We ran a DNS audit across 1,000+ cold email domains at MailDeck. 67% had at least one critical authentication error. These are domains actively sending cold email with broken SPF records, missing DMARC policies, and misconfigured DKIM selectors. Every one of those errors silently kills inbox placement. Based on Q2 2026 MailDeck platform data from 3,000+ domains under management, the gap between a clean infrastructure audit and an ignored one is the difference between 98% inbox placement and 60-70% placement with accelerating domain burn.
I built the infrastructure behind MailDeck's 50M+ emails sent monthly. This cold email infrastructure audit is the exact process we use internally to verify that 833K+ managed inboxes are ready to send. It takes 30 minutes, uses free tools, and covers every layer that affects whether your email reaches the inbox.
What a Cold Email Infrastructure Audit Actually Covers
A cold email deliverability audit is broader than checking whether your emails "look right." Infrastructure is everything between your sending account and the receiving server's inbox placement decision. Your sequencer is a scheduler. The infrastructure underneath determines 60% of your deliverability outcome.
This 30-minute audit covers six layers:
| Audit Layer | What You're Checking | Time Required |
|---|---|---|
| 1. DNS Authentication | SPF, DKIM, DMARC records for every sending domain | 8 minutes |
| 2. Domain Health | Spam rate, reputation status, blacklist checks | 5 minutes |
| 3. Mailbox & Warmup Status | Warmup reply rates, send limits, flagged accounts | 5 minutes |
| 4. IP Model Verification | Shared vs. dedicated IP, ESP pool type | 3 minutes |
| 5. Sending Configuration | Sequencer settings, tracking, intervals | 5 minutes |
| 6. List Hygiene Snapshot | Bounce rates, verification status | 4 minutes |
Each layer has specific pass/fail thresholds. If any layer fails, everything downstream underperforms regardless of how good your copy or list targeting is.
Layer 1: Cold Email DNS Setup Check (8 Minutes)
DNS authentication is the foundation. If SPF, DKIM, or DMARC is misconfigured, receiving servers downgrade or reject your email before evaluating anything else. This is the highest-impact layer of any cold email infrastructure checklist.
In MailDeck's audit of 1,000+ domains, these were the ten most common DNS errors ranked by frequency:
| Rank | Error | Frequency | Impact |
|---|---|---|---|
| 1 | Multiple SPF records on one domain | 23% | SPF fails entirely. RFC 7208 specifies one SPF record per domain. Multiple records cause a PermError. |
| 2 | No DMARC record | 19% | No alignment policy. Google and Microsoft apply stricter filtering. |
| 3 | SPF ending with +all | 14% | Allows any server to send as your domain. Effectively disables SPF protection. |
| 4 | Exceeding 10 DNS lookups in SPF | 12% | SPF evaluation stops after 10 lookups. Additional includes are silently ignored. |
| 5 | DKIM not enabled | 11% | No cryptographic signature. Receiving servers can't verify message integrity. |
| 6 | DMARC stuck on p=none | 9% | Monitoring only. No enforcement action. Receiving servers treat this as weak trust signal. |
| 7 | Wrong DKIM selector | 4% | DKIM signature references a selector that doesn't match the published DNS record. Fails verification. |
| 8 | SPF record too long (over 255 characters) | 3% | Some DNS resolvers truncate records exceeding 255 characters, breaking SPF evaluation. |
| 9 | Missing MX records | 2% | Domain can't receive email. Some providers reject outbound from domains with no MX. |
| 10 | DMARC rua email doesn't exist | 1% | Aggregate reports bounce. You lose visibility into authentication failures. |
67% of domains had at least one of these errors. Based on MailDeck DNS audit data across 1,000+ cold email domains, Q2 2026.
How to Check SPF, DKIM, and DMARC
Tools needed: MXToolbox, your DNS provider's dashboard
SPF check (3 minutes):
Go to MXToolbox SPF Lookup. Enter your sending domain. Verify:
| Check | Pass | Fail |
|---|---|---|
| Only one SPF record exists | Single v=spf1 record | Multiple v=spf1 records (PermError) |
Record ends with -all or ~all | -all (hard fail) or ~all (soft fail) | +all (anyone can spoof your domain) |
| DNS lookups ≤ 10 | 10 or fewer include: mechanisms | 11+ lookups (silent SPF failure) |
| Record length ≤ 255 characters | Under limit | Over 255 chars (potential truncation) |
A correct SPF record for Microsoft 365 looks like this:
```
v=spf1 include:spf.protection.outlook.com -all
```
A correct SPF record for Google Workspace:
```
v=spf1 include:_spf.google.com -all
```
If you use multiple sending services, combine them in one record:
```
v=spf1 include:spf.protection.outlook.com include:_spf.google.com -all
```
DKIM check (2 minutes):
Use MXToolbox DKIM Lookup. Enter your domain and the DKIM selector (usually selector1 for Microsoft 365, google for Google Workspace).
