I say this a lot in workshops: good marketers watch opens; great marketers watch bounces. That’s where your real costs, sender reputation, and ultimately your revenue live. This piece is the most “hands-on” in my bounce series: I walk through the 10 issues I see most often when I audit email programs, what each one is, the likely bounce type (hard vs. soft), how I prevent it, and a quick real-world win to make it concrete.
I won’t drag you into SMTP code soup or a thesis on deliverability/blacklists. The goal is simple: fast diagnosis and effective guardrails.
1. Invalid or non-existent addresses (typos, user unknown)
What it is: Addresses that don’t exist anymore, or ever: fat-fingered domains (“gmial.com,” “yaho.fr”), illegal characters, or deleted inboxes. This is the #1 culprit, especially after bulk imports.
Bounce type: Almost always hard.
How to prevent it:
- Block errors at the source: syntax validation, MX check on the domain, and common-typo detection with suggested fixes.
- Use double opt-in where it fits your use case.
- Add real-time verification before writing to your database (no test email needed).
- Treat “vintage” CRM imports as toxic until cleaned.
Real-world win: After a form refresh, a client cut hard bounces from 1.8% → 0.4% in 3 weeks by adding “Did you mean @gmail.com?” suggestions plus a lightweight front-end MX check.
2. Bad or misspelled domains (NXDOMAIN / no MX)
What it is: The local part looks fine, but the domain doesn’t exist or can’t receive mail (no MX record). It’s the sibling of #1, but on the domain side.
Bounce type: Usually hard.
How to prevent it:
- Do a DNS lookup + MX check at form time.
- Maintain a list of common domain typos (gmial, hotmial, outlok).
- Block known expired/bad domains (keep a small internal list you refresh during audits).
- For partner feeds: set quality thresholds (max invalid rate or the list gets rejected).
Real-world win: An international B2B blast hit 3% hard. By segmenting by domain, 80% of bounces came from one country with transliteration errors. Fixing the mapping dropped bounces below 0.6%.
3. Closed accounts / B2B turnover (user unknown, account disabled)
What it is: In B2B, people leave, inboxes get shut down. In B2C, free webmail accounts get abandoned.
Bounce type: Hard.
How to prevent it:
- Quarterly hygiene: re-verify inactive/dormant segments.
- For long nurture cycles (6–12 months), run a light reactivation step before big sends.
- Watch hard bounce rate by source; post-event and partner lists decay fast.
- Auto-suppress immediately after a hard bounce, never retry.
Real-world win: A “prestige” B2B list (executive teams) ran at 2.2% hard. Targeted hygiene on contacts with >18 months no opens brought it to <0.8% in a month.
4. Mailbox full
What it is: Recipient’s quota is maxed. Annoying, but temporary.
Bounce type: Soft.
How to prevent it:
- Use smart retries with backoff (e.g., 15 min → 1h → 4h → 12h → 24h), then stop.
- If the box stays full across multiple campaigns, suppress it.
- Skip heavy attachments (see #6).
- Prioritize transactional traffic when resources are tight.
Real-world win: A SaaS onboarding series saw 0.9% soft for “mailbox full.” Removing attachments and hosting guides online cut it by 3×.
5. Throttling / rate limiting by the recipient domain
What it is: The recipient’s server slows or limits your delivery rate. You’re pushing too fast, or your reputation doesn’t justify that cadence. One of the most misunderstood soft bounces.
Bounce type: Soft (but can snowball if you keep hammering).
How to prevent it:
- Warm up new domains/IPs slowly and in steps.
- Set per-domain throttles for the big mailbox providers (Gmail/Outlook/Yahoo) based on observed feedback.
- Spread sends in windows instead of “all in 10 minutes.”
- Track soft rate by domain; if it climbs, dial back for that domain only.
Real-world win: An e-commerce brand blasted 400k emails in 7 minutes. Two major providers responded with waves of softs. Spreading over 2 hours with domain-specific caps cut soft bounces from 1.6% → 0.2%.
6. Message too large (attachments, heavy images/HTML)
What it is: Your email exceeds size limits (total weight or big attachments) or is expensive to render (bloated HTML, giant GIFs).
Bounce type: Mostly soft (“message too large”), sometimes hard depending on policy.
How to prevent it:
- Zero attachments on campaigns; host assets (PDF, video) and link out.
- Compress images; avoid oversized animations.
- Ship a clean, concise text part.
- Basic HTML minification (without breaking layout).
- Always test across a domain panel before scaling.
Real-world win: A weekly newsletter dropped from 1.8 MB → 420 KB (image optimization + minification). “Too large” softs disappeared and mobile render times halved.
7. Greylisting (temporary deferral to vet new senders)
What it is: Some servers auto-defer the first attempt from an unknown sender and expect you to retry, proving you’re a real MTA.
Bounce type: Soft.
How to prevent it:
- Implement smart retries (backoff + sensible limits).
- Keep a stable identity: consistent sending domain, clean PTR/HELO, aligned signatures.
- Avoid frequent IP/domain changes that reset you to “unknown.”
- Warm up cautiously on sensitive domains.
Real-world win: Adding a simple retry at +20 min then +2h converted ~70% of greylists into successful deliveries, no other changes.
8. Policy blocks & role-based addresses (policy rejection)
What it is: Some domains enforce strict rules: reject role-based mailboxes (info@, sales@, support@), require strong auth, or block unapproved senders. This isn’t about your copy; it’s house policy.
Bounce type: Often hard for role-based; sometimes soft if the policy allows another try.
How to prevent it:
- Decide your stance on role-based (allowed, risky, or excluded) and handle them differently.
- Align SPF/DKIM/DMARC (details live in my codes/deep-dive posts).
- Use a credible, stable sending domain (no throwaways).
