Consulting · Deliverability audit

An email deliverability audit that finds why you land in spam, and fixes it.

Roughly one in six legitimate emails never reaches the inbox, and authentication alone no longer explains why. We audit the full stack, find the root cause, and, because we run sending infrastructure ourselves, fix the technical side rather than hand you a report and walk away.

Book a deliverability audit What we check →

◆ Authentication · reputation ◆ List quality · content ◆ Live inbox placement

An email deliverability audit is a diagnostic of why a sender's messages reach the inbox or land in spam, run across the whole chain that decides placement: authentication, domain and IP reputation, sending infrastructure, content and links, list quality, and a live inbox-placement test. Argus Root runs this audit for European senders and, where the cause is technical, carries out the fix rather than handing over a report. It is for any organisation whose open rates have dropped, or whose mail is missing the inbox, without an obvious reason.

In short

Global inbox placement averages about 83.5% in 2026, and roughly 91% for European inboxes, so "delivered" is not the same as "in the inbox".
Fully authenticated mail still lands in spam more than 30% of the time: engagement now outweighs a passing SPF, DKIM and DMARC check.
Around 80% of deliverability failures trace back to list quality, not authentication.
Healthy placement is above 90% to the primary inbox; below 80% signals a serious problem.
Gmail and Microsoft now weigh domain reputation above IP reputation, so switching IPs does not reset a damaged history.

How often does email miss the inbox?

Delivery and inbox placement are not the same thing, and the gap between them is where revenue quietly disappears.

The global average inbox-placement rate in 2026 sits around 83.5%, which means close to a sixth of permission-based mail lands in spam or vanishes rather than reaching the primary inbox. European inboxes do better, near 91%, and the figure varies by industry from the mid-eighties to the low nineties, but the principle holds everywhere: a message that the mail server accepted is not a message a person saw. A campaign can report healthy delivery and still be missing most of its audience, because delivered counts mail that reached the spam folder, and inbox placement counts only what reached the inbox.

For a sender of any scale the gap is measured in pipeline rather than in bounce reports. The difference between 86% and 92% placement on a list of a million, sending weekly, is millions of additional messages seen across a year. Open rates above 90% placement are considered healthy, above 95% excellent, and anything below 80% points to a problem that needs immediate attention. When open rates collapse without anything else changing, the cause is almost always a deliverability problem that has been building quietly, and an audit is how you find it before the next campaign goes out half-blind.

The audit, in the order that matters.

Deliverability depends on dozens of factors across several categories, and the sequence is part of the method. Fixing content will not help a domain that is already blacklisted, so we work the layers in the order that a mailbox provider effectively does.

The six layers of the audit, worked in order. A failure found early, two SPF records or a blacklisted domain, is fixed before content or list work, because the earlier layer overrides the later one.

what we check, and the healthy mark

The layers of a deliverability audit, what each checks, and the healthy threshold.
Layer	What we check	Healthy mark
Authentication	SPF, DKIM and DMARC alignment	Aligned, one SPF record, p=quarantine or better
Reputation	Domain and IP standing	Postmaster High or Medium
Infrastructure	Reverse DNS, dedicated vs shared, warmup	rDNS set, warmed, no bad neighbours
Content & links	Spam triggers, redirects, shorteners	No public shorteners, clean destinations
List quality	Bounces, role and disposable addresses, traps	Bounce under 3%, complaints under 0.1%
Inbox placement	Live seed test across providers	Above 90% to the primary inbox

Each layer has a common failure that an audit catches. Two SPF records on one domain, a frequent result of switching providers and leaving the old one in place, make authentication fail completely. A domain whose reputation has been damaged cannot be rescued by moving to fresh IPs, because Gmail and Microsoft now weigh domain reputation above IP reputation, so the history follows the name. Links through public shorteners drag a technically clean message into spam on their own. The value of working in order is that the first real failure found is usually the one worth fixing first.

Authentication is the floor, not the ceiling.

For years the advice was simple: set up SPF, DKIM and DMARC, and your mail reaches the inbox. In 2026 that advice is misleading. Analysis across large mail corpora in 2025 found that fully authenticated mail still landed in spam more than 30% of the time, because mailbox providers now weigh how real people engage with your messages, the opens, clicks, replies and complaints, far more heavily than a passing authentication check. Authentication is the condition for being considered at all; it is not what wins the inbox.

