The Inbox Fix
0 of 10
Email Deliverability Setup

The Inbox Fix

A one-afternoon, plain-English setup that gets your emails out of spam and into inboxes. Work through it top to bottom and check things off as you go. Your progress saves automatically in this browser.

10 steps ~1 hour total Zero tech skills needed Checked against July 2026 inbox rules

Read this first: why your emails land in spam

Gmail, Yahoo, and Outlook decide where your email lands. Since 2024 they all enforce the same rules, and they judge you on two things: can they verify you, and do people want your mail. Your setup is likely losing on three fronts at once:

1

Your domain isn't verified. Without three little DNS records (SPF, DKIM, DMARC), the inbox can't prove your email really came from you. Unverified mail gets junked or rejected outright. This is the biggest and fastest fix.

2

Chat-collected emails are messier. People typing an email into an Instagram DM make typos, hand over throwaway addresses to grab a freebie, and often forget they subscribed at all. Typos become bounces, forgetfulness becomes spam complaints, and both burn the reputation of your whole list, so your ManyChat people drag everyone else down with them.

3

The inbox is watching engagement. Every open, reply, delete-without-reading, and spam click teaches Gmail what to do with your next email. Subscribers who never engage quietly train the inbox to junk you.

This guide fixes all three, in that order. Part 1 is the technical fix, Parts 2 and 3 keep it fixed.

Have these logins ready: your Squarespace account (where your domain lives), your email platform (whatever sends your emails), and ManyChat. That's it.
Part 1

Verify your domain (the technical fix)

One-time setup. This alone usually moves the needle within days.

1

Map your setup

2 minutes

Answer three questions before touching anything:

  1. What sends your emails? The platform where you write your newsletters (Squarespace Email Campaigns, Kit, Flodesk, Mailchimp, MailerLite, or maybe ManyChat itself). That's your "email platform" for the rest of this guide.
  2. Where does your domain live? Probably Squarespace. Check: log in at account.squarespace.com/domains. If your domain is listed there, perfect, this guide matches your setup exactly.
  3. What's your From address? Look at a recent email you sent. If it says something like you@gmail.com, that has to change. Inboxes cap deliverability hard for newsletters sent from free addresses, and you can never verify a domain you don't own. You want you@yourdomain.com. You don't need a paid mailbox for this in most email platforms, you'll set the From address inside the platform once your domain is verified.
2

Copy your records from your email platform

5 minutes

Your email platform generates a short list of DNS records that are unique to your account, usually 2 to 4 of them (mostly the CNAME type). Your job here: find that list and keep the tab open. Pick your platform:

Good news: the same company hosts your domain and sends your email, so this is the easiest path.

  1. In your site dashboard go to Marketing → Email Campaigns → Settings (gear) → Sender details.
  2. Under your custom address, click Verify domain.
  3. If your domain is registered with Squarespace, it often verifies in one click and adds the records for you. If it shows you two CNAME records instead, copy both for Step 3.

Note: Squarespace Campaigns doesn't use SPF at all, its DKIM records carry the whole load. If any step mentions SPF, you can skip it guilt-free.

  1. Go to Settings → Email → Domains and click Add domain.
  2. Enter your domain (yourdomain.com) and Kit generates a few CNAME records.
  3. Keep that tab open for Step 3, then come back and hit Verify.

Verified sending domains are a paid-plan feature in Kit. If you're on the free plan, this upgrade matters more than any other growth tool you could buy.

  1. Go to My Account → Domain setup and click Authenticate now on your domain card.
  2. Choose I'll do it manually and click Next. Flodesk lists every record you need: an SPF record and DKIM records (added as CNAME type) plus a DMARC record (added as TXT type, only if you don't already have one).
  3. Keep the tab open for Step 3. After adding the records, come back, click Next, then Done, and Flodesk starts checking them automatically.

Flodesk quirks worth knowing: add Flodesk's SPF as its own new CNAME record, never combine it with an existing SPF. Partial verification for a day or two is normal (DKIM green while SPF still pending). And since Flodesk hands you a DMARC record here, Step 4 will already be done. Flodesk also has a video walkthrough for Squarespace domains, your exact combo.

  1. Click your profile icon, then Account & billing → Domains (on some accounts it's Website → Domains).
  2. Next to your domain, click Start Authentication.
  3. Mailchimp shows two CNAME records. Keep the tab open for Step 3, then return to verify.
  1. Go to Settings → Domains.
  2. Click Authenticate next to your domain.
  3. You'll get a DKIM record (CNAME), an SPF record (TXT), and a verification record (TXT). Copy all of them for Step 3.
  1. Go to Settings → Advanced → Sending Domains.
  2. Add your domain. ActiveCampaign generates CNAME records for it.
  3. After Step 3, come back and click Recheck Authentication.
  1. Click your account name, then Settings → Email → Domains.
  2. Set up a dedicated sending domain. Klaviyo shows a short list of CNAME and TXT records.
  3. Copy them all for Step 3, then return to verify.

