deliverability-checklisted

# Deliverability Check Audit a sending domain's email authentication and deliverability posture. Explains every finding in plain English and outputs a prioritized fix order — critical for anyone whose open rate dropped and doesn't know why. ## Usage `/deliverability-check brand.com` — audit the domain `/deliverability-check brand.com news.brand.com` — include a sending subdomain ## Steps ### 1. Parse the input Extract the root domain and any subdomains the user wants checked. If only a root domain is given, also check common sending subdomains: `mail.`, `news.`, `marketing.`, `email.`, `em.`, `send.`. ### 2. MX records ```bash dig +short MX <domain> ``` - Record them. If missing → domain can't receive mail (may still send, but a misconfig signal). - Identify the provider from the MX (Google Workspace, Microsoft 365, Proofpoint, Mimecast, custom). ### 3. SPF (Sender Policy Framework) ```bash dig +short TXT <domain> | grep -i spf ``` Check: - **Presence** — missing SPF is a major problem - **Multiple SPF records** — only one is allowed; multiple causes permfail - **Qualifier** — `~all` (softfail, common), `-all` (hardfail, strongest), `?all` (neutral, weak), `+all` (broken, allows anyone) - **Include count** — SPF has a 10-DNS-lookup limit. Count `include:` and `redirect=` directives. Flag if ≥8 (risk of permerror) - **Lists Cogny-relevant senders?** — if user runs Klaviyo/Mailchimp/Rule/GetaNewsletter, check the SPF includes the right sender (e.g., `include:_spf.klaviyo