| Check | Pass | Fail |
|---|---|---|
| DKIM record exists at correct selector | Record found | No record / NXDOMAIN |
| Key length is 2048-bit | 2048-bit key | 1024-bit key (weaker, still functional) |
| Key matches your sending service | Correct selector for your ESP | Wrong selector (signature fails verification) |
DMARC check (3 minutes):
Use MXToolbox DMARC Lookup. Enter your domain.
| Check | Pass | Fail |
|---|---|---|
| DMARC record exists | v=DMARC1 record found | No record (19% of audited domains) |
Policy is p=quarantine or p=reject | Enforcement active | p=none (monitoring only, weak signal) |
rua email address exists and receives mail | Aggregate reports delivered | rua mailbox doesn't exist (1% of audited domains) |
A proper DMARC record:
```
v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com; pct=100
```
Google enforces DMARC compliance for bulk senders. Domains without a published DMARC policy face stricter filtering and higher spam placement rates. Reference: Google Email Sender Guidelines.
Layer 2: Domain Health Check (5 Minutes)
DNS records can be perfect and domain health can still be damaged. Domain reputation is a dynamic score that changes based on your sending behavior over time. This layer checks whether your domains are currently healthy.
Google Postmaster Tools Check
Google Postmaster Tools is the only authoritative source for your domain's spam rate at Gmail. Set it up for every sending domain.
| Metric | Healthy | Warning | Critical |
|---|---|---|---|
| Spam rate | Below 0.1% | 0.1% - 0.3% | Above 0.3% |
| Domain reputation | High / Medium | Low | Bad |
| Authentication success | SPF, DKIM, DMARC all pass | Partial pass | Failures |
If spam rate exceeds 0.3%, pause sending from that domain immediately. At MailDeck, we set the threshold at 0.3% as the domain burn indicator. Above this level, inbox placement degrades rapidly and domain recovery timelines extend from days to weeks. Based on monitoring across 3,000+ domains, Q2 2026.
Blacklist Check
Use MXToolbox Blacklist Check to verify your sending domain and IP against 80+ blacklists simultaneously.
| Result | Action |
|---|---|
| Zero blacklist appearances | Clean. Proceed. |
| Listed on minor blacklists (SORBS, UCEPROTECT) | Monitor. Usually auto-delist in 24-48 hours. |
| Listed on Spamhaus or Barracuda | Critical. Pause sending. File delisting request immediately. |
Spam Score Test
Send a test email from each sending domain to mail-tester.com. This checks your email against SpamAssassin rules, blacklists, and authentication in a single pass.
| Score | Status | Action |
|---|---|---|
| 9-10/10 | Excellent | Infrastructure is clean |
| 7-8/10 | Acceptable | Review flagged items |
| Below 7/10 | Problem | Fix flagged issues before sending |
Layer 3: Mailbox and Warmup Status Audit (5 Minutes)
Clean DNS and healthy domains mean nothing if your mailboxes are burned or warmup has degraded. This layer verifies that your actual sending accounts are in working condition.
Warmup Health Check
Log into your warmup tool (Smartlead, Instantly, or Plsuvibe) and check these metrics for every active mailbox:
| Metric | Healthy | Warning | Critical |
|---|---|---|---|
| Warmup reply rate | 30-35% | 20-30% | Below 20% |
| Warmup emails sent/day | Matching provider settings | Reduced by tool | Paused or zero |
| Flaggable status (Smartlead) | Not flaggable | - | Flaggable (rewrite copy immediately) |
MailDeck's warmup reference thresholds by inbox type:
| Inbox Type | Min Warmup Before Cold Send | Recommended Warmup | Warmup Emails/Day |
|---|---|---|---|
| Google Workspace | 15 days | 20-25 days | 20-25 |
| Outlook Premium | 3-5 days | 10-14 days | 8-12 |
| Outlook Normal | 5-7 days | 10-14 days | 8-12 |
| Private SMTP | 3-4 weeks | 4-6 weeks | Gradual ramp |
Based on Q2 2026 MailDeck platform data from 833K+ managed inboxes.
