Your emails are getting delivered. But are they getting seen?
A 97% delivery rate sounds great on paper. But delivery rate only tells you that a message was accepted by the receiving mail server — it says nothing about whether that message ended up in the inbox or the spam folder. The gap between "delivered" and "seen" is exactly where an email deliverability audit lives.
If you're sending marketing emails, transactional messages, or operating a platform that sends email on behalf of your users, an audit is the most efficient way to find out what's actually happening to your messages after they leave your servers.
What Is an Email Deliverability Audit?
An email deliverability audit is a comprehensive evaluation of everything that influences whether your emails reach the inbox. It goes far beyond checking whether your SPF record is valid.
A thorough audit typically covers seven areas:
Engagement statistics. Open rates, click-through rates, bounce rates, and spam complaints — broken down by mailbox provider, IP address, and sending domain. Aggregate numbers hide problems. A 31% overall open rate can mask a 23% open rate at Gmail, which is where more than half your audience probably lives. Digging into provider-level data is what separates a real audit from a vanity metrics review.
Infrastructure analysis. DNS records (SPF, DKIM, DMARC), IP reputation across multiple sources (Google Postmaster Tools, Sender Score, Talos Intelligence), and email server configuration. Misconfigured authentication doesn't always cause an immediate bounce — it can quietly erode your reputation for weeks before you notice the impact.
IP and domain reputation. Your sending reputation is the single biggest factor in inbox placement decisions. An audit pulls reputation data from multiple providers because they don't always agree. An IP address might score a 95 on Sender Score while simultaneously showing "Low" on Google Postmaster Tools. You need the full picture.
Mailbox provider performance. Gmail, Microsoft, and Yahoo each make filtering decisions differently. Gmail weighs domain reputation and engagement heavily. Microsoft leans on IP reputation. An audit evaluates your performance at each major provider individually, because a problem at Microsoft doesn't necessarily mean you have a problem at Gmail, and vice versa.
Email content analysis. This includes reviewing message templates, header configuration, link handling, unsubscribe functionality, and message size. Issues like message clipping — where Gmail truncates oversized emails — don't directly hurt deliverability, but they hide unsubscribe links and break open tracking pixels, which creates downstream reputation damage.
Sending patterns and segmentation. How email volume is distributed across IPs, how traffic is segmented by risk profile, and whether sending patterns are consistent or erratic. Sudden volume spikes from a single user or campaign are a common trigger for filtering and blocking.
Authentication and DNS configuration. Beyond the basics of SPF, DKIM, and DMARC, a complete audit also evaluates MTA-STS, TLS-RPT, DNSSEC, link branding configuration, and reverse DNS. These aren't vanity features — they each serve a specific function in protecting your sending infrastructure.
What Does an Audit Actually Uncover?
The findings vary, but certain patterns come up repeatedly across audits. Here's what we typically see.
Hidden Spam Folder Placement
The most common — and most costly — finding is that a significant portion of email is landing in spam, and nobody knows. The delivery rate looks fine because the receiving server accepted the message. But acceptance and inbox placement are two different things.
The telltale sign is a gap between your overall open rate and your open rate at a specific provider. If your aggregate open rate is 60% but your Gmail open rate is dropping month over month, there's a strong chance Gmail is routing more of your traffic to spam. When domain reputation drops from "High" to "Medium" at Google Postmaster Tools, that's a leading indicator that spam folder placement is increasing.
Reputation Damage From a Handful of Bad Senders
For platforms that send email on behalf of multiple users or clients, one of the most consistent audit findings is that a small number of senders are responsible for the majority of reputation damage. A single user generating a 4% open rate while consuming 13% of total sending volume will drag down every other sender on your infrastructure. A few clients with misconfigured DMARC or excessive bounce rates can trigger IP-level blocks that affect your entire network.
This problem is especially acute at Microsoft, where spam filters rely heavily on IP reputation. One sender's poor behavior on a shared IP can cause blocking for every sender using that same IP.
Dangerously High Spam Complaint Rates
Gmail requires senders to keep spam complaint rates below 0.3%. That's a hard line — not a suggestion. Consistently exceeding it will erode your domain reputation, and once reputation drops below "Medium," you're looking at significant spam folder placement. We regularly find senders operating at 0.7% or higher, sometimes spiking above 1%, without realizing they're in violation because they're not monitoring Google Postmaster Tools closely enough.
The fix is rarely just "send better content." It usually involves improving unsubscribe functionality (making it mobile-friendly, adding one-click unsubscribe headers, placing unsubscribe links at both the top and bottom of messages), implementing engagement-based sunsetting, and identifying which specific message types or user segments are generating the most complaints.
