List hygiene: the six-rule policy

A cleanup is reactive — you notice bounce rates climbing and go hunting for the problem. A policy is preventative: automatic rules that keep the list healthy without anyone having to remember to do it. The six rules below can all be encoded as Braze segments or event-based automations. Each one maps to a specific degradation pattern.

The Deliverability Management skill covers the reputation mechanics these rules protect. Each rule below is optimising for one of those mechanics.

An email that hard-bounces has told you the address doesn't exist, has been disabled, or has an irreversible delivery problem. Sending again produces another bounce, another negative reputation signal, zero chance of a response.

The rule: on any hard bounce, move the user's email subscription status to permanently unsubscribed from marketing, and flag the profile so manual re-subscription requires verification. Do not send marketing mail to the address ever again.

Exception: transactional mail can continue (password resets, security alerts) in case the user needs it for account recovery. Anything marketing-flavoured is suppressed permanently.

Soft bounces are recoverable in principle — full mailbox, temporary server issue. In practice, three soft bounces in a row usually means the mailbox is abandoned or the provider is treating your mail as spam-adjacent. Continuing to send is a reputation drain.

The rule: three consecutive soft bounces flags the user for suppression from marketing sends. Re-evaluate if the user engages (opens, clicks, visits the product) within 30 days; otherwise confirm the suppression permanently.

180 days is the default floor. Aggressive programs sunset at 90; conservative programs at 365. The right number depends on your natural engagement cadence — a product used weekly can sunset at 90 days; a product used quarterly needs 365+.

The rule: users with zero engagement signal (opens, clicks, product visits, transactions) in 180 days are moved to a "quiet list" that receives at most one re-engagement message per quarter. If they engage, back to active. If they don't respond after two re-engagement messages, permanent sunset.

The win-back flows guide covers the re-engagement sequences that run before final sunset — they're the safety net that catches users who would have come back if asked.

A user marking an email as spam is the single strongest negative signal in deliverability. Continuing to send after a complaint is catastrophic — the next complaint compounds the reputation damage, and most mailbox providers will rapidly downgrade your sender reputation if complaint rates climb.

The rule: on any complaint (via feedback loop from major ISPs), suppress the user from marketing and transactional sends immediately. Don't re-evaluate. Don't ask them to re-subscribe. The user has told you they don't want your mail; continuing is at best bad manners and at worst a regulatory issue.

Role accounts (info@, sales@, support@) are usually monitored by multiple people, rarely opted in by the role-owner intentionally, and a known source of complaints. Some mailbox providers treat high volumes to role accounts as a reputation signal.

The rule: role accounts are suppressed from marketing sends by default. They continue to receive transactional. If a specific role account has been explicitly subscribed by an authorised user, flag it for inclusion — but make explicit opt-in the requirement.

Spam traps are email addresses owned by mailbox providers or anti-spam organisations that exist only to catch senders who are acquiring list data through dubious means — scraping, purchased lists, old imports. Landing mail in a spam trap is a major negative signal.

The rule: if a third-party deliverability service flags a spam trap in your list (or a pattern suggests one), immediately investigate the source of the address and remove it. Review the acquisition path — you probably have other similar addresses you haven't yet identified. Never knowingly send to an address you can't trace back to a real opt-in.

Each rule becomes a Braze segment or a Braze-managed attribute flag. Hard bounce → segment excluded from all marketing. Soft-bounce-thrice → segment excluded. 180-day dormant → segment excluded from broadcasts, included in re-engagement only. Complaint → segment excluded permanently. Role-account → segment excluded by default. Spam trap → segment excluded and flagged for investigation.

The policy is only useful if it's enforced automatically. Document the six rules, implement the six segments, and audit quarterly that each is still firing as intended. The lifecycle audit checklist includes rule enforcement as one of the 30 points.