--- title: Email Deliverability Audit category: product entity_type: skill price: $15 canonical: https://forgehouse.ai/skills/email-deliverability-audit/ lang: en hreflang_alt: https://forgehouse.ai/tr/skiller/email-deliverability-audit/ last_updated: 2026-06-20 --- # Email Deliverability Audit > SPF + DKIM + DMARC + BIMI denetimi, bounce/spam complaint pipeline, Resend domain validation… An end-to-end email deliverability audit that checks SPF, DKIM, DMARC and BIMI, parses DMARC aggregate reports, validates your sending domain, and wires bounce and complaint handling into an automatic suppression list. It guarantees that reports and transactional mail land in the inbox instead of the spam folder, which is where client trust quietly lives or dies. ## Use cases - Checking a new client's domain authentication during onboarding - Validating DNS records before going live with a sending domain - Diagnosing why reports or order confirmations land in spam - Final review before switching a domain from test to live sending - Investigating a bounce or spam-complaint rate alarm - Assessing whether a BIMI logo certificate is worth the cost ## Benefits - Get reports and order confirmations into the inbox so clients see your work - Block spoofing and phishing with four independent authentication layers - Catch deliverability decay early before it burns months of sender reputation - Stay compliant with consent, erasure and data-processing obligations in one flow ## What’s included - A DNS audit script for SPF, DKIM, DMARC, BIMI and MX with lookup-limit checks - A sending-domain validation wrapper that flags missing or unverified records - A DMARC aggregate report parser that surfaces suspicious sending sources - A bounce and spam-complaint webhook handler that auto-builds a suppression list - A consent gate with canary mode and one-click unsubscribe headers - A 30-second CEO-ready audit report with a color-graded score and top-three fixes ## Who it’s for Agencies and senders whose client reports, transactional mail or campaigns must reliably reach the inbox under strict authentication and consent rules. ## How it runs Inbox placement is verifiable, not a mystery. The skill resolves your SPF, DKIM and DMARC records deterministically, parses aggregate reports for spoofing signals, audits bounce handling, and hands back three prioritized fixes. 1. Pulls the DNS layer with a deterministic resolver: the SPF record plus its DNS lookup count against the hard limit of 10, a scan across common DKIM selectors, the DMARC record parsed down to its policy (none, quarantine or reject), BIMI and MX, all written to a structured audit JSON. 2. Cross-checks the sending platform side via the Resend domains API: which records the provider considers verified, which SPF and DKIM entries are still missing, and whether the domain is actually cleared to send. 3. Parses the DMARC aggregate XML reports landing in the reporting mailbox: per-source-IP pass and fail counts, the overall pass rate, and a suspicious-IP flag for any source failing at twice its pass volume, which is how spoofing attempts surface. 4. Audits the feedback loop: hard bounces go to a permanent suppression list, spam complaints trigger same-day suppression plus an opt-out flip, and 90 days without an open feeds the engagement-decay suppression that protects sender reputation. 5. Gates the legal layer before anything goes live: explicit consent timestamp on record, suppression list checked per recipient, a data processing agreement verified for EU recipients, and the correct transactional-versus-marketing categorization under the provider's terms. 6. Outputs a report the decision-maker can act on in 30 seconds: a color-coded overall score, the top 3 prioritized fixes, and a 9 to 10 out of 10 third-party spam-test target as the pass bar. ## FAQ ### Does this work with whatever sending provider I use? The audit checks domain-level authentication, SPF, DKIM, DMARC and BIMI, which sit at the DNS layer regardless of provider. It validates the sending domain itself, so it is not tied to one mail service. ### My order confirmations land in spam. Can this actually tell me why? It parses your DMARC aggregate reports and checks each authentication record, where most inbox-placement failures originate. That turns a vague spam problem into a specific record that is missing or misaligned. ### If my authentication is clean but mail still goes to spam, does this help? Its scope is authentication, domain validation and bounce or complaint handling, not the wording of your campaigns. Spammy content or a damaged sending reputation are separate problems this audit does not rewrite. ## Price $15, one-time, no subscription. VAT included. Related guide: [Building a multilingual AI content pipeline](https://forgehouse.ai/guides/ai-content-pipeline/)