Why this matters before Q4 specifically
Q4 is the cruelest stress test of a Klaviyo account. The problems that hide quietly in Q1 to Q3 become expensive in Q4. Send volume doubles or triples, which means deliverability issues compound faster. Gmail and Yahoo tightened their bulk-sender enforcement in 2024, and the bar keeps moving up each year. Customers receive more brand emails in November and December than the entire summer combined, so the cost of an irrelevant send is unsubscribe or worse, a spam complaint that damages your sender reputation for months.
Most Klaviyo accounts at mid-market Shopify brands have at least five items on this list misconfigured. Not because the team is bad, but because Klaviyo accumulates configuration decisions over years and nobody owns a quarterly audit. A clean run-through every Q3 is the cheapest insurance you can buy before the November push.
The 33-item checklist
Account & Authentication (items 1 to 5)
1. Authenticated sending domain (DKIM, SPF, DMARC). In Klaviyo: Account → Settings → Domains and senders. All three records should show as authenticated. DKIM and SPF are required; DMARC is becoming required by Gmail and Yahoo for any sender doing more than 5,000 sends/day, which most DTC brands cross in Q4. If any of the three is missing, fix this before any other item on this list. Nothing else matters if your emails are landing in spam.
2. Sender email uses your branded domain. Open the campaigns you sent last week. Verify the From address is something like hello@yourbrand.com, not a free mailbox or a Klaviyo subdomain. Gmail penalizes free-mailbox senders for bulk email, and customers trust your domain more than they trust an unfamiliar sender. If you are still on a Klaviyo subdomain, migrate before Q4 begins.
3. Branded click-tracking domain. When a recipient hovers a link in your email, the URL should show your domain (often a subdomain like links.yourbrand.com), not Klaviyo's default tracking domain. This is a small trust signal but it adds up. Configure in Klaviyo: Account → Settings → Custom domain.
4. Profile property naming is consistent. Klaviyo profile properties are case-sensitive and easily fragmented over time. Audit your profile schema for variants like last_purchase_date vs LastPurchaseDate vs lastPurchaseDate all storing the same data. Standardize on one naming convention (snake_case is most common in Klaviyo). Inconsistent properties break segments silently.
5. Tagging conventions are documented somewhere. Tags drift over time as different team members add ad-hoc tags. If you cannot point to a single document explaining what each tag means, the next person who touches the account will create duplicates. Spend 30 minutes writing the tag glossary this quarter. Future-you will thank you.
List Health & Segmentation (items 6 to 10)
6. Active vs unengaged segment windows match real behavior. Default Klaviyo engagement segments use 30 / 60 / 90 day windows. Those are arbitrary. The right window depends on your purchase cycle. A supplements brand with a 30-day repurchase rhythm should treat 60 days as the engagement floor. A furniture brand with a 6-month rhythm should treat 180. Match your engagement windows to the customer behavior you actually see, not to Klaviyo's defaults.
7. Engagement segments use opens AND clicks. Since Apple Mail Privacy Protection launched, raw open rates have inflated and are no longer reliable as an engagement signal on their own. Any segment that defines “engaged” using only opens is now full of false positives. Layer in clicks (more honest) or site-tracking events from your Shopify integration. Refresh the definitions every six months.
8. RFM segmentation exists or is being approximated. Recency, Frequency, Monetary value segmentation is the baseline for any retention program. If you cannot point to a segment of “high-frequency customers in the last 90 days” in Klaviyo, you have a gap. Build the three core RFM segments (recent buyers, repeat buyers, high-spenders) and campaigns will start writing themselves.
9. VIP segment defined and refreshed weekly. The top 10% of customers by lifetime gross profit deserve different treatment than everyone else. They should be suppressed from blanket discounts, prioritized for early access, and routed to a different content track. Klaviyo supports dynamic segments that recalculate automatically, which is what you want. Avoid manually-maintained VIP lists that go stale within a quarter.
10. Suppression cleanup is automated. Hard bounces and spam complainers should auto-add to your suppression list. Check Account → Suppressions and confirm the auto-suppression toggles are on. Manually suppressing recipients one at a time is fine but slow; the automation is what protects sender reputation when volume spikes in Q4.
Flows (items 11 to 20)
The flows section is the most time-consuming part of the audit. For each flow listed below, do not just confirm the flow exists. Open it. Read the messages. Check whether the delays still make sense. Half of the “dead” flows in mid-market Klaviyo accounts last shipped content in 2022 and still send the original creative weekly.
11. Welcome flow with at least three messages. A one-message welcome leaves the brand introduction incomplete. Three messages over five to seven days lets you tell the brand story, deliver the welcome offer, and surface a social proof or founder note. Time it across days 0, 2, and 5-7. Anything tighter feels desperate.
