How long does a DIY deliverability audit take?

1-3 hours depending on complexity. Simple setup (one domain, one ESP): 1 hour. Complex setup (multiple domains, multiple ESPs, GoHighLevel + custom SMTP): 2-3 hours. Most time is spent checking DNS records and analyzing engagement data.

What tools do I need for a DIY audit?

Free tools: MXToolbox (DNS/blacklist checking), Google Postmaster Tools (Gmail reputation), Microsoft SNDS (Outlook reputation), Mail-Tester (comprehensive email test). Optional paid: GlockApps (inbox placement testing). All essential tools are free.

When should I hire a professional instead?

When: you've worked through this checklist and can't identify the problem, you don't have time for a thorough audit, your email infrastructure is complex (multiple ESPs, GoHighLevel, self-hosted), or the revenue impact of deliverability is significant enough to justify expert help.

How often should I audit deliverability?

Full audit: quarterly. Quick check (authentication + reputation + blacklists): monthly. After any major change (ESP migration, domain change, new sending service, volume spike): immediately.

What's the most common issue found in audits?

Missing or broken authentication — specifically, an ESP that was added without updating SPF, or custom DKIM that was never configured. This is the #1 issue I find in both DIY and professional audits.

Email Deliverability Audit: DIY Checklist

The Audit Checklist

Section 1: Authentication (Most Critical)

SPF

SPF record exists on sending domain
All sending services included (ESP, CRM, form tools, helpdesk)
Under 10 DNS lookups (check with MXToolbox SPF)
Ends with -all (hardfail) or ~all (softfail)
Only ONE SPF record per domain (no duplicates)

DKIM

DKIM configured for every sending service
DKIM signing with YOUR domain (not the ESP's domain)
Verify: send test email → view headers → check dkim=pass header.d=yourdomain.com
DKIM key is 2048-bit (not 1024-bit)

DMARC

DMARC record published at _dmarc.yourdomain.com
RUA address configured (receiving aggregate reports)
Policy is at minimum p=none (preferably advancing toward p=reject)
DMARC alignment: either SPF or DKIM aligns with From: domain

See our email authentication guide for full setup instructions.

Verification Test

Send test to mail-tester.com → aim for 9+/10
Send test to personal Gmail → check Authentication-Results header
All three show pass: spf=pass, dkim=pass, dmarc=pass

If any authentication is failing: STOP. Fix it before continuing.

Section 2: Reputation

Google Postmaster Tools: domain reputation (High/Medium/Low/Bad)
Google Postmaster Tools: spam rate (must be under 0.1%)
Microsoft SNDS: IP reputation (green/yellow/red)
Cisco Talos: IP reputation (Good/Neutral/Poor)
No blacklistings (check MXToolbox Blacklist)

If reputation is Low/Bad or you're blacklisted: Follow reputation recovery guide.

Section 3: List Health

Bounce rate under 2% on recent campaigns
Spam complaint rate under 0.1%
List validated within last 90 days
Sunset policy in place (suppress 180+ day inactive)
No purchased or scraped lists in use
Double opt-in or real-time validation on signup forms
Hard bounces removed automatically
Unsubscribes processed promptly

Section 4: Sending Patterns

Consistent daily/weekly volume (no spikes)
Dedicated IP properly warmed (if applicable)
New domains properly warmed before full-volume sending
Transactional and marketing on separate infrastructure
No sudden volume increases without warmup

Section 5: Content and Technical

Custom tracking domain configured (not ESP's shared domain)
List-Unsubscribe and List-Unsubscribe-Post headers present
Visible unsubscribe link in email body
Physical postal address in email footer
No URL shorteners (bit.ly, tinyurl)
Reasonable image-to-text ratio (not all-image emails)
Links limited to 3-5 per marketing email
Email size under 100KB

Section 6: Monitoring

Google Postmaster Tools set up and checked weekly
Microsoft SNDS registered for sending IPs
Blacklist monitoring active (HetrixTools or similar)
ESP analytics reviewed weekly
Alerts configured for bounce rate spikes and complaint increases

Scoring

Score	Interpretation
All checks pass	Your deliverability infrastructure is solid. Focus on engagement optimization.
1-3 failures in Section 1	Authentication issues. Fix immediately — this is your #1 priority.
Failures in Section 2	Reputation damage. Follow recovery protocols.
Failures in Section 3	List quality issues. Clean and implement prevention.
Failures in Sections 4-6	Optimization opportunities. Address after Sections 1-3 are clean.

After the Audit

Fix authentication issues first (Section 1)
Address reputation problems (Section 2)
Clean your list (Section 3)
Adjust sending patterns (Section 4)
Optimize content and monitoring (Sections 5-6)
Re-audit in 30 days to verify fixes

Practitioner note: I run this exact checklist for every client engagement. In 90% of audits, the root cause is in Section 1 (authentication) or Section 3 (list health). Content and sending pattern issues are real but secondary. Start at the top and work down.

Practitioner note: If you get a 9+ on Mail-Tester, all authentication passes, and reputation is High/Good — your infrastructure is solid. At that point, deliverability improvements come from engagement optimization (better segmentation, better content, better timing), not infrastructure changes.

If you want a professional deliverability audit with specific recommendations, schedule a consultation — I run comprehensive audits covering everything in this checklist plus sending pattern analysis, engagement decay trends, and architecture recommendations.

Sources

Mail-Tester: mail-tester.com
MXToolbox: mxtoolbox.com
Google: Postmaster Tools

v1.0 · March 2026