Infrastructure Assessment Service

Find what is actually preventing your email from reaching the inbox

Most deliverability problems have specific, diagnosable causes. A structured audit identifies whether the problem is your infrastructure, your authentication, your list quality, your sending behavior — or a combination — before you spend time or budget on the wrong fix.

SMTP Configuration Review Authentication Alignment (SPF · DKIM · DMARC) IP Reputation Assessment Per-ISP Delivery Analysis List Quality Evaluation Written Report + Recommendations

Seven diagnostic layers, each with specific findings

Deliverability problems are almost always multi-causal. An audit that only checks authentication misses list quality problems. An audit that only checks IP reputation misses DMARC misalignment. Each layer produces independent findings that may or may not be connected to the presenting problem.

SMTP Infrastructure Review

MTA configuration analysis: virtual-MTA pool architecture, domain block throttle settings, retry configuration, per-ISP routing, spool and queue configuration.

Authentication Alignment

Full SPF, DKIM, and DMARC verification. Alignment testing across all active sending paths. PTR record verification. BIMI readiness assessment where applicable.

IP Reputation Assessment

All sending IPs checked against Spamhaus (SBL, XBL, PBL), Barracuda, SpamCop, SURBL, and major ISP-specific blocklists. SNDS enrollment status for Microsoft IPs.

Per-ISP Delivery Metrics

Accounting log analysis for deferral rate by destination ISP. Google Postmaster Tools domain and IP reputation review. Yahoo/AOL postmaster data where accessible.

List Quality Evaluation

Hard bounce rate analysis by list segment and acquisition source. Complaint rate distribution. Inactive subscriber analysis. Unsubscribe rate trends and suppression system integrity.

Message Content Review

Header analysis from sent messages. HTML structure evaluation for spam filter triggers. Tracking domain reputation check. List-Unsubscribe compliance verification.

Written report with prioritised findings

The audit produces a written report structured as: (1) critical findings requiring immediate action, (2) significant findings affecting deliverability, (3) optimisation recommendations, and (4) infrastructure improvement roadmap. Each finding includes the specific evidence, the technical explanation, and the recommended resolution.

  • Discovery and data collection

    We request access to: Google Postmaster Tools data export, SMTP accounting logs, sample message headers (10–20 messages), current MTA/ESP configuration, and sending domain DNS records. No production system access required.

  • Infrastructure and authentication analysis

    Review of all configuration and DNS data against production best practices. Identification of misconfiguration, misalignment, and missing controls.

  • Reputation and delivery data analysis

    Per-ISP deferral rate analysis. Blacklist status across all IPs. Postmaster Tools reputation tier assessment. SNDS data review where available.

  • List and behavioral analysis

    Bounce category distribution analysis. Complaint rate patterns by segment or campaign type. Frequency and recency analysis of engagement data.

  • Report delivery and walkthrough

    Written report delivered within 5 business days of receiving all data. Optional 60-minute technical walkthrough to discuss findings and prioritise next steps.

5
Business days
to written report
7
Diagnostic layers
examined
30+
Blacklists checked
per IP
100%
Remote — no server
access required
When an audit is the right first step: If you are experiencing delivery problems but are not certain whether the cause is infrastructure, authentication, list quality, or ISP-specific behavior, an audit prevents spending on the wrong solution. The most common outcome is identifying 2–3 root causes, only one of which was suspected before the audit.
How long does an audit take?

Data collection takes 1–3 business days depending on how quickly access to Postmaster Tools and accounting logs can be arranged. Analysis and report writing takes 2–3 business days. Total elapsed time is typically 5–7 business days from engagement start to report delivery.

Do you need access to our servers?

No. The audit is conducted entirely from externally accessible data: DNS records, blacklist queries, Postmaster Tools exports, and log files you provide. We do not require SSH access, API credentials, or any production system access.

Can the audit be conducted while we continue sending?

Yes. The audit is entirely passive — it does not affect your current sending operations. Some senders prefer to continue sending during the audit period so we can observe live delivery pattern data.

Does the audit include implementation of the recommendations?

The audit produces findings and recommendations. Implementation is a separate engagement. Many clients use the audit report to prioritise what to fix internally; others engage us to implement the recommended changes as a managed infrastructure project.

What a Deliverability Audit Examines

A deliverability audit is a structured technical assessment of every layer of your email infrastructure that affects inbox placement. It covers authentication configuration, sending IP reputation, list composition, content and header characteristics, ISP-specific delivery data, and the operational practices that produce or degrade sender reputation over time. The output is a prioritized list of specific, actionable findings — not a generic checklist.

Authentication and DNS Layer

The audit starts with authentication because authentication failures affect every send until corrected. The assessment verifies: SPF record syntax and IP coverage, DKIM key size and rotation status, DMARC policy tier and alignment mode, PTR records for every active sending IP, and BIMI readiness for domains with established DMARC enforcement.

