Mailchimp Domain Authentication: How to Fix Deliverability Issues

Fix Mailchimp deliverability issues by authenticating your domain. Step-by-step guide for setting up SPF, DKIM, and DMARC with Mailchimp.

Best Practices

Mailchimp made domain authentication mandatory in February 2024. If you haven't authenticated your sending domain — or if authentication is misconfigured — your Mailchimp emails are more likely to land in spam, get deferred, or bounce entirely.

Here's how to authenticate your domain in Mailchimp and fix the most common deliverability issues.

Why Mailchimp Requires Domain Authentication

Google and Yahoo's bulk sender requirements mandate SPF, DKIM, and DMARC authentication for all bulk senders. Mailchimp enforced this by requiring all senders to authenticate their domain. Without authentication, Mailchimp sends your email with a modified From address (using Mailchimp's domain), which reduces trust and recognition.

With authentication, your emails:

  • Come from your actual domain
  • Pass SPF and DKIM checks
  • Align with your DMARC policy
  • Are more likely to reach the inbox

How to Authenticate Your Domain in Mailchimp

1

Go to Domain Settings

In Mailchimp, navigate to Account → Settings → Domains. Click "Add & Verify Domain" or select an existing domain.

2

Add DKIM records

Mailchimp provides two CNAME records for DKIM authentication. Add both to your domain's DNS. These records look like:

  • k1._domainkey.yourdomain.com → CNAME to a Mailchimp-provided value
  • A second CNAME record with a similar pattern
3

Add SPF record

Add Mailchimp's SPF include to your existing SPF record: include:servers.mcsv.net

Your SPF record should look something like: v=spf1 include:_spf.google.com include:servers.mcsv.net ~all

4

Verify in Mailchimp

Return to Mailchimp's domain settings and click Verify. Mailchimp will check your DNS records. If verification fails, wait 30–60 minutes for DNS propagation and try again.

Verify Authentication Is Working

After setup, send a test email to a Gmail account. Open the email, click the three dots menu, and select "Show original." Look for:

  • SPF: PASS — Your SPF record is correctly configured
  • DKIM: PASS — Mailchimp is signing your emails and the DNS record is correct
  • DMARC: PASS — Your DMARC record exists and alignment is working

If any of these show FAIL, there's a configuration problem to fix.

Check your Mailchimp authentication

Run a free deliverability check on your domain. Verify SPF, DKIM, and DMARC in one scan.

Common Mailchimp Deliverability Issues

"Your domain isn't authenticated"

Mailchimp shows this warning when DKIM records aren't verified. Common causes:

  • CNAME records not added — Check your DNS for the two CNAME records Mailchimp requires
  • Incorrect record values — Copy the values exactly from Mailchimp. A single typo breaks authentication
  • DNS propagation delay — Wait up to 48 hours after adding records before troubleshooting further
  • CNAME flattening — Some DNS providers (notably Cloudflare with proxying enabled) flatten CNAME records. Disable proxying (grey cloud) for DKIM CNAME records

SPF Not Passing

If SPF fails on Mailchimp emails:

ProblemSolution
Missing includeAdd include:servers.mcsv.net to your SPF record
Multiple SPF recordsMerge into one record — you can only have one v=spf1 per domain
Too many lookupsYou may be over the 10-lookup limit. Remove unused includes or use subdomains
Wrong domainSPF must be on the domain in your From address, not a different domain

DMARC Alignment Failing

Even if SPF and DKIM individually pass, DMARC can fail if alignment is off. DMARC requires that the domain in SPF or DKIM matches your From domain.

In Mailchimp, DKIM alignment should work automatically when you've authenticated your domain — the DKIM signing domain matches your From domain. If alignment is failing, check:

  • Your From address uses the domain you authenticated (not a different domain or subdomain)
  • DKIM records are for the correct domain
  • Your DMARC record doesn't have aspf=s or adkim=s (strict mode) unless you're certain alignment is exact

Emails Going to Spam Despite Authentication

Authentication passing doesn't guarantee inbox placement. If authenticated emails still go to spam:

  1. Check complaint rate — Use Google Postmaster Tools. Above 0.1% is a warning sign.
  2. Check domain reputation — Postmaster Tools also shows domain reputation. "Medium" or "Low" indicates problems.
  3. Review content — Image-only emails, aggressive sales language, excessive links, and misleading subject lines trigger content filters.
  4. Check blacklists — Run a blacklist check on your domain.
  5. Review list quality — High bounce rates and low engagement tell providers your email isn't wanted.

Mailchimp-Specific Best Practices

Use Mailchimp's Predicted Demographics Wisely

Mailchimp's audience insights are useful for segmentation, but always verify data quality. Segments based on predicted demographics can include disengaged subscribers.

Clean Your Audience Regularly

Mailchimp charges by subscriber count, so list hygiene also saves money:

  • Remove subscribers who haven't opened a single email in 6+ months
  • Run re-engagement campaigns before removing (Mailchimp has built-in re-engagement automation)
  • Archive instead of deleting — you can reference the data without paying for inactive contacts

Configure Unsubscribe Properly

Mailchimp handles one-click unsubscribe headers automatically when domain authentication is set up. However:

  • Don't hide the unsubscribe link in tiny text
  • Don't require login to unsubscribe
  • Use Mailchimp's preference center to let subscribers adjust frequency instead of fully unsubscribing

Monitor Per-Campaign Metrics

Mailchimp shows delivery metrics for each campaign:

MetricHealthy RangeIf Below
Open rate15–25%Clean list, improve subject lines
Click rate2–5%Improve content relevance
Bounce rateBelow 0.5%Remove invalid addresses
Abuse complaintsBelow 0.1%Fix opt-in process, improve content match

A sudden spike in any negative metric on a specific campaign suggests something about that email — the audience segment, content, or timing — triggered the problem.

Migrating to Mailchimp

If you're moving to Mailchimp from another platform:

  • Don't import your entire list — Only import subscribers who have engaged in the last 6 months
  • Verify addresses first — Run the list through an email verification service before importing
  • Warm up gradually — Start by sending to your most engaged segment, then expand over 2–4 weeks
  • Don't import suppressed addresses — If someone unsubscribed, bounced, or complained on your old platform, don't add them to Mailchimp