If ManyChat itself sends your emails, they currently go out from a shared ManyChat address (like noreply@many-mail.io), which is a deliverability handicap. Set up your own domain:

  1. In ManyChat go to Settings → Email.
  2. Add your business email address (like hello@yourdomain.com) and a sender name, then click the confirmation link ManyChat emails you.
  3. ManyChat then generates DNS records for your domain. Copy them for Step 3.
  4. After adding them, come back and click Check my modified DNS records.
Two honest warnings

1. After connecting, ManyChat asks you to warm up: keep email volume light for the first 2 to 4 weeks so inboxes learn to trust the new setup.

2. ManyChat is built for chat, and email is its side hustle. If email matters to your business, the stronger long-term play is Step 6: let ManyChat collect the address, then send all email from a real email platform.

Every email platform has this feature. Open your platform's help site and search "verify sending domain" or "domain authentication." You're looking for a settings page that generates 2 to 4 DNS records for your domain. Copy them and continue to Step 3, everything else in this guide works the same.

3

Paste the records into Squarespace

10 minutes

Now you'll add each record from Step 2 to your domain's DNS. In a new tab:

  1. Go to account.squarespace.com/domains and click your domain.
  2. Click DNS → DNS Settings and scroll to Custom records.
  3. For each record from Step 2: click Add record, pick the Type (CNAME or TXT), paste the Host into the Name field and the value into the Data or Text field. Save.
The gotcha that breaks almost everyone

Squarespace adds .yourdomain.com to the Name field automatically. If your platform's record says the host is s1._domainkey.yourdomain.com, type only s1._domainkey. Paste the full thing and your record silently becomes s1._domainkey.yourdomain.com.yourdomain.com, which never verifies. This is the number one reason Step 5 fails.

Smaller gotchas, worth 20 seconds now:

  • If a record's host is blank or shown as "@", type @ in the Name field.
  • SPF records (values starting with v=spf1): if you get a "Custom records not saved" error, delete any existing SPF rows first, then re-add them one at a time. Squarespace merges multiple SPF rows behind the scenes, so add each as its own record and never try to combine them by hand.
  • If a value came wrapped in quotation marks and won't verify after a day, edit the record and remove the quotes.
  • Paste values exactly, with no spaces before or after.
  • Don't delete records you don't recognize. The MX rows are what make your actual mailbox receive mail.

Records usually go live in 15 to 60 minutes, occasionally up to 48 hours. You don't need to wait here, keep going.

4

Add your DMARC record

3 minutes

DMARC is the third piece, and Gmail, Yahoo, and Outlook all expect it. It tells inboxes "here's my policy when something claims to be me," and without it you fail their minimum bar.

First, check if you already have one. In the same Custom records list, look for a TXT record named _dmarc. If your platform included a DMARC record in Step 2 (Flodesk does) and you added it, that counts. Squarespace also sometimes adds one automatically, for example when you set up email forwarding. If it's there either way, you're done, skip to Step 5.

If not, add it: click Add record, choose TXT, type _dmarc in the Name field (no domain after it, Squarespace appends that automatically), and paste this in the Text field:

v=DMARC1; p=none;

In plain English that means "watch and report, don't punish anyone yet." It satisfies the providers' requirement while you get everything else clean. Down the road, once things run smoothly for a month or two, a stricter policy is a nice upgrade, but p=none is the correct starting point.

Optional upgrade, still free

Want a weekly plain-English report of who's sending email as your domain? Grab a free monitoring record at dmarc.postmarkapp.com and paste that as your Text value instead. Same record, plus a report in your inbox every Monday.

5

Verify everything passes

5 minutes

Give the records 30 to 60 minutes, then run these checks:

1

Your email platform's verify button turns green. Go back to the Step 2 screen and click Verify (or Recheck). Not green yet? Wait an hour and try again before troubleshooting.

2

learndmarc says PASS. Go to learndmarc.com, it gives you a one-time email address. Send a real test email from your email platform to that address and watch it trace SPF, DKIM, and DMARC live. You want green checkmarks.

3

mail-tester scores you 9+. Same idea at mail-tester.com: send a test campaign to the address it gives you, then check your score. 9 or 10 out of 10 is the goal.

4

Gmail agrees. Send yourself a campaign at a Gmail address. Open it, click the three-dot menu, choose Show original. The summary table at the top should read SPF: PASS, DKIM: PASS, DMARC: PASS.

Checkpoint

All green? The technical half is done, and you now clear the bar that Gmail, Yahoo, and Outlook have enforced for every meaningful sender since 2024. Everything from here is about behavior: who joins your list and how they engage.

