Email domain authentication policy
Stay compliant by authenticating your domainEmail providers are intensifying security efforts, requiring senders to comply with domain authentication by February 2024. Here’s what you need to ensure your emails land in the inbox.
Emails from public domains like Gmail are now flagged. Register a unique domain to ensure successful domain authentication.
Simply add 2 records to your domain dashboard to authenticate. Email providers are more likely to trust and deliver your messages.
If you send around 5k+ emails at once, you must set up a DMARC policy to protect your domain from unauthorized use.
Why domain authentication is a must
Domain authentication marks your emails as trusted and verified. Email providers will be less likely to flag your emails as suspicious.
Need more help? Hire a certified expert
For additional guidance, consider hiring a certified MailerLite expert. These independent consultants can help set up custom domains, authenticate your email, or explain DMARC policies.
Jo Hodge | The Digital Marketing Fairy
✴️ I help small businesses get RESULTS from their email marketing with ethical, understandable and actionable services ✴️
Laura Burnett | IT Moon Ltd
Email Marketing doesn't have to be hard. From getting started all the way to having automations and landing pages. I have you cov...
Abdul Kayum
Professional Email Marketer | Certified MailerLite Expert
Get the latest email news delivered
Stay informed with our weekly newsletter. Get the latest updates on email security and practical marketing tips directly to your inbox.
Troubleshooting and FAQs
What will happen if I keep using a free domain after February 1st?
The use of public domains (such as Gmail) as a sender address is not recommended. According to Google, it may negatively impact your ability to reach your subscribers' inboxes.
The best solution is to use a reputable domain provider, such as Namecheap, GoDaddy or Squarespace Domains, to purchase a custom domain for sending emails.
I tried to authenticate my domain but my DKIM record was not approved
If the DKIM record fails:
Check the Host field value: Depending on your DNS zone, the Host field may only accept either litesrv._domainkey (without your domain) or litesrv._domainkey.yourdomain.com, so try both.
Check the record type: The DKIM record should be CNAME type.
Common delay: Sometimes it can take up to 48 hours to completely update. Most of the time, however, it is approved and updated in minutes
I tried to authenticate my domain but my SPF record was not approved
There are 3 reasons why an SPF record may not be approved:
1. SPF records don’t match
Check if the Value field on your DNS page is exactly the same as the one on your MailerLite Domains page. They have to be identical as they are case-sensitive. The record won’t be approved otherwise.
2. SPF Name/Host record field must be left empty
Some hosting providers have settings that don’t allow the domain as the Name or Host field for any record. Try using ‘@’ as the Name or Host field for the TXT record or leave it empty.
If you see that other records in your DNS zone use a common Name or Host field value, try using that one here too.
3. More than one SPF record was found
It’s only possible to have one SPF record on your DNS zone. If you have more than one, they need to be merged.
Fortunately, MailerLite does this automatically. After clicking on the green Check DNS records button and receiving the error message that more than 1 SPF record has been found, close the pop-up, refresh the page and click on the Authenticate button again. The pop-up will automatically update with a merged SPF record.
If for some reason your SPF records aren’t merged automatically, take a look at our article How to merge SPF records.