- Capture explicit opt-in for shared inboxes (committees, generic mailboxes).
Real-world win: A B2B file had 15% role-based. Isolating them with more institutional content and a lower cadence cut related bounces by ~50% while keeping positive ROI.
9. Aggressive anti-spam filtering (content, URLs, reputation)
What it is: Server-side rejection because the message looks spammy: too many tracking hops, sketchy URL shorteners, trigger-y copy/structure, or outbound links with poor reputations. This is not “went to spam folder”, it’s a reject.
Bounce type: Hard or soft depending on policy.
How to prevent it:
- Trim tracking: fewer redirects; avoid dubious shorteners.
- Keep content balanced: sane text-to-image ratio; no link walls.
- Maintain coherence: sender ↔ message ↔ landing page.
- Watch the reputation of all linked domains (LPs, CDNs, third-party links).
- Test across a domain panel before full send.
Real-world win: A B2C launch saw “policy spam” rejects. Root cause: a public URL shortener with a bad rep. Switching to direct links (or a trusted shortener) fixed it instantly.
10. Your own infrastructure issues (DNS, TLS, identity)
What it is: Outages or misconfigurations on your side: DNS flaps, expired DKIM keys, missing/incorrect records, no reverse DNS, TLS negotiation failures. From the outside, you look misconfigured.
Bounce type: Often soft, but persistent issues can be treated as hard.
How to prevent it:
- Monitor the basics (DNS uptime, key validity, record resolution, SMTP latency).
- Sensible TTLs and redundant DNS.
- Aligned PTR/HELO; current TLS certs.
- Rollback procedures so you can revert quickly if a change breaks the chain.
Real-world win: A poorly sequenced DNS provider change spiked soft bounces for 40 minutes. Alert → rollback → clean redeploy off-hours. No repeats since.
Bonus: “Grimy” lead collection (partners, sweepstakes, disposable emails)
What it is: You open a partner feed and find disposables, dupes, role-based, and stale addresses. Not a single technical cause, just a breeding ground for causes #1–9.
Bounce type: Mixed hard + soft.
How to prevent it:
- Contract for quality (max invalid rate, proof of opt-in, right to audit).
- Filter disposables (domain lists) and risk-score on ingestion.
- Use honeypots and anti-bot signals on sweepstakes.
- Quarantine questionable batches; no full sends before validation.
Real-world win: An affiliate feed contained 12% disposables. Enforcing real-time verification at the source led the partner to purge upstream, and hard bounces dropped 5×.
Do-this-now checklist
- Lock down form validation (syntax + domain/MX + typo suggestions).
- Turn on real-time verification and risk scoring before insert.
- Implement smart, bounded retries for softs.
- Auto-suppress every hard bounce (zero retries).
- Throttle by domain when softs rise.
- Slim templates (no heavy attachments; optimized images).
- Monitor infra (DNS, identities, TLS) with basic alerts.
- Segment imports; never “full blast” without a test cell.
- Track by domain and by acquisition source.
- Document who does what when a bounce spike hits.
Quick barrier table
| Cause | Type | Guardrail |
|---|---|---|
| Invalid addresses / typos | Hard | Validation + double opt-in + real-time verify |
| Bad domains / no MX | Hard | MX check + domain typo catch |
| Closed accounts / turnover | Hard | Quarterly hygiene + pre-send reactivation |
| Mailbox full | Soft | Backoff retries + suppression threshold |
| Throttling / rate limiting | Soft | Warm-up + per-domain pacing + spread sends |
| Message too large | Soft/Hard | Compress, link out, lean HTML |
| Greylisting | Soft | Smart retries + stable identity |
| Policy blocks / role-based | Hard/Soft | Role-based policy + aligned SPF/DKIM/DMARC |
| Anti-spam filtering (content/URLs) | Hard/Soft | Minimal tracking + reputable domains |
| Sender infra issues | Soft/Hard | DNS/TLS monitoring + proper PTR/HELO |
Mistakes to avoid
- Retrying a hard-bounced address “just in case.” You’re burning reputation.
- Sending at one flat rate to everyone. Pace by domain.
- Stacking tracking redirects. Simplify the chain.
- Swapping IPs/domains constantly. Stability wins.
- Importing without testing. Always start with a sample cell.
How I use BounceStrike
Everything above is packaged so it’s easy to run day-to-day. That’s exactly what BounceStrike and our verification engine Predator™ v2 do, and what I use in my own pipelines.
In a few hours you can turn on:
- Real-time verification at the source (API/Widget): block typos, no-MX domains, non-existent addresses, and most role-based mailboxes if you choose.
- Advanced catch-all domain handling: instead of blind blacklists, Predator™ v2 scores deliverability risk case-by-case.
- Batch hygiene for imports: enriched outputs with status (valid/invalid) and normalized reason.
- Universal bounce normalization: no matter your ESPs, we map their feedback to one API, so your hard/soft decisions can be automated.
- Native API connectors to slot into your CRM/ESP with minimal friction.
- Privacy-first operations with industry-standard data handling and hosting practices.
If you want me to review your stack and ship a punch-list (collection, templates, pacing, infra), we can start with a sample of your file. Try BounceStrike on your next 10,000 emails, you’ll see exactly where bounces originate and how to neutralize them before they happen.
Bounces aren’t fate. In 8 out of 10 cases, they’re predictable and preventable with simple guardrails: validate at the source, verify in real time, lighten your messages, pace by domain, watch your infra, and decide fast (hard = suppress, soft = bounded retries). Discipline and clear signals make the difference.
Take these 10 causes, run a mini audit (by domain, by source, by bounce type), and fix one thing per week. In 4–8 weeks, your bounce profile, and your costs, will look completely different. Want to accelerate that curve? You know the move: BounceStrike.