This is where most audits stop short. They confirm the records are present and call the job done, when industry data consistently traces around 80% of deliverability failures back to list quality: invalid addresses, disposable signups, role accounts and dormant contacts that pile up over time and quietly poison engagement. A deliverability audit that matters goes past the authentication layer into the list and the sending behaviour, because that is where the failures that survive a clean DNS check genuinely live. We treat authentication as the first checkbox rather than the conclusion.

checking authentication the way a mailbox provider does

# SPF — must resolve to exactly ONE record, ending in -all or ~all
$ dig +short TXT example.com | grep spf1
"v=spf1 include:_spf.example.com -all"

# DMARC — policy at the _dmarc subdomain; p=reject is enforcement
$ dig +short TXT _dmarc.example.com
"v=DMARC1; p=reject; rua=mailto:[email protected]; adkim=s; aspf=s"

# DKIM — public key at the selector named in the signature
$ dig +short TXT s1._domainkey.example.com
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQ..."

# Live test send — read the Authentication-Results the receiver writes
$ swaks --to [email protected] --from [email protected] \
        --server mail.example.com --tls
Authentication-Results: mx.google.com;
   spf=pass dkim=pass dmarc=pass (p=REJECT)

Those four checks are the authentication layer as a mailbox provider sees it, not as a dashboard claims it. The single most common failure they surface is two SPF records on one domain, left behind after a provider switch, which makes SPF fail outright; the second is DMARC stuck at p=none, which monitors but enforces nothing. We run these against your live domain at the start of every audit, because a record that looks right in a control panel can still resolve wrong in the wild.

A deliverability problem builds quietly.

Most senders do not lose the inbox in a single event. It erodes. A list accumulates dead addresses and old signups that no longer open, so the engagement signals the mailbox providers watch drift downward month by month. A provider switch leaves an orphaned SPF record behind, and now two exist where only one is allowed, which makes authentication fail silently for a slice of mail. A run of heavier sending nudges the complaint rate from comfortable toward the 0.1% mark where reputation starts to suffer, well before it reaches the 0.3% that triggers hard filtering at Gmail. None of these announces itself; they show up as open rates that slide a little each month until someone notices the campaign is not working.

By the time the symptom is obvious, the cause is usually several steps back. That is why an audit reads the chain in order rather than reacting to the last thing that changed: the visible drop in opens is often the end of a sequence that began with a list or an authentication problem weeks earlier. Finding the first failure, rather than the most recent symptom, is what turns an audit into a fix instead of a guess.

When is a deliverability audit worth running?

The clearest trigger is open rates that have fallen without an obvious reason, since a sudden slide usually means mail that once reached the inbox is now being filtered to spam. A spike in bounces past roughly 3%, a complaint rate creeping toward 0.1%, or a Postmaster reputation that has slipped from high to medium are all signals worth acting on before the next send. So is any change to the sending setup: switching email platform, moving to new IPs, adding a subdomain, or changing the From address, because each can break authentication or reset reputation in ways that are invisible until mail starts missing.

There are also moments when an audit is cheap insurance rather than a rescue. Before a major campaign, a launch or a seasonal push, a placement test confirms the mail will land where it is meant to rather than discovering a problem through the campaign itself. Bringing a new domain or a new sending program online is another, since starting clean is far easier than recovering a reputation that a careless launch has already damaged. The audit is most valuable as a regular health check, run quarterly and before anything important, rather than as the thing you reach for once a quarter of revenue has already gone to spam.

What does the audit deliver?

Findings you can act on and a baseline you can measure against, not a glossary of best practices.

Authentication findings

A read of SPF, DKIM and DMARC as the mailbox providers see them, with the exact misalignments and the duplicate or broken records that quietly fail your mail named and explained.

Reputation & blacklist status

Your domain and IP standing across Gmail, Microsoft and the major blocklists, with the history that is shaping placement and what it will take to recover it.

Infrastructure review

Reverse DNS, dedicated against shared sending, and warmup state assessed, so a setup that undermines good sending is found rather than assumed sound.

