RSS

Stop Gmail from Blocking Your Domain Emails – SPF, DKIM and DMARC Setup

mssblogs2 pts0 comments

Fix Email Bounces: SPF, DKIM & DMARC Setup Guide | My Seven Stars

Why this matters (short)

Email providers (Gmail, Outlook, Yahoo) reject or classify messages as spam when they can’t verify who sent them. That happens when your domain lacks proper SPF and DKIM records or when DMARC isn’t set. Fixing authentication:

Prevents bounces and blocks (e.g., Gmail's 554 5.7.26 error).

Improves inbox placement for cold outreach and transactional mail.

Protects your brand from spoofing and phishing.

Quick definitions — plain English

SPF (TXT record) : a DNS list of servers allowed to send mail for your domain (simple validator for "who can send").

DKIM (CNAME or TXT) : cryptographic signature added to outgoing messages; recipient verifies it using a public key in DNS (makes sure mail wasn't altered and is from your domain).

DMARC (TXT) : policy that tells receivers what to do when SPF/DKIM fail; also lets you receive reports about issues.

General workflow — the 3 steps

Create SPF TXT that authorizes your sending service(s).

Add DKIM records provided by the platform that actually sends your mail (GetResponse, MailChannels, Google Workspace, etc.).

Add DMARC so you can monitor failures and move to stricter policies once things are healthy.

Tip: DNS changes take time to propagate — allow 30–60 minutes, sometimes a few hours, then re-test.

Basic example records (copy/paste)

Start with these examples. Replace any domain-specific selectors your provider gives you.

SPF (TXT)

Type: TXT<br>Name: @<br>Value: v=spf1 include:mailchannels.net ~all

DKIM (example CNAME for a platform)

Type: CNAME<br>Name: selector1._domainkey<br>Value: selector1-yourprovider-com._domainkey.provider.com

DMARC (TXT)

Type: TXT<br>Name: _dmarc<br>Value: v=DMARC1; p=none; rua=mailto:you@yourdomain.com

Note: replace provider and selectors with the exact values shown by your email service provider dashboard.

Provider-specific instructions

DreamHost (common for small businesses)

Login to DreamHost → Websites → Manage Websites → DNS Records .

Add SPF TXT : copy the SPF example above (or include other providers if needed):

v=spf1 include:mailchannels.net ~all

Enable DKIM from DreamHost panel if you use DreamHost mail: Mail → Manage Email → Edit your mailbox → Enable DKIM . DreamHost will auto-add the proper DKIM records.

Add DMARC TXT as shown above.

If you send via a third-party (e.g., GetResponse) add their include: to the SPF (see GetResponse section below).

Bluehost (cPanel)

Login to Bluehost → Advanced → Zone Editor or Email → Email Deliverability .

SPF: Add TXT record: v=spf1 include:spf.protection.outlook.com include:bluehost.com ~all (adjust for your sending service).

DKIM: In cPanel → Email Deliverability or "Authenticate Email", enable DKIM; Bluehost will display the CNAME/TXT values to paste.

DMARC: Add the same DMARC TXT record.

GoDaddy

Log in → My Products → DNS → Manage DNS for your domain.

SPF: Add a TXT record. Example for Office 365 users: v=spf1 include:spf.protection.outlook.com -all.

DKIM: If using Office 365 / Microsoft 365, enable DKIM from Microsoft 365 Admin Center and add the two CNAME records GoDaddy will host.

DMARC: Add TXT record _dmarc with value like the example above.

HostGator (cPanel)

Login → Domains → DNS Zone Editor or cPanel → Email Deliverability.

SPF: Add the TXT record; HostGator often uses include:websitewelcome.com in legacy setups — but prefer explicit service includes (MailChannels, SendGrid, etc.).

DKIM: Use cPanel Email Deliverability to generate/apply DKIM.

DMARC: Add the DMARC TXT.

Google Workspace (Gmail for business)

Admin Console → Apps → Google Workspace → Gmail → Authenticate email (DKIM) .

SPF: Ensure your TXT includes Google’s SPF: v=spf1 include:_spf.google.com ~all.

DKIM: Google will give you a TXT/CNAME selector to publish; add it via your DNS host.

DMARC: Add the DMARC TXT.

GetResponse (popular email marketing platform)

If you send campaigns through GetResponse, authenticate the sending domain in GetResponse first — they will give you DKIM CNAME (or TXT) values and instruct you to add SPF include for GetResponse.

SPF: v=spf1 include:_spf.getresponse.com include:mailchannels.net ~all

DKIM: (Add the CNAME GetResponse provides, e.g.)<br>gr._domainkey.yourdomain.com → gr._domainkey.getresponse.com<br>After adding, return to GetResponse and click Verify / Authenticate in their dashboard.

Testing & verification

After DNS changes, wait 30–60 minutes, then run these checks:

MXToolbox SPF check

MXToolbox DKIM check

Mail-Tester — send a test and inspect score & headers

Send a test to check-auth@verifier.port25.com for a detailed auth report

If SPF/DKIM show fail , check the exact values and ensure no typos; SPF only allows one TXT record per domain with v=spf1 — if multiple exist, you must merge them or choose the correct include statements.

Troubleshooting common problems

“SPF did not pass” — your sending server isn’t included in the SPF record. Add the appropriate...

dkim dmarc include email getresponse domain

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.