A critical detail: only use Smartlead Premium, Instantly, or Plusvibe.ai warmup pools. Standard warmup pools can over-send and spike suspicion signals. A bad warmup pool is worse than no warmup because it can flag a healthy domain before you send a single cold email.
Mailbox Send Limit Check
Verify that your actual cold send volume per inbox per day matches your inbox type's safe threshold:
| Inbox Type | Safe Cold Sends/Day/Inbox | Max with Warmup |
|---|---|---|
| Google Workspace | 18-22 | 22 |
| Outlook Premium | 8-10 | 12 |
| Outlook Normal | 3-5 | 8 |
| Private SMTP | 11-14 | 15 |
If your sequencer is pushing more cold emails per inbox per day than these thresholds, reduce immediately. Exceeding safe send limits is the fastest way to trigger inbox provider throttling and domain reputation damage.
Layer 4: IP Model Verification (3 Minutes)
Your IP model determines your baseline deliverability ceiling. This check takes 3 minutes and tells you whether your infrastructure has a structural risk you can't fix with better copy or lists.
Identify Your IP Model
| Infrastructure | IP Model | How to Verify |
|---|---|---|
| Microsoft 365 Outlook | Official Microsoft IP pools | Send a test email. Check headers for *.protection.outlook.com in the sending IP's reverse DNS. |
| Google Workspace | Official Google IP pools | Send a test email. Check headers for *.google.com in the sending IP's reverse DNS. |
| Private SMTP | Should be dedicated | Ask your provider. Check email headers for the sending IP, then verify via MXToolbox IP lookup that it's assigned to your account. |
| Reseller / budget provider | Often shared pool | Ask your provider directly: "Is my sending IP shared with other clients?" |
Red Flags in IP Verification
| Finding | Risk Level | Action |
|---|---|---|
| Sending IP is shared with other cold email senders | High | Other senders' behavior affects your deliverability. Consider dedicated infrastructure. |
| SMTP provider won't confirm IP model | High | Assume shared. Request migration to dedicated or switch providers. |
| IP reverse DNS doesn't match your domain or provider | Medium | Misconfigured PTR record. Contact provider to fix. |
| Multiple unrelated domains visible on same IP | High | Shared pool confirmed. One bad sender burns everyone. |
For a deeper comparison of shared vs. dedicated IP models and how they affect cold email deliverability, see our full breakdown: Shared IP vs Dedicated IP for Cold Email: What Actually Affects Deliverability.
Layer 5: Sending Configuration Audit (5 Minutes)
Your sequencer settings can override everything else. Perfect DNS, healthy domains, and clean IPs still fail if the sending tool is configured to trigger spam filters.
Outlook-Specific Configuration Check
Outlook sends require the strictest configuration of any inbox type. Every item below is a pass/fail check:
| Setting | Required | Why |
|---|---|---|
| Open tracking | OFF | Tracking pixels trigger Microsoft's pre-delivery spam scanner |
| Link tracking | OFF | Triggers Safe Links scanner, marks message before delivery |
| Links in body | NONE | Any URL in body copy triggers automated scanning |
| ESP matching (Outlook-to-Outlook) | OFF | Amplifies spam signals and burns inboxes |
| Images in signature | NONE | Images trigger content scanning |
| Body copy length | ≤ 50 words | Longer copy increases pattern detection risk |
| Spintax | Every 2-3 words | Prevents identical-message pattern detection |
| Send interval | ≥ 61 minutes between sends | Shorter intervals trigger rate limiting |
One EdTech marketing agency running campaigns across Outlook and Google Workspace had open tracking enabled on all Outlook sends and links in every email body. They also used a shared SMTP provider for 30% of their volume.
After a full cold email infrastructure audit, they disabled tracking on Outlook, removed all body links from Outlook campaigns, and migrated to a dedicated diversified stack (Google Workspace + Outlook + Private SMTP with dedicated IPs). Inbox placement improved by 16 percentage points. The additional delivered emails generated $12K in incremental MRR.
