in a campaign.
This all sounds complicated, and it is. Consistent email delivery has gotten a lot harder over the past few years. We’ve spent thousands of hours building tooling around all this to support us as we’ve scaled. And so far, it’s working.
We’re big believers that knowledge deserves to be free. That’s why we’re sharing these learnings with the YC family. We’re also big believers in open source, which is why we just open sourced our email validation library, MailSherpa, under a copy-left license.
MailSherpa allows you to do basic email validation including catch-all and SEG checks for free from any laptop or server.
For scaled deployments, including catch-all validation service via our burner infrastructure, you can check out our API Docs or the CustomerOS app.
If you don’t want to deal with any of this and simply run outbound that converts, we can help with that too. We have a limited number of places left in our 12-week hypergrowth program where 3 exited YC Founders work alongside you as your growth team and teach you everything we know.
And if you’d like to chat about outbound or anything else grab some time on my calendar.