  • SPF record analysis: Does it authorize all sending IPs? Does it approach the 10 DNS-lookup limit? Is -all (hard fail) or ~all (soft fail) in use?
  • DKIM key audit: Are 2048-bit keys in use? When were keys last rotated? Is the signing domain correctly aligned with the From: header domain for DMARC?
  • DMARC verification: What policy tier (none/quarantine/reject)? Are aggregate reports being collected and reviewed? Is BIMI configured for high-value domains?
  • PTR verification for all sending IPs: Does every IP have a PTR record? Does it resolve correctly back to the sending domain?

IP Reputation Assessment

Each sending IP is assessed across multiple reputation systems: Google Postmaster Tools (domain and IP reputation tiers), Microsoft SNDS (per-IP status, complaint rate, trap hit data), major DNS blacklists (Spamhaus ZEN, Barracuda, SORBS), and proprietary reputation databases used by major ISPs. IPs with reputation data are compared against each other to identify pool members with disproportionate deferral rates.

Reputation SystemData PointsAccess MethodUpdate Frequency
Google Postmaster ToolsDomain reputation, IP reputation, spam rate, auth ratespostmaster.google.com (verified domain required)24-72 hour lag
Microsoft SNDSPer-IP complaint rate, trap hits, GREEN/YELLOW/RED statussendersupport.olc.protection.outlook.com/snds24-48 hour lag
Spamhaus ZENSBL/XBL/PBL listings (covers most blocking decisions)DNS query per IPReal-time
BarracudaIP reputation scoring (widely used by corporate email)barracudacentral.org/lookupsReal-time
MXToolbox aggregated25+ blacklist check in one querymxtoolbox.com/blacklists.aspxReal-time

Sending Infrastructure Audit

If the audit covers your PowerMTA deployment, the assessment examines configuration alignment with current ISP best practices: per-ISP domain block configuration, max-smtp-out values relative to IP reputation tiers, retry-after intervals, bounce classification handling, FBL enrollment status, and accounting log data for delivery rate trends across ISPs.

Deliverability Audit Deliverables

The audit produces a structured report organized by priority: Critical Issues (configuration or reputation problems causing active delivery failures), High Priority (problems degrading inbox placement that will worsen without intervention), Medium Priority (suboptimal configurations that reduce deliverability ceiling), and Recommendations (best practices not yet implemented that would improve long-term performance).

  • Technical findings with specific configuration evidence — not generic observations
  • Priority ranking with estimated inbox placement impact per finding
  • Step-by-step remediation instructions for each issue
  • Baseline metrics at audit time for comparison against post-remediation results
  • 30-day re-check to verify remediation effectiveness

When a Deliverability Audit Is Most Valuable

Deliverability audits are most valuable at four points in an infrastructure's lifecycle: before a major volume increase (to address issues before they scale), after a significant inbox placement decline (to diagnose the cause), before a domain or IP change (to establish a clean baseline), and annually as a routine health check for high-volume sending programs.

The audit cannot fix problems that exist at the list or content layer — those require operational changes to sending practices. But it provides the technical clarity needed to separate infrastructure-caused deliverability problems from content or list-caused problems, which is prerequisite to addressing the right layer.

Infrastructure-vs-list-quality distinction

The most frequent deliverability misdiagnosis is treating a list quality problem (high complaint rate, unengaged subscribers) as an infrastructure problem. A deliverability audit distinguishes between the two by examining which signals are elevated. High deferral rates with clean authentication and normal complaint rates = infrastructure issue. High complaint rates with no ISP blocking = list quality issue. Many senders waste months improving infrastructure when the problem is in the list.

Ready to find out what is actually causing your delivery problems?

Contact us with a brief description of the symptoms you are observing. We will confirm whether an audit is the appropriate starting point or whether the situation indicates a more targeted assessment.

Related Resources

Audit packages

Three depths of audit, calibrated to where you are in the deliverability problem. The Express audit is for senders who need a fast diagnosis; Standard for those wanting full remediation guidance; Premium for organizations rebuilding from a serious incident.

Express
€750

48-hour delivery

  • Authentication audit (SPF, DKIM, DMARC)
  • IP and domain reputation snapshot
  • Top 5 deliverability issues identified
  • Prioritized remediation list
  • 1-page executive summary
  • 30-min review call
Most chosen
Standard
€2,450

2-week engagement

  • Everything in Express
  • Per-ISP delivery analysis (Gmail, Yahoo, Outlook, GMX, others)
  • List quality and engagement segmentation review
  • Content and template audit
  • Postmaster Tools and SNDS interpretation
  • Detailed 15–25 page report
  • Two 60-min review calls
  • 30-day post-delivery email support
Premium
€4,900

4-week engagement

  • Everything in Standard
  • Live deliverability incident response
  • Direct remediation work (DNS changes, MTA tuning)
  • Custom monitoring dashboard setup
  • Weekly status calls during engagement
  • 90-day post-delivery support retainer
  • Optional transition to ongoing managed services

All packages include a written report, recommended actions ranked by impact, and a follow-up call. Premium engagements often transition into ongoing PowerMTA Managed Retainer relationships at customer option.

Request audit scoping call