The infrastructure work that happens before the first template fires.
Most businesses assume that if they send an email, it arrives. It doesn't — not reliably, and not without deliberate setup. The infrastructure decisions made before sending the first email determine whether it lands in the inbox or the spam folder. Getting deliverability wrong means all the work downstream (templates, sequences, routing) is invisible to the people it was built for.
The Anchor build's outbound email before Era 3 came from WordPress's default wp_mail(), using the server's PHP mail function. Server-sent email from a shared hosting IP with no authentication records is what spam filters are designed to catch. Open rates were unmeasurable because most emails weren't delivered.
The problems: no SPF record, no DKIM signature, no DMARC policy, a shared hosting IP with poor reputation from other tenants, and no bounce handling. Hard bounces were accumulating silently with no remediation.
SPF is a DNS record that lists which mail servers are authorized to send on behalf of your domain. Without it, any server can send email claiming to be from your domain, and receiving servers have no way to tell the difference.
v=spf1 include:_spf.brevo.com ~all
The ~all softfail marks suspicious mail rather than rejecting it outright — more forgiving during the warm-up period. Switch to -all hardfail once the domain reputation is established.
DKIM adds a cryptographic signature to every email. The receiving server verifies the signature against a public key in DNS, confirming the content wasn't modified in transit and the email was sent by an authorized sender.
TXT mail._domainkey.yourdomain.com
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB...
Brevo generates the key pair. The public key goes in DNS; the private key stays on Brevo's infrastructure and signs every outbound email automatically.
DMARC tells receiving servers what to do when SPF or DKIM fails, and where to send failure reports. Start with p=none to monitor before enforcing:
v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com; pct=100
After monitoring: advance to p=quarantine (spam folder on failure), then to p=reject (block on failure) once legitimate mail is confirmed authenticated.
Don't send transactional email from your primary domain. If the sending domain gets flagged, your primary domain's reputation stays clean. Send from mail.yourdomain.com. Set SPF, DKIM, and DMARC on the sending subdomain specifically.
A new sending IP is treated with maximum suspicion. Warm up with gradual volume increase over 4–6 weeks, starting with your most-engaged recipients:
Week 1: 50 emails/day
Week 2: 200 emails/day
Week 3: 500 emails/day
Week 4: 1,000 emails/day
Week 5: 2,500 emails/day
Week 6+: target volume
Hard bounces must be suppressed immediately. Continuing to send to bounced addresses damages sender reputation. Brevo fires a webhook on every bounce event:
add_action( 'rest_api_init', function() {
register_rest_route( '[client]/v1', '/brevo-webhook', [
'methods' => 'POST',
'callback' => '[client]_handle_brevo_webhook',
'permission_callback' => '[client]_verify_brevo_webhook_signature',
] );
} );
function [client]_handle_brevo_webhook( WP_REST_Request $request ): WP_REST_Response {
$events = $request->get_json_params();
foreach ( $events as $event ) {
if ( in_array( $event['event'], [ 'hard_bounce', 'invalid_email' ], true ) ) {
[client]_suppress_email( sanitize_email( $event['email'] ) );
}
}
return new WP_REST_Response( [ 'ok' => true ], 200 );
}
[client]_suppress_email() adds the address to a suppression table. Every outbound send checks the suppression table before calling wp_mail().
Deliverability is the floor everything else is built on. A 47% open rate on a properly configured sending setup outperforms a 3% open rate on a misconfigured one regardless of how good the template is. The one-time cost of SPF, DKIM, DMARC, and a dedicated sending domain is 2–4 hours. The cost of not doing it is every automated email going to spam indefinitely.
Deliverability setup preceded the first template send by two weeks — the warm-up period ran while templates were being built. Open rate in month one: 51% (industry average for this vertical: ~24%). The DMARC monitoring reports confirmed zero authentication failures throughout. No blacklistings in the first six months.
p=none, read the reports, then advance. Jumping to p=reject without monitoring first risks blocking legitimate email you didn't know existed.Every lesson stays free — no account, no paywall, no email gate, ever. But if you’d rather have this system standing on your business than wire all 48 lessons yourself, leave your email. We’ll send you a direct line to a build — and you’ll be first to hear when we add new tools to the curriculum.
None of this gates a single lesson. The curriculum was free before you got here and it stays that way.
You came here to understand the system, and now you do. If you’d rather have it standing on your business than spend the next three months wiring it yourself, GAP Concierge is the same architecture from these lessons — a white-label AI agent that knows your catalog and captures your leads — set up for you, from $97/mo.
See GAP Concierge →