List Hygiene Problems
Database audits frequently reveal that 3–7% of an email list consists of invalid addresses, potential spam traps, or risky addresses associated with disposable or throwaway accounts. These aren't just wasted sends — spam traps actively damage your reputation, and repeatedly sending to invalid addresses signals to mailbox providers that you're not managing your list.
The related problem is "bounce-drop" events: attempting to send to addresses that have already bounced. These don't hurt deliverability directly, but they waste sending credits at scale. We've seen cases where properly syncing suppression lists would save millions of ESP credits per year.
Authentication Gaps and Misconfigurations
Even organizations that have SPF, DKIM, and DMARC in place can have configuration problems hiding in plain sight. Common examples: duplicate DMARC records on a single domain, typos in DMARC records, missing DMARC entirely on customer domains sending through your platform, and misconfigured DKIM alignment causing authentication failures that result in blocks.
For platforms with hundreds of customer domains, a comprehensive audit of every domain's authentication configuration is essential — and almost never done proactively.
Ineffective IP Pooling and Segmentation
Many senders use multiple IP addresses but don't segment their traffic effectively. When 95% of all traffic flows through a single IP pool, the segmentation provides no real protection. An audit evaluates whether your IP allocation actually reduces risk or just adds complexity without benefit.
The reverse problem also exists: uneven volume distribution across IPs makes it difficult to establish consistent reputation baselines and complicates troubleshooting when problems arise.
When Do You Need a Deliverability Audit?
Not every sender needs an audit every quarter. But there are clear signals that an audit would pay for itself.
Your open rates are declining and you don't know why. A slow, steady decline in open rates — especially at a specific provider — is the classic sign of increasing spam folder placement. By the time open rates have dropped 10–15 percentage points, your reputation may have already shifted from "High" to "Medium" or worse.
You've been blocked or throttled by a major provider. If you're seeing rejection messages from Gmail referencing "very low reputation of the sending domain" or from Microsoft telling you your IP is on a block list, an audit will tell you exactly what's driving the problem and how to fix it systematically rather than playing whack-a-mole with individual blocks.
You're a platform sending on behalf of multiple users. SaaS companies, CRMs, real estate platforms, marketing automation tools — anyone sending email on behalf of hundreds or thousands of individual users has a shared infrastructure problem. Your best sender and your worst sender share the same IP addresses and, often, the same fate. An audit identifies which users are helping and which are hurting, and gives you the data to take action.
You're migrating ESPs or email infrastructure. Moving from one email service provider to another, or changing your IP addresses, sending domains, or authentication configuration, is one of the highest-risk events for deliverability. An audit before the migration establishes your baseline, and an audit after validates that nothing was lost in translation.
You haven't looked under the hood in over a year. Deliverability isn't a set-it-and-forget-it problem. Mailbox providers change their filtering algorithms regularly. Gmail's bulk sender requirements introduced in 2024 caught many senders off guard. If you haven't done a thorough review of your sending infrastructure, reputation, and engagement patterns in the past 12 months, there are almost certainly issues accumulating silently.
Your spam complaint rates are near or above 0.3%. This one is urgent. If Google Postmaster Tools is showing you complaint rates consistently above 0.3%, your domain reputation is actively being damaged. An audit will pinpoint the sources of complaints and provide a remediation plan before the situation gets worse.
What Happens After an Audit?
A deliverability audit is diagnostic, not decorative. The deliverable is a report that identifies specific problems, quantifies their impact, and provides a prioritized set of recommendations.
Some fixes are immediate: correcting a misconfigured DMARC record, implementing one-click unsubscribe headers, or removing invalid addresses from your suppression lists. Others are strategic and take time: building an engagement-based sunsetting policy, restructuring IP pools, or creating monitoring systems to catch problems before they escalate.
The most impactful recommendation in virtually every platform audit is the same: identify and address underperforming senders. The data consistently shows that a small number of senders are responsible for the majority of reputation damage, and that correcting or restricting those senders produces outsized improvements for everyone else on the network.
The Bottom Line
Email deliverability isn't about checking a box on SPF and DKIM and moving on. It's an ongoing discipline that requires visibility into engagement data, reputation signals, authentication configuration, and sending behavior — at the individual sender and mailbox provider level.
If your emails are getting delivered but not getting seen, an audit will tell you exactly where the breakdown is happening and what to do about it.
At SH Consulting, we conduct email deliverability audits for platforms and organizations that depend on email reaching the inbox. If you're seeing unexplained drops in engagement, reputation warnings, or you just want to know where you stand — book a call and we'll talk through it.
