How to Set Up DMARC for Mailchimp

Mailchimp is a leading email marketing platform used by millions of businesses. Authenticating your domain with Mailchimp ensures your marketing emails pass DMARC alignment, improving deliverability and preventing your campaigns from landing in spam.

This guide walks you through configuring SPF, DKIM, and DMARC for Mailchimp so your emails are fully authenticated and your domain is protected from spoofing. Proper configuration ensures your messages reach the inbox and comply with the requirements of Gmail, Yahoo, and Microsoft Outlook.

SPF Configuration

SPF (Sender Policy Framework) authorizes Mailchimp's mail servers to send email on behalf of your domain. Add the following include directive to your existing SPF record:

v=spf1 include:servers.mcsv.net ~all

If you already have an SPF record with other include directives, add include:servers.mcsv.net before the ~all or -all mechanism. For example:

v=spf1 include:_spf.google.com include:servers.mcsv.net ~all

Important: You can only have one SPF record per domain. If you have multiple sending services, combine all include directives into a single record. SPF also has a 10 DNS lookup limit - exceeding this will cause SPF to fail. Use our SPF Checker to verify your record stays within limits.

DKIM Configuration

DKIM (DomainKeys Identified Mail) adds a cryptographic signature to your emails, proving they were not altered in transit. For Mailchimp, the DKIM selector(s) used are: k1.

DKIM is configured by adding a TXT or CNAME record to your DNS at the selector subdomain (e.g., k1._domainkey.yourdomain.com). The exact record value is generated by Mailchimp in their admin console or dashboard. Follow the provider-specific steps below to generate and publish your DKIM record.

After adding the DKIM record, use our DKIM Checker to verify the record is published correctly and the signature can be validated.

DMARC Record

Once SPF and DKIM are configured for Mailchimp, publish a DMARC record to tie everything together. Add the following TXT record at _dmarc.yourdomain.com:

v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com; fo=1

Start with p=none to monitor authentication results without affecting mail delivery. The rua tag specifies where aggregate reports are sent, and fo=1 ensures you receive failure reports for any mechanism failure. After 2-4 weeks of monitoring, gradually move to p=quarantine and then p=reject for full protection.

v=DMARC1; p=reject; rua=mailto:dmarc@yourdomain.com; fo=1

Step-by-Step Setup

Follow these Mailchimp-specific steps to configure email authentication for your domain:

1. Log in to your Mailchimp account and navigate to Account > Settings > Domains.
2. Click 'Add & Verify Domain' and enter your sending domain.
3. Mailchimp will provide a DKIM CNAME record (k1._domainkey.yourdomain.com) and an SPF include directive.
4. Add the DKIM CNAME record to your DNS provider pointing to the value Mailchimp provides.
5. Add 'include:servers.mcsv.net' to your existing SPF record.
6. Return to Mailchimp and click 'Verify' to confirm DNS records are in place.
7. Send a test campaign and verify DKIM and SPF pass using email headers.
8. Publish your DMARC record at _dmarc.yourdomain.com with p=none to begin monitoring.

Verify Your Setup

After completing the configuration, use our free tools to verify that SPF, DKIM, and DMARC are all correctly configured for your domain:

• DMARC Checker - Validate your DMARC record syntax, policy, and reporting configuration.
• SPF Checker - Verify your SPF record includes all authorized senders and stays within the 10 DNS lookup limit.
• DKIM Checker - Confirm your DKIM public key is published correctly and can validate signatures.

If any of these checks fail, review the steps above and ensure all DNS records have fully propagated. DNS changes can take up to 48 hours, though most propagate within a few hours.

Continuous Monitoring with Inbox Insignia

Setting up DMARC is just the beginning. Email authentication requires ongoing monitoring to catch configuration drift, new sending sources, and authentication failures before they impact deliverability. Inbox Insignia provides automated DMARC monitoring, aggregate report parsing, and compliance scoring for all your domains.

to start monitoring your Mailchimp email authentication and receive alerts when your SPF, DKIM, or DMARC configuration needs attention.