Monthly Archives: May 2023

Gmail SPF and DKIM Authentication

Over the past few months, some clients have reported issues with Gmail not accepting their emails due to a lack of SPF and DKIM records configured on their domain. When this happens you’ll receive a bounce message similar to this:

host gmail-smtp-in.l.google.com [142.250.114.27]
SMTP error from remote mail server after end of data:
550-5.7.26 This mail is unauthenticated, which poses a security risk to the
550-5.7.26 sender and Gmail users, and has been blocked. The sender must
550-5.7.26 authenticate with at least one of SPF or DKIM. For this message,
550-5.7.26 DKIM checks did not pass and SPF check for [example.com] did
550-5.7.26 not pass with ip: [ip-address]. The sender should visit
550-5.7.26 https://support.google.com/mail/answer/81126#authentication for
550 5.7.26 instructions on setting up authentication.

This primarily occurs for a few different reasons:

  • The cPanel account is very old and does not have an SPF or DKIM record configured.
  • The SPF and DKIM records were incorrectly modified.
  • The domain does not utilize our DNS and thus the records have to be manually added at the DNS host.

If you host your domain’s email with us, this can be addressed via the Email Deliverability section of cPanel. Once navigating to that section you’ll see a screen similar to below.

If the “Repair” option is available, simply select it and the necessary records will automatically be created on the domain. This should resolve your issue as soon as these changes propagate within a few hours.

If the “Repair” option is disabled as shown above, this usually indicates that the domain is not using our DNS. As such, you’ll need to either reconfigure the domain to use our DNS or manually setup the records at the domain’s DNS host. Upon selecting “Manage”, you’ll be provided with the needed DKIM and SPF record to setup at your DNS host.

Lastly, if the domain’s email is not hosted by us, you’ll need to obtain the necessary DKIM and SPF records from your email provider. These records will need to be added to the domain’s DNS zone at the DNS host. If we host the domain’s DNS, this can be done via the cPanel or WHM zone editor.

If you find yourself stuck or needing assistance at any point, please do not hesitate to submit a ticket. We’re happy to help in any capacity that we can.