E
Email Deliverability

Email Deliverability Audit Checklist: A 30-Minute Check That Catches Problems

Run a complete email deliverability audit in 30 minutes. This checklist covers authentication, reputation, content, infrastructure, and list hygiene checks.

Best Practices

A deliverability audit catches problems before they become emergencies. If you've never audited your email setup — or it's been more than a few months — this checklist will identify the gaps.

Set aside 30 minutes. You'll check authentication, reputation, infrastructure, content practices, and list hygiene. Most issues can be identified with free tools.

Part 1: Authentication (10 minutes)

Authentication is the foundation. If this is broken, everything else is secondary.

SPF Record Check

Run your domain through our free deliverability checker. Verify:

  • [ ] SPF record exists
  • [ ] Record syntax is valid (starts with v=spf1)
  • [ ] All sending services are included (ESP, CRM, support tool, transactional service)
  • [ ] Total DNS lookups are 10 or fewer
  • [ ] Record ends with -all or ~all

Common failures: Missing an include: for a sending service you added recently. New marketing tools or CRM platforms often get overlooked.

DKIM Check

  • [ ] DKIM record exists in DNS for your primary selector
  • [ ] Key length is 1,024 bits or higher (2,048 recommended)
  • [ ] Signatures are validating on sent emails (send yourself a test and check headers)

Common failures: ESP rotated their DKIM key and you didn't update the DNS record. Check your ESP dashboard for the current expected DKIM record.

DMARC Check

  • [ ] DMARC record exists at _dmarc.yourdomain.com
  • [ ] Policy is set (p=none minimum, p=quarantine or p=reject preferred)
  • [ ] rua tag is set to receive aggregate reports
  • [ ] Alignment is passing (check DMARC reports for pass/fail rates)

Common failures: DMARC exists but alignment is failing because a sending service uses a different domain for the envelope sender.

If any authentication check fails, fix it before proceeding with the rest of the audit. Authentication failures override all other deliverability factors.

Part 2: Reputation (5 minutes)

Domain Reputation

  • [ ] Check Google Postmaster Tools for domain reputation (High, Medium, Low, Bad)
  • [ ] Check Microsoft SNDS for IP reputation (if you control your sending IPs)
  • [ ] Review any reputation warnings from your ESP dashboard

What to look for: Any reputation below "High" on Google Postmaster Tools needs investigation. Even "Medium" means something is off.

Blacklist Check

  • [ ] Run a blacklist check on your sending domain
  • [ ] Check your sending IP addresses against major blacklists (Spamhaus, Barracuda, SORBS)
  • [ ] If listed, follow the blacklist's removal process immediately

Common findings: Shared IP blacklisting — your ESP's IP got listed because of another sender. Contact your ESP or consider a dedicated IP.

Spam Complaint Rate

  • [ ] Gmail complaint rate is below 0.1% (check Google Postmaster Tools)
  • [ ] Overall complaint rates across ESPs are below 0.1%

If above threshold: Audit your opt-in process, make unsubscribe easier, and review sending frequency.

Part 3: Infrastructure (5 minutes)

MX Records

  • [ ] MX records exist and point to the correct mail servers
  • [ ] MX records have appropriate priority values
  • [ ] Mail servers are reachable and responding

TLS Encryption

  • [ ] Your sending server supports TLS/STARTTLS
  • [ ] Emails are being transmitted over encrypted connections (check email headers for TLS info)

Sending IP/Domain

  • [ ] Forward DNS resolves your sending IP to a hostname
  • [ ] Reverse DNS (PTR record) resolves back correctly
  • [ ] From address uses your actual domain (not a free email provider)

Note: If you use a managed ESP, they handle most infrastructure. These checks matter more if you run your own mail server or use a dedicated IP.

Automate your audits

Monitor SPF, DKIM, DMARC, MX, and blacklist status daily. Get alerts when checks fail instead of discovering problems manually.

Part 4: Content and Sending Practices (5 minutes)

Unsubscribe Compliance

  • [ ] Marketing emails include a visible unsubscribe link
  • [ ] List-Unsubscribe header is present (check email source)
  • [ ] List-Unsubscribe-Post header is present for one-click unsubscribe
  • [ ] Unsubscribe requests are processed within 2 business days

From Address

  • [ ] From name is recognizable and consistent
  • [ ] From address uses your domain (not gmail.com or another free provider)
  • [ ] Reply-to address is monitored

Content Red Flags

Review a recent marketing email for:

  • [ ] No ALL CAPS subject lines or excessive punctuation
  • [ ] Reasonable image-to-text ratio (not image-only emails)
  • [ ] All links point to legitimate, established domains
  • [ ] No link shorteners (bit.ly etc.) which look suspicious to filters
  • [ ] Subject line matches email content (no misleading subjects)

Part 5: List Hygiene (5 minutes)

Bounce Management

  • [ ] Hard bounces are being suppressed automatically by your ESP
  • [ ] Soft bounces are being tracked, with suppression after 3–5 consecutive failures
  • [ ] Hard bounce rate is below 0.5% per campaign
  • [ ] Total bounce rate is below 2% per campaign

Engagement Hygiene

  • [ ] Subscribers inactive for 6+ months have been segmented or removed
  • [ ] You're not emailing addresses that have never opened a single message
  • [ ] Re-engagement campaigns have been attempted for lapsed subscribers before removal

List Sources

  • [ ] All addresses were collected through opt-in (no purchased lists)
  • [ ] Double opt-in is used for web signups (recommended but not always required)
  • [ ] Form submissions are protected against bots (CAPTCHA or honeypot fields)

Scoring Your Audit

Count how many checks passed:

ScoreAssessmentAction All passingExcellent — your setup is solidSchedule your next audit in 3 months 1–3 failuresGood with gaps — fix the failuresAddress failures this week, recheck in 1 month 4–8 failuresSignificant issues — prioritize fixesFix authentication first, then reputation, then the rest 9+ failuresMajor overhaul neededStop sending marketing email until authentication is fixed

After the Audit

Priority Order for Fixes

  1. Authentication — Fix SPF, DKIM, DMARC first. Everything else depends on this.
  2. Blacklist removal — If listed, start the delisting process immediately.
  3. Complaint rate — If above 0.3%, reduce sending volume and clean your list.
  4. List hygiene — Remove bounces and unengaged subscribers.
  5. Content and practices — Update unsubscribe handling and content formatting.

Schedule Regular Audits

Run this checklist:

  • Monthly for high-volume senders (50,000+ emails per month)
  • Quarterly for moderate senders
  • After any change to DNS, email providers, or sending infrastructure

Better yet, set up automated monitoring that checks authentication and blacklists continuously, so you catch problems between manual audits.

Related Articles