Part 2

Plug the ManyChat leak

Chat-collected subscribers can be your best people or your worst deliverability drag. The difference is these settings.

6

Fix how ManyChat collects emails

10 minutes

Five changes inside your ManyChat flow, each one small:

  1. Collect email with the email question type, never a free-text question. The built-in email field rejects junk formats automatically.
  2. Echo it back before saving. Add a message like "Just to double-check, is {{email}} correct?" with Yes and Let me fix it buttons. Typos become hard bounces, and bounces are one of the fastest ways to look like a spammer.
  3. Deliver the freebie by email, not by DM link. Say "Sent! Check your inbox." This quietly filters out fake addresses (they get nothing and never enter your list's bloodstream) and creates an immediate open, which is the first trust signal the inbox records for you. In the DM, add: "If it's not there in 2 minutes, check Promotions or Spam and drag it to your inbox. That tells Gmail we're friends."
  4. Send all email from one place. Chat leads should flow straight into your email platform so everything sends from the domain you just verified. If you're on Flodesk: ManyChat has a built-in Flodesk action (on ManyChat's Pro plan). In your flow, right after the email is confirmed, add an Action step → Flodesk and pick the segment to add them to. Not on Pro? A simple Zapier connection does the same job. One domain, one reputation, every good signal compounds. Keep ManyChat for chat, your email platform for email.
  5. Tag the source. Tag chat-collected subscribers something like src-manychat as they come in. You'll watch this segment separately and prune it harder (Step 8), because it will always run colder than people who sought out your website.
Part 3

Train the inbox to trust you

Verification gets you judged fairly. Engagement gets you into the inbox and keeps you there.

7

Send a welcome email people actually reply to

10 minutes

A reply is the single strongest signal an inbox can record about you. Once someone replies, Gmail treats the relationship as a two-way conversation, and your future emails get handled like personal mail instead of promotions. So the first email's whole job is to earn a reply, and it should go out instantly when someone subscribes. In Flodesk, that means a Workflow triggered by the segment your ManyChat leads land in, with this email as the first step and no delay before it.

Ground rules: send it from a person (Sarah at YourBrand, never a no-reply address), make the Reply-To an inbox you genuinely read, keep it mostly plain text with one link.

Here's a template, swap the highlighted parts:

Subject: welcome in :) your [freebie name] is here

Hey [first name]!

Welcome, I'm so glad you're here. Here's your [freebie name]: [link]

Before you dive in, one quick favor. Hit reply and tell me the number one thing you're struggling with when it comes to [your topic].

I read every single reply myself. It's how I decide what to send you next, so you get help with the exact thing you're stuck on instead of generic tips. And as a thank you, I'll send you [small bonus: a checklist, a template, a mini training] once you do.

Talk soon,
[Your name]

P.S. One tiny thing worth 5 seconds: drag this email into your Primary tab (or add me to your contacts) so the good stuff doesn't get lost.

Level up for chat leads

For ManyChat subscribers, an even stronger version gates the freebie behind the reply itself: "Want it? Reply with the word GUIDE and I'll send it right over." Nearly every real subscriber replies, and every fake address stays silent. You'll send the freebie manually or with a saved reply, so use this while your signup volume is small enough to keep up with, and enjoy that it doubles as market research.

8

Set your list-health rules

5 minutes

The math that rules everything: Gmail wants your spam-complaint rate under 0.1% and treats 0.3% as the point of no return. On a 1,000-person list, that means three spam clicks put you at the ceiling. Small lists have zero margin, so these rules matter more for you than for the big senders:

  • Set a sunset rule today. No opens or clicks in 90 days? Send one honest "should I stop emailing you?" note. Still nothing? Stop emailing them. Keeping cold subscribers on the list feels harmless and is actually the classic way good senders drift into spam. (Opens are fuzzy since Apple's privacy changes, so trust clicks and replies most.)
  • Be consistent. Pick a rhythm you can keep, weekly beats daily-then-nothing. A domain that goes silent for two months and then blasts 5,000 emails looks exactly like a hacked account.
  • Make unsubscribing effortless. Your email platform adds the one-click unsubscribe header and footer link automatically, so never hide, shrink, or bury it. People who can't find unsubscribe in one second press the spam button instead, and that costs you 100x more.
  • Never import a purchased or scraped list, and never re-add addresses that bounced. Either one can undo everything in this guide in a single send.
9

Turn on your scoreboard

5 minutes

Google runs a free dashboard that shows how Gmail sees you, including your exact spam rate and whether you pass their requirements. Set it up once:

  1. Go to postmaster.google.com and sign in with any Google account.
  2. Add your domain. Google gives you a TXT record.
  3. Add it in the same Squarespace Custom records panel from Step 3 (same rules apply), then click Verify.