Google Workspace Configuration Check
Google Workspace is more flexible, but still has configuration that matters:
| Setting | Recommended | Notes |
|---|---|---|
| Open tracking | Safe to use | Google's filtering weights domain reputation more heavily |
| Links in body | Safe to use | Case studies, Loom videos, proof pages work well |
| ESP matching (Google-to-Google) | Acceptable | Slightly beneficial for Google-to-Google delivery |
| Body copy length | Up to 100+ words | Longer copy performs well with right audience |
| Warmup pool | Smartlead Premium, Instantly, or Plusvibe.ai only | Standard pools risk flagging healthy domains |
Universal Send Timing Check
Regardless of inbox type, verify these settings in your sequencer:
| Setting | Threshold | Impact of Violation |
|---|---|---|
| Daily send volume per inbox | Within provider limits (see Layer 3 table) | Exceeding limits triggers throttling |
| Send time randomization | ±15-25% variation | No variation = machine-detectable pattern |
| Campaign duration on same list | ≤ 4-6 weeks | Longer runs on same list spike spam reports |
| Daily volume ramp-up | +2-3 emails/day during warmup | Faster ramp triggers volume spike detection |
Layer 6: List Hygiene Snapshot (4 Minutes)
The final layer checks whether your lead data will damage the infrastructure you just verified. Bad lists destroy good infrastructure faster than any misconfiguration.
Bounce Rate Check
Pull bounce rates from your sequencer for all active campaigns:
| Bounce Rate | Status | Action |
|---|---|---|
| Below 2% | Excellent | Clean lists. Continue sending. |
| 2-5% | Acceptable | Verify new leads before adding to campaigns. |
| 5-7% | Warning | Pause campaign. Re-verify entire list. ISPs start flagging at 5%. |
| Above 7% | Critical | Stop sending immediately. Bounce rate above 7% triggers blacklisting procedures at major ISPs. |
Verification Status Check
| Check | Pass | Fail |
|---|---|---|
| All leads verified before sending | 100% verified via verification tool | Unverified leads in active campaigns |
| List age under 90 days | Fresh data | Stale leads (email addresses decay at 2-3% per month) |
| No re-hit within 90 days | Each contact receives one sequence per 90-day cycle | Same contacts getting multiple sequences |
At MailDeck, campaigns auto-pause if reply rate drops below 1.5%. This protects domain health from list quality degradation. Based on operational thresholds across 833K+ managed inboxes.
The 30-Minute Cold Email Infrastructure Checklist
Here is the complete cold email infrastructure checklist consolidated into a single pass/fail table. Print this or save it. Run it every two weeks.
| # | Check | Tool | Pass Criteria | Time |
|---|---|---|---|---|
| 1 | Single SPF record per domain | MXToolbox SPF | One v=spf1 record, ends with -all or ~all | 1 min |
| 2 | SPF DNS lookups ≤ 10 | MXToolbox SPF | 10 or fewer include: mechanisms | 1 min |
| 3 | DKIM enabled with correct selector | MXToolbox DKIM | 2048-bit key at correct selector | 1 min |
| 4 | DMARC policy active | MXToolbox DMARC | p=quarantine or p=reject | 1 min |
| 5 | DMARC rua mailbox exists | Send test to rua address | Delivery confirmation | 1 min |
| 6 | No duplicate DNS records | DNS dashboard | One record per type per domain | 1 min |
| 7 | MX records present | MXToolbox MX | Valid MX records | 1 min |
| 8 | SPF record under 255 characters | MXToolbox SPF | Under limit | 1 min |
| 9 | Domain spam rate below 0.1% | Google Postmaster Tools | Green status | 2 min |
| 10 | Domain reputation High or Medium | Google Postmaster Tools | High or Medium | 1 min |
| 11 | No blacklist appearances | MXToolbox Blacklist | Zero listings | 1 min |
| 12 | Spam score 9-10/10 | mail-tester.com | 9+ score | 2 min |
| 13 | Warmup reply rate 30-35% | Warmup tool dashboard | Within range | 1 min |
| 14 | Not flagged as "Flaggable" | Smartlead | Clean status | 1 min |
| 15 | Cold sends within safe daily limits | Sequencer settings | Within inbox type thresholds | 1 min |
| 16 | Warmup minimum days completed | Warmup tool | Met minimum for inbox type | 1 min |
| 17 | IP model confirmed (dedicated or ESP pool) | Email headers / provider | Dedicated IP or official ESP pool | 2 min |
| 18 | No shared tracking domains | Sequencer settings | Custom tracking domain or tracking disabled | 1 min |
| 19 | Outlook: tracking OFF, no links, no images | Sequencer settings | All disabled for Outlook campaigns | 1 min |
| 20 | Outlook: send interval ≥ 61 minutes | Sequencer settings | 61+ minute gaps confirmed | 1 min |
| 21 | Spintax active every 2-3 words | Campaign copy | Variation confirmed | 1 min |
| 22 | Bounce rate below 5% | Sequencer analytics | Under 5% per campaign | 1 min |
| 23 | All leads verified | Verification tool | 100% verified | 1 min |
| 24 | No list re-hit within 90 days | Campaign history | 90-day minimum gap | 1 min |
| Total | ~30 min |
If all 24 checks pass, your infrastructure is ready for cold sending. Any single failure in checks 1-12 (DNS and domain health) should be fixed before sending another email. Failures in checks 13-24 (mailbox, configuration, lists) should be fixed within 24 hours.
