Free PDF Report · 24h Delivery

Free Email Deliverability Audit
SPF · DKIM · DMARC · Blacklists

Drop your domain, you'll receive a full deliverability PDF (DNS records, blacklist status, sender reputation, plain-language fixes) within 24 hours. No obligation, no upsell.

  • SPF / DKIM / DMARC validation with alignment + lookup-count check
  • Major blacklist scan: Spamhaus, Barracuda, Sorbs, SURBL, Invaluement
  • Sender-reputation review (Postmaster, SNDS) + MX / reverse-DNS / BIMI / MTA-STS
  • Plain-language remediation steps you can apply without me

Report delivered within 24 hours. We don't spam, your email is only used to send the report.

By submitting, you agree to receive your audit report by email. We won't share or sell your data. See our privacy policy for what we collect and how it's used.

Already know you want this fixed for you? See the CRM Migration package or send a written brief for a custom quote.

What's in the report

Every check, every layer

A full inventory of what receivers see when your domain sends mail, written so a non-specialist can act on it.

SPF

Record syntax, lookup-count budget (10-DNS-lookup limit), `+all` / `~all` / `-all` policy review, alignment with the From header.

DKIM

Selector discovery, key length (RSA 1024 vs 2048), key rotation status, signature alignment with the visible sender domain.

DMARC

Policy (none / quarantine / reject), percentage rollout, aggregate (`rua`) and forensic (`ruf`) reporting destinations, subdomain policy.

Blacklists

Spamhaus (SBL, XBL, PBL, DBL, ZEN), Barracuda, Sorbs, SURBL, Invaluement, domain & sending-IP coverage with delisting links.

Sender reputation

Google Postmaster signals (where verifiable), Microsoft SNDS readiness, common reputation flags. No invented "sender score", only what receivers actually publish.

MX & reverse DNS

MX record health, PTR record matching the HELO string, common misconfigurations that quietly drop legitimate mail.

BIMI

Whether your DMARC posture is strong enough to qualify for BIMI, VMC requirements, and what your logo would need to look like.

MTA-STS & TLS-RPT

In-transit encryption posture, MTA-STS policy file, TLS-RPT reporting endpoint configuration.

Plain-language fixes

Each finding ranked by impact (high / medium / low) with a concrete remediation step a competent admin can apply without further consulting.

Why this matters

The cost of poor deliverability is silent

If even a quiet share of your transactional and marketing email lands in spam, the impact is rarely visible in your stats, bounces stay low, the dashboard stays green, but customers stop replying, password-reset emails get blamed on "the system", and onboarding sequences silently underperform.

Most fixes are configuration-only: a corrected SPF record, a properly aligned DKIM signature, a DMARC policy that reports rather than rejects until you trust the data. None of them require new infrastructure or vendor change. They just require knowing what to look at and in what order.

That's the audit. A flat, opinionated read of your domain's current state, ranked by what to fix first.

How it works

Three steps, one PDF

  1. 01

    Enter your domain

    Email + domain (no protocol, no path, just example.com). Optional name. That's the entire form.

  2. 02

    Automated audit runs

    Public DNS records and blacklist registries are queried; the script compiles findings, ranks them by impact, and writes the PDF.

  3. 03

    PDF in your inbox

    Within 24 hours. If it doesn't show up, peek in spam (a small irony when auditing deliverability) and add the sender to your contacts.

FAQ

Common questions

Is the audit really free?
Yes. There is no fee, no payment information collected, and no obligation to buy anything afterward. The report is generated once per domain per requester to keep things sustainable on my side.
How long does the audit take?
Most reports are delivered within 12 hours; the published SLA is 24 hours so I have buffer for batches and complex domains. You will receive an email when the PDF is ready, with the report attached.
Do I have to pay you to fix the issues?
No, the report includes plain-language remediation steps a competent admin can apply themselves. If you'd rather have it handled professionally, especially if you're on a paid CRM and want to consolidate costs, the CRM Migration service includes a full deliverability audit and fixes in the package. For standalone deliverability work outside a migration, send a written brief on the contact page for a custom quote.
What is the difference between SPF, DKIM, and DMARC?
SPF tells receiving servers which IPs are allowed to send for your domain. DKIM cryptographically signs each message so receivers can confirm it was not modified in transit. DMARC tells receivers what to do when SPF or DKIM fail and where to send aggregate reports. The three work together; none of them alone stops all spoofing.
How often should I audit deliverability?
After any significant change, new ESP, new sending IP, domain handover, or new high-volume campaign, and at least once per year. Reputation drifts, DNS records get edited by mistake, and blacklists change their criteria over time.
What if my domain doesn't send email yet?
Auditing a not-yet-sending domain is actually the best moment, you get a clean baseline and a checklist before warm-up. The report flags what to set up before your first send.
What about shared sending domains (Gmail, Outlook 365)?
If you only send through a shared provider's domain (e.g. you@gmail.com), there is no DNS to audit on your side. The report would focus on whether your custom domain (if any) is properly aligned for transactional or marketing email.
Do you handle blacklist delisting?
The report identifies which lists you appear on and links to each list's delisting form. Most major lists accept self-service delisting once the underlying issue is fixed. Stubborn cases (Spamhaus, repeat offenders) can take a paid engagement to resolve.
Do you need access to my DNS or email account?
No. The audit only uses publicly visible DNS records and public reputation data. You do not give me any credentials, and I cannot read your email.
Chat on WhatsApp