Gmail, part of Google's G Suite, is a DMARC compliant mailbox provider. 

To enable Gmail to send authenticated mail from your domain please update your SPF and DKIM records which can be done inside the Sendmarc control panel or directly on the DNS. Editing your records inside the Sendmarc control panel is preferable.

Table of Contents
  1. Google SPF Setup
  2. DKIM Setup
    1. Generate Google DKIM Key
    2. Publish Google DKIM Record
    3. Enable Google DKIM Signing

1. Google SPF Setup

Please note that the following SPF changes should only be applied to the Sendmarc record within Sendmarc and not the hosting provider.

Include String
Google SPF Recordv=spf1 -all

2. Google DKIM Setup

2.1. Generate Google DKIM Key

In order to implement DKIM for your domain, you will need to follow the steps below. Log in as administrator and go to the Admin Console.

Go to Apps --> G Suite

3. Click on the Gmail app.

4. Click on Authenticate email

5. For the DKIM key bit length, select 2048. Sendmarc support 2048 Keys

6. Select your prefix selector, you can leave the default of "google" or type in your own. This will be your DKIM selector.

2.2 Publish DKIM Key

1. Once the key is generated, you will need to load the key into the Sendmarc DKIM manager as a TXT record

It will look like the example below, except that you will have to replace the word "selector" below with the one that you created earlier.

TypeHostTXT ValueTTL
TXTselector._domainkeyPaste the key generated here1 hour (Default)

2.3 Enable Google DKIM Signing

  1. From the Admin console Home page, go to Appsand thenG Suite Gmail.
  2. Click Authenticate email.
  3. Select the domain where you want to start email signing. The page shows the status of email signing for the selected domain.
  4. Click Start authentication.