What to Do When the Audit Finds Problems
Finding errors is the point. Here's the priority order for fixing what the cold email infrastructure audit reveals.
Priority 1: DNS Authentication Fixes (Fix Immediately)
DNS errors affect every email you send from that domain. Fix these before touching anything else.
| Problem | Fix | Timeline |
|---|---|---|
| Multiple SPF records | Merge into single record. Combine all include: mechanisms. | 15 minutes + 24-48 hours propagation |
| Missing DMARC | Add v=DMARC1; p=quarantine; rua=mailto:dmarc@domain.com; pct=100 | 15 minutes + 24-48 hours propagation |
SPF with +all | Change to -all (hard fail) or ~all (soft fail) | 5 minutes + propagation |
| SPF over 10 lookups | Flatten SPF record using SPF flattening tools or remove unnecessary includes | 30 minutes |
| DKIM disabled | Enable through your email provider's admin console | 10-30 minutes depending on provider |
DMARC on p=none | Upgrade to p=quarantine. Monitor for 2 weeks. Then move to p=reject. | 5 minutes |
At MailDeck, DNS propagation is verified end-to-end before the first email leaves any domain. Full onboarding including automated SPF, DKIM, and DMARC configuration takes 48 hours with verification at every step. This process produces 98% inbox placement from day one across all three infrastructure types (Microsoft 365, Google Workspace, Private SMTP). Based on Q2 2026 MailDeck onboarding data.
Priority 2: Domain Health Recovery (Fix Within 24 Hours)
| Problem | Fix | Timeline |
|---|---|---|
| Spam rate above 0.3% | Pause sending. Review copy and list quality. Resume at 50% volume after 7 days. | 7-14 days recovery |
| Blacklisted on Spamhaus | File delisting request at Spamhaus. Identify and fix the cause. | 1-4 weeks |
| Spam score below 7/10 | Address each flagged item from mail-tester report | 1-3 hours |
Priority 3: Configuration and List Fixes (Fix Within 48 Hours)
| Problem | Fix | Timeline |
|---|---|---|
| Open tracking on Outlook | Disable in sequencer for all Outlook campaigns | 5 minutes |
| Links in Outlook body | Remove all URLs from Outlook campaign copy | 15 minutes per campaign |
| Bounce rate above 5% | Pause campaign. Re-verify all leads. Remove invalid addresses. | 2-4 hours |
| Warmup reply rate below 20% | Check warmup pool quality. Switch to Smartlead Premium, Instantly, or Plusvibe.ai. | 1-2 days |
Setting Up Recurring Cold Email Infrastructure Audits
A single audit snapshot is valuable. A recurring audit process protects your infrastructure continuously.
Recommended Audit Schedule
| Audit Type | Frequency | What to Check | Time |
|---|---|---|---|
| Quick health check | Weekly | Google Postmaster spam rate + warmup reply rates + bounce rates | 5 minutes |
| Full infrastructure audit | Every 2 weeks | All 24 checks from the checklist above | 30 minutes |
| DNS deep scan | Monthly | SPF, DKIM, DMARC for every sending domain + DMARC aggregate reports review | 45 minutes |
| Provider and IP review | Quarterly | IP model verification + sending configuration + provider pricing | 1 hour |
At enterprise scale (100K+ emails per month), 10-20% of domains burn monthly under active load. Regular audits catch degradation early before a domain's reputation drops past the recovery threshold. Across MailDeck's 3,000+ managed domains, continuous monitoring catches authentication issues within hours, preventing the cascading damage that a weekly or monthly check cycle would miss. Q2 2026 platform data.
Why Infrastructure Quality Determines Deliverability
Your sequencer is a scheduler. Your copy is a message. Your infrastructure is what carries that message from your mailbox to the recipient's inbox. Every layer of the cold email infrastructure audit directly impacts that journey.