12. Abandoned cart flow with two or three messages. Single-message abandoned cart flows under-perform consistently. A 2-message sequence at 1 hour and 24 hours captures most of the recoverable revenue. A 3-message version adds a final nudge at 72 hours with a softer offer. More than three messages is diminishing returns and starts to read as pestering.
13. Browse abandonment flow exists. Triggers when a customer views a product page but doesn't add to cart. A single soft-nudge message 4 to 24 hours later captures the interested-but-not-yet-committed segment. This is the easiest flow most brands haven't built. If you're running Shopify, the integration handles the trigger event automatically.
14. Post-purchase flow with education content. The first week after a customer's first order is the single most decisive window in the entire customer relationship. Use it for product education, how-to content, and a soft nudge toward complementary products. The post-purchase discount nudge alone is fine but undersells the moment. Combine education with a soft cross-sell at day 7.
15. Customer win-back flow with multiple timing variants. A single “we miss you” message at day 90 is a blunt instrument. Different cohorts lapse at different speeds. Build variants triggered at 60, 90, and 180 days based on the customer's historical purchase frequency. A customer who normally buys every 30 days is already lapsed at day 60; waiting until day 90 is too late.
16. Replenishment flow timed to actual product consumption. If you sell consumables (supplements, beauty, food, coffee, pet food), every customer should receive a reorder reminder at roughly 70% of their expected depletion window. A 30-day supply reminder at day 21. A 90-day supply reminder at day 63. Generic 30-day-since-purchase replenishment flows under-perform consistently.
17. Subscription renewal reminder, if applicable. For brands running ReCharge or Klaviyo's native subscriptions, customers should receive a reminder 3 to 5 days before each renewal with the option to adjust quantity or skip. This converts cancellations into pauses, which save the customer relationship. Without the reminder, surprise renewals drive a meaningful chunk of involuntary cancellations.
18. Customer review request flow. Trigger 7 to 14 days after delivery (not after purchase), so the customer has actually used the product. If your Shopify integration includes Yotpo or Loox, the flow likely fires from there already. If not, build one in Klaviyo using the shipping carrier confirmation event.
19. SMS opt-in flow if you run SMS. For brands on Postscript or Klaviyo SMS, an opt-in nudge should fire after the second order (not the first). Customers who've repeat-purchased are far more likely to opt in to SMS than first-time buyers. A single soft ask in the post-purchase flow for order #2 is the standard pattern.
20. Birthday or anniversary flow if you collect the date. If you capture customer birthdays at signup or via a profile quiz, a small birthday gift or message produces outsized engagement. Optional, but worth building once and forgetting about. Do not chase the birthday signal aggressively at checkout if you do not already have it; the conversion cost rarely pays back.
Campaign Hygiene (items 21 to 25)
21. Per-subscriber send frequency cap. Klaviyo supports a frequency-cap setting (Account → Settings → Sending Settings) that prevents the same subscriber from receiving more than N messages in a defined window. For Q4 specifically, 4 to 5 per week per subscriber is the upper limit before unsubscribe rates spike. Cap it even though you might want to send more.
22. Smart Sending is enabled. Smart Sending is Klaviyo's feature that suppresses a subscriber from receiving a campaign if they received a campaign or flow message within the previous 16 hours. Default is on but easy to disable by accident on individual campaigns. Verify the global default in your sending settings, and confirm the toggle is on for every Q4 campaign you queue up.
23. Subject line A/B testing on at least 10% of sends. Klaviyo supports built-in A/B testing on subject lines and preview text. If you are not running tests on at least one out of every ten campaigns, you have no data on what actually performs for your audience. The bar is not publishable academic rigor; it is “we have a directional read on what subject line shapes work for our customers.”
24. Send time optimization, segment by segment. The right send time for an early-engaged-buyer cohort is not the right send time for a lapsed customer. Klaviyo's Smart Send Time feature handles this for you if enabled, but most accounts have it disabled by default. Toggle it on, or build send-time variants by segment manually.
25. Pre-flight checklist for every campaign. The lowest-tech, highest-value campaign hygiene item. Before any send, an operator visually confirms: subject line reads well, preview text is set, all links click through and resolve, mobile preview looks correct, and the segment is correct. Five-minute check that prevents the catastrophic “we sent to the wrong list” mistake. Write it down. Use it every time.
Performance Reporting (items 26 to 30)
26. Revenue per recipient is the headline metric. Track RPR on every campaign and flow. Open rate and CTR are noise indicators; RPR is the only metric that connects to the P&L. Klaviyo reports it natively. If your team is still using open rate as the success criterion, that is a culture fix as much as a configuration fix.