What to watch: the Compliance status page (everything should say OK) and the spam rate chart (under 0.1%). Small lists often show "no data yet" at first, that's normal, it fills in as your volume grows. Peek weekly for the first month, monthly after that.

Two small habits to go with it: run a mail-tester check before any big or unusual send, and if you set up the free DMARC report in Step 4, skim it Mondays for senders you don't recognize.

10

The 30-day check

2 minutes, in a month

Set a reminder for 30 days out. Reputation doesn't reset overnight: verification helps within days, but full recovery takes 2 to 4 weeks of consistent, engaged sending. During that window, resist the urge to blast, and let the welcome flow and sunset rule do their quiet work.

At the 30-day mark, run through this:

  • Gmail "Show original" still shows SPF, DKIM, and DMARC all PASS.
  • Postmaster Tools spam rate is under 0.1% and compliance shows no issues.
  • The sunset rule is actually running, and the coldest chunk of your list is gone or leaving.
  • New ManyChat subscribers get the welcome email instantly, and some are replying.

All true and you're still seeing spam placement? The fastest lever left: email your most engaged 20% (recent clickers and repliers) a short plain-text note with a question in it. A burst of genuine replies is the strongest medicine there is. If things are still stuck after that, the problem is almost always a cold segment you're still mailing, so cut deeper.

That's the whole fix 🎉

Verified domain, cleaner signups, a welcome email that earns replies, hygiene rules, and a scoreboard. You're now doing more than most professional senders. Keep the rhythm and the inbox will keep rewarding you.

If something won't cooperate

My platform still says "not verified" after 48 hours

Nine times out of ten it's the doubled-domain gotcha from Step 3. Open dnschecker.org, paste the full host from your email platform (like s1._domainkey.yourdomain.com), pick the record type (usually CNAME), and search. Nothing found? Edit the record in Squarespace and make sure the Name field holds only the part before your domain.

Also check: values pasted with stray spaces, a TXT added where a CNAME was asked for, or quotation marks that came along for the ride.

Squarespace says "Custom records not saved"

This is almost always an SPF conflict. Find any existing TXT records whose value starts with v=spf1, delete them, then re-add your records one at a time. Squarespace merges multiple SPF rows automatically, so don't try to hand-combine them.

Two different tools both want an SPF record

Add each one as its own TXT record and let Squarespace merge them. The rule being protected here: a domain can only have one effective SPF policy, and platforms that make you hand-edit it cause the errors Squarespace is saving you from.

My From address is a @gmail.com address

Switch it inside your email platform after Step 5: use you@yourdomain.com as the From, and set Reply-To to whatever inbox you actually read (that part can stay Gmail). Newsletters sent from free addresses can't be verified as you, get capped hard by the 2024+ rules, and undermine everything else in this guide.

Everything passes but I land in the Promotions tab

Promotions is the inbox, not the enemy. People check it, and legitimate marketing mail belongs there. The spam folder is what kills you, and you've fixed that. Replies, add-to-contacts, and drag-to-Primary (the P.S. in your welcome email) move you toward Primary naturally over time. Don't chase Primary with tricks, inboxes notice.

My domain isn't at Squarespace after all

No problem, the records are identical everywhere. Log in wherever the domain lives (GoDaddy, Namecheap, Cloudflare, Google Domains successors), find DNS settings or DNS records, and add the same records. The "type only the part before your domain" gotcha applies at most of them too.

Emails sent from ManyChat still do worse than my email platform's

Expected, honestly. ManyChat email rides shared infrastructure and needs its 2 to 4 week warm-up even after your domain is connected. If the gap doesn't close, take it as the final nudge to route chat leads into your email platform (Step 6, change 4) and let ManyChat do what it's great at: the conversation, not the newsletter.

The jargon, translated

SPFThe public list of servers allowed to send email for your domain. A bouncer with a guest list.
DKIMAn invisible cryptographic signature on every email proving nobody tampered with it and it really came from your domain.
DMARCYour published policy telling inboxes what to do when a message claims to be you but fails the checks, plus reporting so you can see it.
DNSYour domain's public settings file. The Squarespace panel from Step 3 edits it.
ESPEmail service provider, the platform that sends your newsletters (Kit, Flodesk, Mailchimp...).
AlignmentThe requirement that the domain people see in your From address matches the domain that passed SPF or DKIM. Verifying your own domain is what makes this true.

Tools used in this guide

learndmarc.com · watch your authentication pass in real time

mail-tester.com · one-click spam score for any email you send

postmaster.google.com · Gmail's official view of your domain

dmarc.postmarkapp.com · free weekly DMARC report

dnschecker.org · confirm your DNS records are visible to the world