Best Practices for MailBaby Users: Mailing Lists
If you are using WordPress to manage your mailing list and MailBaby to deliver your emails, you need a specific configuration to ensure high deliverability and maintain a good reputation. MailBaby provides the delivery engine, but best practices must be followed.
Here are the essential requirements for sending mailing lists successfully.
1. Ramp-Up for new mailing lists
Do not send to your entire list immediately. If you are a new user at mailbaby start sending your list slower than normal. MailBaby’s will learn your bounce rate and begin to assign a reputation
2. Separate Sign-Up from Sending
We recommend you separate your sign-up verification from your normal notifications. A user subscribing to your list, gets an email from an email used for email verification.
Use Double Opt-In Verification:
- The user enters their email on your site.
- Your system sends a single “Please Confirm” email (keep this simple).
- The user clicks the verification link.
- Only then are they moved to the “Active” list to receive content.
This ensures you never accidentally spam a mistyped address or a spam trap, which protects your sender reputation.
3. Handle Bounces Correctly
You must ensure your system accepts bounce messages. Over time, email addresses go dormant or get deleted. If you keep sending to an email that no longer exists, that may affect your reputation.
- Set a Valid Return-Path: Configure your SMTP settings to use a real email address (e.g.,
[email protected]) as the “Return-Path.” - Process Bounces: You must monitor this inbox. Even if you have to do it manually, you must review these bounces and remove the invalid addresses from your WordPress list immediately.
4. Implement One-Click Unsubscribe (RFC 8058)
If you send more than 5,000 emails a day to Gmail or Yahoo, this is a requirement.
You must ensure your mailing list plugin adds the List-Unsubscribe-Post header to your emails. This allows email clients to display a native “Unsubscribe” button at the top of the email if your volume requires it. For smaller lists ensure that opt out remains easy.
Always honor opt-outs immediately.
5. Secure Your Sign-Up Form
Unsecured forms are a major security risk. Bots can abuse your sign-up form to trigger thousands of verification emails to innocent victims which can damage reputation. This is known as “List Bombing.”
Required Protections:
- Captcha: Use Cloudflare Turnstile, Google reCAPTCHA v3 on all sign-up forms or some type of extra verification
- Alternative Honeypots: Use hidden fields that bots fill out but humans do not.
For more details on preventing form abuse, please review this guide: Your Sign Up Form May Be Acting As An Open Relay.