A one-afternoon, plain-English setup that gets your emails out of spam and into inboxes. Work through it top to bottom and check things off as you go. Your progress saves automatically in this browser.
Gmail, Yahoo, and Outlook decide where your email lands. Since 2024 they all enforce the same rules, and they judge you on two things: can they verify you, and do people want your mail. Your setup is likely losing on three fronts at once:
Your domain isn't verified. Without three little DNS records (SPF, DKIM, DMARC), the inbox can't prove your email really came from you. Unverified mail gets junked or rejected outright. This is the biggest and fastest fix.
Chat-collected emails are messier. People typing an email into an Instagram DM make typos, hand over throwaway addresses to grab a freebie, and often forget they subscribed at all. Typos become bounces, forgetfulness becomes spam complaints, and both burn the reputation of your whole list, so your ManyChat people drag everyone else down with them.
The inbox is watching engagement. Every open, reply, delete-without-reading, and spam click teaches Gmail what to do with your next email. Subscribers who never engage quietly train the inbox to junk you.
This guide fixes all three, in that order. Part 1 is the technical fix, Parts 2 and 3 keep it fixed.
One-time setup. This alone usually moves the needle within days.
Answer three questions before touching anything:
Your email platform generates a short list of DNS records that are unique to your account, usually 2 to 4 of them (mostly the CNAME type). Your job here: find that list and keep the tab open. Pick your platform:
Good news: the same company hosts your domain and sends your email, so this is the easiest path.
Note: Squarespace Campaigns doesn't use SPF at all, its DKIM records carry the whole load. If any step mentions SPF, you can skip it guilt-free.
Verified sending domains are a paid-plan feature in Kit. If you're on the free plan, this upgrade matters more than any other growth tool you could buy.
Flodesk quirks worth knowing: add Flodesk's SPF as its own new CNAME record, never combine it with an existing SPF. Partial verification for a day or two is normal (DKIM green while SPF still pending). And since Flodesk hands you a DMARC record here, Step 4 will already be done. Flodesk also has a video walkthrough for Squarespace domains, your exact combo.
If ManyChat itself sends your emails, they currently go out from a shared ManyChat address (like noreply@many-mail.io), which is a deliverability handicap. Set up your own domain:
1. After connecting, ManyChat asks you to warm up: keep email volume light for the first 2 to 4 weeks so inboxes learn to trust the new setup.
2. ManyChat is built for chat, and email is its side hustle. If email matters to your business, the stronger long-term play is Step 6: let ManyChat collect the address, then send all email from a real email platform.
Every email platform has this feature. Open your platform's help site and search "verify sending domain" or "domain authentication." You're looking for a settings page that generates 2 to 4 DNS records for your domain. Copy them and continue to Step 3, everything else in this guide works the same.
Now you'll add each record from Step 2 to your domain's DNS. In a new tab:
Squarespace adds .yourdomain.com to the Name field automatically. If your platform's record says the host is s1._domainkey.yourdomain.com, type only s1._domainkey. Paste the full thing and your record silently becomes s1._domainkey.yourdomain.com.yourdomain.com, which never verifies. This is the number one reason Step 5 fails.
Smaller gotchas, worth 20 seconds now:
Records usually go live in 15 to 60 minutes, occasionally up to 48 hours. You don't need to wait here, keep going.
DMARC is the third piece, and Gmail, Yahoo, and Outlook all expect it. It tells inboxes "here's my policy when something claims to be me," and without it you fail their minimum bar.
First, check if you already have one. In the same Custom records list, look for a TXT record named _dmarc. If your platform included a DMARC record in Step 2 (Flodesk does) and you added it, that counts. Squarespace also sometimes adds one automatically, for example when you set up email forwarding. If it's there either way, you're done, skip to Step 5.
If not, add it: click Add record, choose TXT, type _dmarc in the Name field (no domain after it, Squarespace appends that automatically), and paste this in the Text field:
In plain English that means "watch and report, don't punish anyone yet." It satisfies the providers' requirement while you get everything else clean. Down the road, once things run smoothly for a month or two, a stricter policy is a nice upgrade, but p=none is the correct starting point.
Want a weekly plain-English report of who's sending email as your domain? Grab a free monitoring record at dmarc.postmarkapp.com and paste that as your Text value instead. Same record, plus a report in your inbox every Monday.
Give the records 30 to 60 minutes, then run these checks:
Your email platform's verify button turns green. Go back to the Step 2 screen and click Verify (or Recheck). Not green yet? Wait an hour and try again before troubleshooting.
learndmarc says PASS. Go to learndmarc.com, it gives you a one-time email address. Send a real test email from your email platform to that address and watch it trace SPF, DKIM, and DMARC live. You want green checkmarks.
mail-tester scores you 9+. Same idea at mail-tester.com: send a test campaign to the address it gives you, then check your score. 9 or 10 out of 10 is the goal.
Gmail agrees. Send yourself a campaign at a Gmail address. Open it, click the three-dot menu, choose Show original. The summary table at the top should read SPF: PASS, DKIM: PASS, DMARC: PASS.
All green? The technical half is done, and you now clear the bar that Gmail, Yahoo, and Outlook have enforced for every meaningful sender since 2024. Everything from here is about behavior: who joins your list and how they engage.
Chat-collected subscribers can be your best people or your worst deliverability drag. The difference is these settings.