Content, links & list

The message and the list examined for the triggers that survive authentication: risky links, spam-scored content, and the invalid and dormant addresses that drag engagement down.

Live inbox-placement test

A seed test across providers that shows where your mail lands in reality, giving a placement baseline to measure every later fix against. See email infrastructure →

Prioritised remediation

A plan ordered by impact, with the root cause separated from the symptoms, so the work starts where it changes placement rather than where it is easiest.

What does fixing deliverability look like?

Recovery from poor placement is a process rather than a switch. Once the audit has named the cause, the technical faults are fixed first, and some of them resolve at once: a duplicate SPF record removed, DMARC alignment corrected, reverse DNS set. Those stop the silent failures immediately. Reputation is the slow part. A domain that has earned distrust regains it only through a stretch of clean, warmed, engagement-led sending, often several weeks, because Gmail and Microsoft judge the pattern over time rather than a single good day.

List repair runs alongside the technical work. Removing invalid, role-based and dormant addresses lifts the engagement rate that now decides placement, and a re-permission campaign separates the contacts worth keeping from the ones quietly dragging the domain down. Sending volume is rebuilt gradually rather than restored all at once, so a recovered reputation is not undone by the first large send into a list that has not been cleaned.

Throughout, the placement seed test from the audit gives a baseline to measure against, so progress is visible rather than hoped for. Every change is checked against that starting point, which is what turns the work from an argument about the subject line into a sequence of fixes with results you can see. The honest version of recovery is weeks of disciplined sending with the numbers moving in the right direction, not a single intervention that restores the inbox overnight.

An audit that ends at a report is half the job.

Most deliverability audits are produced by a checklist tool or a consultant who hands over a PDF and leaves the fixing to you. Ours comes from people who run sending infrastructure every day, which changes both the diagnosis and what happens next. The diagnosis is sharper because we have seen these failures in production rather than read about them, and the remediation is real because the technical fixes, the authentication, the reverse DNS, the infrastructure and the warmup, are work we can carry out on our own email infrastructure or alongside your existing setup.

We are clear about the division, because deliverability is partly yours to own. The technical layer is ours to fix; the parts that depend on you, the consent behind your list, the relevance of your content and the cadence of your sending, are yours, and no audit can outsource them. Inbox placement is improved by removing failure points one at a time rather than guaranteed by a single change, and a damaged domain reputation recovers over weeks of clean sending rather than overnight. What we promise is an honest diagnosis and the technical work to act on it, not a number we cannot control. Where the answer is to rebuild the sending setup properly, that leads into our infrastructure work; where it is to resell sending under your own brand, it leads to our white-label email service.

We check & fix SPF / DKIM / DMARC Domain & IP reputation Reverse DNS Warmup List hygiene Seed placement tests

Your list is personal data, and it stays in the EU.

An audit means handing over a sample of your sending and, often, your contact list, which is personal data under the GDPR. We run the analysis on infrastructure inside the European Union and treat the list as the regulated asset it is, rather than uploading it to a third-party scanner whose data handling you cannot see. For a European business that distinction matters as much in an audit as it does in the sending itself, and it follows the same data line as the rest of our compliance work. List hygiene done as part of the audit is also a quiet compliance gain, since sending to addresses that never consented is both a deliverability problem and a legal one.

We diagnose from systems we run.

Deliverability is the work we know best. We operate mail-transfer infrastructure, manage dedicated IP reputation and warm sending domains as a matter of routine, so an audit from us reflects what keeps mail landing in practice rather than a generic template. We have recovered domains from a bad reputation, fixed authentication that broke during a provider switch, and watched the engagement signals that decide placement move in real time. That experience is the difference between an audit that names the obvious and one that finds the cause a checklist would miss. We have also seen the false alarms: a third-party score flashing red while the providers' own signals say the mail is fine, which a tool would escalate and an operator recognises for what it is. The output is a clear picture of where your sending stands and a route to the inbox, written by people who would be comfortable fixing it themselves.

Questions buyers ask.

What is an email deliverability audit?

A diagnostic of why your email reaches the inbox or misses it. It works through authentication, reputation, infrastructure, content, list quality and a live inbox-placement test, then reports the findings with a prioritised plan to fix them. The goal is to find the root cause of poor placement rather than guess at the subject line.

