Gmail, part of Google's G Suite, is a DMARC compliant mailbox provider. To enable Gmail to send authenticated mail from your domain please update your SPF and DKIM records which can be done inside the Sendmarc control panel or directly on the DNS. Editing your records inside the Sendmarc control panel is preferable. |  |
| Table of Contents |
1. Google SPF Setup
Please note that the following SPF changes should only be applied to the Sendmarc record within Sendmarc and not the hosting provider.
| Include String | include:_spf.google.com |
| Google SPF Record | v=spf1 include:_spf.google.com -all |
2. Google DKIM Setup
2.1. Generate Google DKIM Key
In order to implement DKIM for your domain, you will need to follow the steps below. Log in as administrator and go to the Admin Console.
Go to Apps --> G Suite
3. Click on the Gmail app.
4. Click on Authenticate email
5. For the DKIM key bit length, select 2048. Sendmarc support 2048 Keys
6. Select your prefix selector, you can leave the default of "google" or type in your own. This will be your DKIM selector.
2.2 Publish DKIM Key
1. Once the key is generated, you will need to load the key into the Sendmarc DKIM manager as a TXT record
It will look like the example below, except that you will have to replace the word "selector" below with the one that you created earlier.
| Type | Host | TXT Value | TTL |
| TXT | selector._domainkey | Paste the key generated here | 1 hour (Default) |
2.3 Enable Google DKIM Signing
- From the Admin console Home page, go to Apps
G Suite Gmail. - Click Authenticate email.
- Select the domain where you want to start email signing. The page shows the status of email signing for the selected domain.
- Click Start authentication.