MailDeck provides cold email infrastructure across Microsoft 365 Outlook, Google Workspace, and Private SMTP, managing 833K+ inboxes for 1,631+ clients. Every MailDeck inbox ships with automated SPF, DKIM, and DMARC configuration, DNS propagation verification before first send, and continuous domain health monitoring.
The difference in practice: MailDeck's Microsoft 365 Outlook tenants use individual Azure tenants with official Microsoft IP pools, whitelisted by default across virtually every receiving server. Warmup takes 3-7 days instead of 3-6 weeks on raw dedicated SMTP. Google Workspace inboxes run on official Google IP pools with the highest trust score of any sending infrastructure. Private SMTP uses dedicated IPs per client with zero shared IP risk.
For teams running their own audit and finding infrastructure gaps, the fix is either spending hours configuring DNS records, managing warmup pools, and monitoring domain health manually, or choosing infrastructure that handles all of this from day one. MailDeck's 48-hour onboarding with full DNS verification and 98% inbox placement rate reflects what a clean infrastructure audit looks like at scale.
FAQ
How do I check if my SPF, DKIM, and DMARC are set up correctly?
Use MXToolbox to query each record type for your sending domain. SPF: verify one record exists, ends with -all or ~all, and stays under 10 DNS lookups. DKIM: confirm a 2048-bit key is published at your selector. DMARC: check that a policy exists and is set to p=quarantine or p=reject. In MailDeck's DNS audit of 1,000+ domains, 67% had at least one critical authentication error, with multiple SPF records (23%) and missing DMARC (19%) as the most common failures. Q2 2026 data.
How often should I audit my cold email infrastructure?
Run a full cold email infrastructure audit every 2 weeks if you send more than 50K emails per month. Weekly checks on domain spam rate via Google Postmaster Tools and warmup reply rates are essential between full audits. At MailDeck, we monitor 3,000+ domains continuously and flag issues before they impact deliverability. Domain health can deteriorate within days if a sending pattern triggers spam filters.
What tools can I use to check my email deliverability?
Five free tools cover 90% of a cold email deliverability audit: MXToolbox for DNS record verification, Google Postmaster Tools for domain spam rate monitoring, mail-tester.com for spam score testing, Mailmeteor spam checker for copy analysis, and your sequencer's built-in analytics for bounce and reply rates. These tools combined take under 30 minutes to run across all your sending domains.
Why are my cold emails going to spam?
The most common cause is broken DNS authentication. In MailDeck's audit of 1,000+ cold email domains, 67% had at least one critical error: multiple SPF records (23%), missing DMARC (19%), SPF ending with +all (14%), or exceeding 10 DNS lookups (12%). Beyond DNS, shared IP pools, exhausted warmup, poor list hygiene (bounce rate above 5%), and tracking pixels in Outlook sends all trigger spam placement. Run the full 24-point checklist in this article to identify which layer is failing.
What happens if DMARC is not set up for cold email?
Without DMARC, your emails face stricter filtering and higher spam placement rates. Google enforces DMARC compliance for bulk senders and applies increased scrutiny to domains without a published DMARC policy. In MailDeck's DNS audit data, 19% of cold email domains had no DMARC record at all. Setting DMARC to at least p=quarantine signals to receiving servers that you take authentication seriously and improves inbox placement measurably.
Methodology
Data source: MailDeck platform data from 833K+ managed inboxes across 1,631+ clients, covering Microsoft 365 Outlook, Google Workspace, and Private SMTP infrastructure.
DNS audit sample: 1,000+ cold email domains audited for SPF, DKIM, and DMARC configuration errors. Error frequency percentages reflect the proportion of domains exhibiting each specific error.
Domain monitoring: 3,000+ domains under continuous management with SPF, DKIM, and DMARC verification.
Deliverability measurement: 98% inbox placement rate measured via seed list testing and Google Postmaster Tools integration.
Warmup thresholds: Derived from platform-wide warmup performance data across all three infrastructure types.
Client case study: EdTech marketing agency results (16% inbox placement improvement, $12K incremental MRR) reflect one client's specific migration outcome. Individual results vary based on prior infrastructure, sending behavior, list quality, and target audience.
Limitations: DNS error frequency data reflects the specific sample of 1,000+ domains audited and may not represent all cold email domains globally. Warmup timelines and send limits are guidelines based on aggregate platform data; individual inbox performance varies.
Last updated: April 2026
Ready to Scale Your Email Infrastructure?
Join top outbound teams using MailDeck for enterprise-grade deliverability.
Get Started