Why are my emails going to spam?

Usually one of a few causes: authentication that has broken, often a duplicate SPF record left after a provider switch; a damaged domain reputation; a list full of invalid or dormant addresses dragging engagement down; or content and links that score as spam. An audit identifies which of these is your problem rather than leaving you to change things at random.

Doesn't passing SPF, DKIM and DMARC guarantee the inbox?

No, and believing it does is a common mistake in 2026. Authentication is the condition for being considered, but fully authenticated mail still lands in spam more than 30% of the time, because providers weigh engagement, opens, clicks, replies and complaints, far more heavily. Authentication is the floor; the list and the sending behaviour decide the rest.

What is a good inbox-placement rate?

Above 90% to the primary inbox is healthy and above 95% is excellent, while anything below 80% signals a serious problem. The global average sits around 83.5%, with European inboxes nearer 91%. Note that this measures mail reaching the inbox, which is different from delivery, which also counts mail that landed in spam.

Do you fix the problems or just report them?

Both, which is the point of an operator running the audit. The technical fixes, authentication, reverse DNS, infrastructure and warmup, are work we carry out. The parts that depend on you, consent, content and sending cadence, stay yours, and we set out clearly what each side needs to do.

Can a damaged sending reputation be recovered?

Yes, but over weeks rather than overnight, and not by switching IPs. Gmail and Microsoft now weigh domain reputation above IP reputation, so a bad history follows the domain name. Recovery is a deliberate process of clean, warmed, engagement-led sending, which the audit lays out as a plan rather than a quick fix.

How long does an audit take?

The technical and placement analysis is usually a matter of days, since much of it is checking records, reputation and a live seed test. The remediation timeline depends on what is found: a duplicate SPF record is fixed in an hour, while rebuilding a damaged reputation or cleaning a neglected list runs over weeks. The audit tells you which you are facing.

Is my contact list kept private?

Yes. The list is personal data, and we analyse it on infrastructure inside the EU rather than uploading it to a third-party scanner whose handling you cannot see. List hygiene done in the audit is also a compliance gain, because sending to addresses that never opted in is a legal risk as much as a deliverability one.

How often should I run one?

Quick checks on authentication, blacklists and Postmaster reputation are worth running weekly, and a full audit makes sense quarterly, before a major campaign, or after any infrastructure change such as switching provider. Deliverability degrades quietly, so the audit is most useful as a regular health check rather than a one-off rescue.

Should I set up BIMI as part of this?

Only once the core stack is healthy. BIMI puts your logo beside your mail in supported inboxes and builds recognition, but it requires DMARC enforced at p=reject and a verified logo, so it rewards a sender who has already fixed authentication and reputation. A sender still fighting basic failures should fix those first; the audit tells you whether you are ready for it or not.

Does this cover cold email as well as marketing?

The technical layers are the same: authentication, reputation, infrastructure and placement apply to any sending. The difference is in list and consent, where cold outreach carries more risk and stricter limits, and where we are candid about what is and is not defensible. We audit the deliverability either way and flag where the sending model itself, rather than the configuration, is the problem.

What signals and tools do you rely on?

The providers' own signals first: Google Postmaster Tools for domain reputation and spam rate, the major blocklists, and DMARC aggregate reports for authentication as the world sees it. A live seed test across mailbox providers shows real placement, and the message itself is examined for the content and link issues that score against it. We weigh the signals the providers act on rather than treat a single third-party score as the verdict.

Is the audit a one-off or an ongoing engagement?

Either. A one-off audit is the right start when placement has dropped and you need the cause and a plan. Where the fix is reputation recovery or a sending program that needs ongoing care, the audit becomes the first step of a longer engagement, with regular checks that catch the next problem while it is still small. You are not locked into the larger arrangement to get the diagnosis.

Deliverability audit

Tell us where your mail is landing. We'll tell you why.

Share your sending domain and a sample campaign, and we run the authentication, reputation and placement checks, find the root cause of what is going to spam, and lay out a prioritised plan with the technical fixes we can carry out, before you commit to anything.

Book a deliverability audit Back to Consulting →

Root cause, not symptoms Diagnosed by an operator who fixes Your list stays in the EU