Five changes inside your ManyChat flow, each one small:
Verification gets you judged fairly. Engagement gets you into the inbox and keeps you there.
A reply is the single strongest signal an inbox can record about you. Once someone replies, Gmail treats the relationship as a two-way conversation, and your future emails get handled like personal mail instead of promotions. So the first email's whole job is to earn a reply, and it should go out instantly when someone subscribes. In Flodesk, that means a Workflow triggered by the segment your ManyChat leads land in, with this email as the first step and no delay before it.
Ground rules: send it from a person (Sarah at YourBrand, never a no-reply address), make the Reply-To an inbox you genuinely read, keep it mostly plain text with one link.
Here's a template, swap the highlighted parts:
Hey [first name]!
Welcome, I'm so glad you're here. Here's your [freebie name]: [link]
Before you dive in, one quick favor. Hit reply and tell me the number one thing you're struggling with when it comes to [your topic].
I read every single reply myself. It's how I decide what to send you next, so you get help with the exact thing you're stuck on instead of generic tips. And as a thank you, I'll send you [small bonus: a checklist, a template, a mini training] once you do.
Talk soon,
[Your name]
P.S. One tiny thing worth 5 seconds: drag this email into your Primary tab (or add me to your contacts) so the good stuff doesn't get lost.
For ManyChat subscribers, an even stronger version gates the freebie behind the reply itself: "Want it? Reply with the word GUIDE and I'll send it right over." Nearly every real subscriber replies, and every fake address stays silent. You'll send the freebie manually or with a saved reply, so use this while your signup volume is small enough to keep up with, and enjoy that it doubles as market research.
The math that rules everything: Gmail wants your spam-complaint rate under 0.1% and treats 0.3% as the point of no return. On a 1,000-person list, that means three spam clicks put you at the ceiling. Small lists have zero margin, so these rules matter more for you than for the big senders:
Google runs a free dashboard that shows how Gmail sees you, including your exact spam rate and whether you pass their requirements. Set it up once:
What to watch: the Compliance status page (everything should say OK) and the spam rate chart (under 0.1%). Small lists often show "no data yet" at first, that's normal, it fills in as your volume grows. Peek weekly for the first month, monthly after that.
Two small habits to go with it: run a mail-tester check before any big or unusual send, and if you set up the free DMARC report in Step 4, skim it Mondays for senders you don't recognize.
Set a reminder for 30 days out. Reputation doesn't reset overnight: verification helps within days, but full recovery takes 2 to 4 weeks of consistent, engaged sending. During that window, resist the urge to blast, and let the welcome flow and sunset rule do their quiet work.
At the 30-day mark, run through this:
All true and you're still seeing spam placement? The fastest lever left: email your most engaged 20% (recent clickers and repliers) a short plain-text note with a question in it. A burst of genuine replies is the strongest medicine there is. If things are still stuck after that, the problem is almost always a cold segment you're still mailing, so cut deeper.
Verified domain, cleaner signups, a welcome email that earns replies, hygiene rules, and a scoreboard. You're now doing more than most professional senders. Keep the rhythm and the inbox will keep rewarding you.
Nine times out of ten it's the doubled-domain gotcha from Step 3. Open dnschecker.org, paste the full host from your email platform (like s1._domainkey.yourdomain.com), pick the record type (usually CNAME), and search. Nothing found? Edit the record in Squarespace and make sure the Name field holds only the part before your domain.
Also check: values pasted with stray spaces, a TXT added where a CNAME was asked for, or quotation marks that came along for the ride.
This is almost always an SPF conflict. Find any existing TXT records whose value starts with v=spf1, delete them, then re-add your records one at a time. Squarespace merges multiple SPF rows automatically, so don't try to hand-combine them.
Add each one as its own TXT record and let Squarespace merge them. The rule being protected here: a domain can only have one effective SPF policy, and platforms that make you hand-edit it cause the errors Squarespace is saving you from.
Switch it inside your email platform after Step 5: use you@yourdomain.com as the From, and set Reply-To to whatever inbox you actually read (that part can stay Gmail). Newsletters sent from free addresses can't be verified as you, get capped hard by the 2024+ rules, and undermine everything else in this guide.
Promotions is the inbox, not the enemy. People check it, and legitimate marketing mail belongs there. The spam folder is what kills you, and you've fixed that. Replies, add-to-contacts, and drag-to-Primary (the P.S. in your welcome email) move you toward Primary naturally over time. Don't chase Primary with tricks, inboxes notice.
No problem, the records are identical everywhere. Log in wherever the domain lives (GoDaddy, Namecheap, Cloudflare, Google Domains successors), find DNS settings or DNS records, and add the same records. The "type only the part before your domain" gotcha applies at most of them too.
Expected, honestly. ManyChat email rides shared infrastructure and needs its 2 to 4 week warm-up even after your domain is connected. If the gap doesn't close, take it as the final nudge to route chat leads into your email platform (Step 6, change 4) and let ManyChat do what it's great at: the conversation, not the newsletter.
learndmarc.com · watch your authentication pass in real time
mail-tester.com · one-click spam score for any email you send
postmaster.google.com · Gmail's official view of your domain
dmarc.postmarkapp.com · free weekly DMARC report
dnschecker.org · confirm your DNS records are visible to the world