27. Open rate trend over the last 90 days. A steady or rising open rate is healthy. A drop of more than 15% over a 90-day window is an early deliverability warning. Check the trend at the segment level, not just the aggregate. Aggregate masks deliverability issues affecting specific subscriber types.
28. CTR by segment. Different segments engage at different rates. Comparing your new-buyer CTR against your lapsed-customer CTR tells you which content shapes work where. If you only look at aggregate CTR, you cannot tune content to specific audiences.
29. Unsubscribe rate per send (warning above 0.5%). A single send with an unsubscribe rate above 0.5% is a warning shot. Three sends in a row above 0.5% is a structural problem with frequency, content, or list quality. Track this campaign-by-campaign during Q4 because the temptation to over-send is highest then.
30. Spam complaint rate per send (warning above 0.1%). Spam complaints are the deliverability killer. Above 0.1% on a single send is a domain-reputation hit; above 0.3% and you're in territory where Gmail and Yahoo will start throttling your sends across the board. Klaviyo surfaces this metric per campaign. Treat it as a hard limit, not a soft one.
Pre-Q4 Specifics (items 31 to 33)
31. Pre-warm your sending volume 4 to 6 weeks before Q4. If your normal weekly send volume is 50,000 emails and you're planning to double it for Black Friday, ramping up gradually over four to six weeks prevents Gmail and Yahoo from flagging the sudden spike as suspicious bulk behavior. Start increasing daily volume by 10 to 15% each week starting late September. Send to your most-engaged segments first as the volume ramps up.
32. Black Friday / Cyber Monday flow planned and built before November. Building the BFCM campaign in November is too late. Have the email designs, subject lines, segment selections, and send timing finalized by mid-October. Schedule the campaigns in Klaviyo with manual approval required, then approve on the day. This separates “build” from “send” and reduces the Q4 fire drill substantially.
33. SMS quiet hours configured. If you run SMS (Postscript or Klaviyo SMS), set quiet hours so messages don't fire at 3am local time. SMS opt-out rates in Q4 are heavily driven by ill-timed sends. Configure quiet hours from 9pm to 8am local to the subscriber, and confirm the timezone source is the subscriber profile, not your account default.
How to actually run this audit
Block a half-day on your calendar. Pull the checklist into a tracking doc with columns for each item: Status (Pass / Fail / Needs work), Owner, and Fix-by date. Work through items 1 to 5 first because authentication and account hygiene gate everything else. Then move through the flows section item by item; that's where most of the time goes. Performance reporting and pre-Q4 prep are mostly final checks once the foundations are clean.
For any item flagged “Needs work,” estimate the fix time honestly. A new flow takes a full day of content + design + QA. A new segment takes 30 minutes. Items 1, 11, 15, and 26 are the highest-impact fixes for most brands. If you only have time for four, do those.
A clean audit gives you the foundation but not the retention strategy on top. What Klaviyo cannot do natively is score every customer for churn risk and expected lifetime value, route ranked audiences across email and SMS with cross-channel suppression, and attribute recovered revenue back to the specific orchestration that produced it. That layer sits above your ESP and decides who to engage. For the breakdown of how that layer fits with Klaviyo specifically, see our Shopify + Klaviyo retention intelligence page.
Frequently asked questions
How long does this Klaviyo audit actually take to run?
Plan on 4 to 8 hours of focused work for a mid-market Shopify brand with one Klaviyo account. The flows section (items 11-20) takes the longest because you have to actually open each flow and read it, not just check that it exists. The performance reporting items (26-30) are mostly dashboard glances. The pre-Q4 specifics (31-33) take five minutes each. Block one focused half-day rather than spreading it over a week. Spreading it leaks momentum and you miss connections between items.
What's the single highest-impact item on this list?
Authentication (item 1). If DKIM, SPF, and DMARC are not set up correctly, your Q4 sends land in spam or get blocked entirely by Gmail and Yahoo. Everything else on this list is incremental gain. Authentication is the floor your entire Q4 program sits on. Check it first, before reading any further.
I am running Klaviyo SMS or Postscript on the side. Do I need a separate audit for that?
Items 19 and 33 cover SMS specifically. Beyond those, the same hygiene principles apply: authenticated sending domain (for SMS this is your registered short code or 10DLC), segmentation, suppression, frequency capping. The biggest SMS-specific risk in Q4 is sending during quiet hours (3am texts) or above the carrier rate limits. Both are configured in your SMS provider, not Klaviyo. Audit them separately but in the same week.