In this article, you’ll learn how to set up DKIM and add MailChimp domain authentication to secure your e-mails and make it be delivered properly.

Internet Service Providers (ISPs), like Google, Yahoo, and Microsoft, use DKIM and SPF authentication as a way to scan incoming emails for spam or spoofed addresses. Emails that fail authentication are more likely to arrive in a spam or junk folder.

To help ensure your campaigns reach your recipients’ inboxes and to make your campaigns look more professional, you can set up custom DKIM authentication for your domain, and add MailChimp domain verification to your SPF record.

In this post, I’ll show you how to authenticate your domain in MailChimp if you’re using Cloudflare and G Suite. Authenticating your domain is important because you can further prevent your newsletters from going into the spam folder.

MailChimp Domain Authentication Guide

MailChimp Domain Authentication Guide
MailChimp Domain Authentication Guide


What’s the point of sending newsletters if they’re going into spam, right? It will also get rid of the default MailChimp authentication information (“via” or “on behalf of”), which can appear next to your ‘From’ name in some email clients.

Here’s an example from MailChimp on how it looks like in Gmail: That can look weird and even suspicious to some users, and you don’t want that, do you? So, in order to authenticate your domain in MailChimp, you’ll need to set up DKIM and SPF records on your domain’s DNS. It sounds more complicated than it is, don’t worry!

Since I am using G Suite, and I already added DKIM and SPF records from Google, I was wondering if it’s all right to add other ones from MailChimp as well. So, I did some digging around and also contacted G Suite support since this is not really my area of expertise, and I found out that there’s no problem in adding additional DKIM and SPF records to your domain’s DNS.

Get the DKIM and SPF records from MailChimp

  1. Go to the Account section.
  2. Click on Verified domains from the Settings drop-down menu.
  3. Click on the View setup instructions link.

My site is already authenticated, but it doesn’t matter; you’ll have that link there anyway.

Leave the tab open so you can copy the DKIM and SPF records when you’ll log in to Cloudflare.

Adding MailChimp in Cloudflare

Log in to Cloudflare and access the DNS section.

Create a CNAME record for DKIM.

  • Choose CNAME from the first drop-down menu;
  • In the Name field, copy the domain key from MailChimp and add it there. It looks like this: Don’t copy this one!
  • In the Domain name field, add the DKIM value, which is;
  • Click on the cloud icon to make it gray, otherwise, you’ll get an error and it won’t work;
  • Click the Add Record button.

Note that the part from your domain key won’t show after you add the record, but don’t worry, it’s still there. Cloudflare just hides it, it doesn’t remove it.

Add the SPF record next to the one from G Suite.

If you’re using G Suite, I assume that you have already set up an SPF record for it. If not, you should really do it! Here’s the guide.

Now, unlike the DKIM record, you won’t create a new SPF record. Instead, you’ll add the one from MailChimp next to the G Suite one.

So, find the G Suite SPF record and click on it.

Now, add this after the G Suite SPF record:

I recommend copying the one from your MailChimp account, not this one because it might change in the future.

So, don’t add the whole SPF record from MailChimp’s instructions: v=spf1 ?all.

You should only add the whole record if you don’t have any SPF records added and you have to create one from scratch.

This is a general rule, not only if you’re using G suite.

You might have noticed that MailChimp uses at?all the end of the SPF record, but G Suite uses ~all.

You can’t add two versions, so I decided to keep the one from G Suite.

You can find out more info about ~all and ?all, as well as other versions, here.

Step 4 – Go back to MailChimp – at the authentication setup instructions part (see above) – and press the Authenticate Domain button.

As it says there, it might even take 48h for the DNS changes to propagate. Usually, it takes way less.

You should be all set up now!

CNAME flattening in Cloudflare

It’s said that if you have CNAME flattening enabled in Cloudflare, the MailChimp domain authentication won’t work, and you’ll get an error instead of that green check mark.

I don’t know if that was fixed or I was just lucky, but it worked just fine for me.

In case it doesn’t work for you, you’ll have to disable CNAME flattening in Cloudflare. You can find it by just scrolling down a bit from where you added the DKIM and SPF records. The bad news is that you’ll only have the disable option available if you’re using at least Cloudflare’s Pro plan. You can’t disable it on the free plan.

So, if you already own a Pro or higher plan, then disable CNAME flattening, press the Authenticate Domain button in MailChimp, then reactivate CNAME flattening. If you’re on the free plan, you’ll have to purchase the Pro plan to perform this workaround, unfortunately. Hopefully, it will work for you as it did for me.

Final Words

Hope you found the post useful and comprehensive, and you managed to successfully authenticate your domain in MailChimp!

Don’t forget to share the post to help out others! If you have any questions or thoughts, drop a comment or send a message via contact or comments section.

Share This Post

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *