Access model
Read-only first. No silent account changes.
OutboundScope audits outbound systems from exports, read-only API access, DNS lookups, and customer-approved context. The normal setup audit does not require write access to SmartLead, Instantly, Google Workspace, DNS, CRM, or payment systems.
Preferred inputs
- SmartLead or Instantly campaign, mailbox, warmup, and analytics exports.
- Sender domains and DNS records that should be checked.
- Optional CRM, lead-source, or revenue context when the team wants quality and conversion risk included.
- Current alerting, webhook, or owner-routing setup if one exists.
Credential rules
- Use read-only API keys or exports when the tool supports them.
- Do not share password-manager vaults, admin passwords, or broad workspace owner access.
- Send sensitive files through a customer-approved channel, not public links.
- Revoke temporary keys after the report is delivered unless weekly monitoring is approved.
Change control
- OutboundScope reports findings and recommended fixes by default.
- Any DNS, mailbox, campaign, webhook, or billing change needs explicit customer approval first.
- High-risk findings are separated from low-priority hygiene so operators know what to fix now.
- The weekly monitoring plan watches for drift; it does not send campaigns or change live settings.
Start here
Use the audit intake checklist to gather the first pass of read-only inputs, or email hello@outboundscope.com with the outbound tool and approximate inbox count.