Mailchimp can send marketing campaigns, automations, and transactional mail, but each sending path needs the right domain-authentication context. Use this review before changing DNS so provider-generated records, DMARC policy, and sender inventory stay aligned.
Scan the Mailchimp sending domain first
Check public DMARC, SPF, DKIM, MX, BIMI, MTA-STS, and TLS-RPT signals before editing Mailchimp authentication records.
01$0Free scan
Check the public sender-auth records mailbox providers expect.
02$0Shareable action plan
Keep one URL with evidence, owner steps, and decisions.
03$49$49 fix plan
Add human review, provider context, and verification steps.
Optional. Most first scans can run with just the domain.
Checks Gmail, Yahoo, and Microsoft sender requirementsPublic DNS onlyNo mailbox login needed
Example result72/100Needs attention
Review DMARC policy strength before a high-volume send.
Public DNS evidence
DMARC/SPF/DKIM status and caveats are visible before you pay.
Owner-ready next step
The audit adds provider context and a verification checklist.
Get the exact fix plan for your domain.$49 readiness audit: prioritized owner actions, DNS evidence, and verification checks.
The Mailchimp help center separates email domain verification from authentication. Verification confirms access to a sending address; authentication requires DNS records and can affect whether mailbox providers see messages as aligned with your domain.
Mailchimp also documents different authentication paths for Marketing and Transactional. A campaign domain, a transactional sending domain, and a company mailbox provider may all need separate review before the root DMARC policy is tightened.
Setup areas to review
Separate Marketing from Transactional: Mailchimp Marketing domain authentication and Mailchimp Transactional sending-domain authentication are different setup flows. Confirm which product sends from the domain before interpreting DNS or message headers.
Verify before authenticating: Mailchimp distinguishes domain verification from domain authentication. Verification proves access to a sending address; authentication is the DNS-record process that affects sender identity and delivery posture.
Use the account-generated DNS values: For manual Mailchimp Marketing setup, Mailchimp says authentication requires two CNAME records plus one TXT record, with values shown inside the account. Do not copy someone else's CNAME or DMARC value into production DNS.
Treat SPF as domain inventory, not a paste-in fix: Mailchimp explains SPF as an approved-sender list, but a domain should not publish multiple root SPF records. If the domain already has SPF, reconcile every legitimate sender before changing it.
Confirm DKIM and DMARC after DNS propagation: Mailchimp says DNS validation can take time. Check the provider status, public DNS, and signed test-message headers before assuming the setup is complete.
DNS record examples and caveats
These examples show record shapes only. Mailchimp account screens and official docs are the authority for current hostnames and values, and your existing SPF/DMARC records may already include other legitimate senders.
Mailchimp Marketing DKIM CNAME shape:provider-generated host -> provider-generated target. Mailchimp displays two CNAME records in the account. The host and target are account/domain-specific.
DMARC TXT monitoring shape:v=DMARC1; p=none; rua=mailto:dmarc-reports@example.com. Use a reporting destination that is monitored and approved for the domain. This example is not a universal production policy.
Mailchimp Transactional DKIM shape:mte1._domainkey.example.com -> dkim1.mandrillapp.com. Mailchimp Transactional documents this as a pattern for DKIM CNAMEs. Confirm current values inside the sending-domain screen before publishing.
Safe verification sequence
List every sender using the visible From domain, not only Mailchimp.
Confirm whether the stream is Mailchimp Marketing, Mailchimp Transactional, or both.
Copy Mailchimp-generated CNAME and TXT values from the account, not from a generic guide.
Check for duplicate SPF records before changing root TXT records.
Send test messages and inspect Authentication-Results for SPF, DKIM, and DMARC alignment.
Mailchimp authentication FAQ
Does Mailchimp domain verification mean DKIM and DMARC are ready?
No. Mailchimp describes verification as proving you can access an email address, while authentication is the DNS-record setup. Treat verification as an account permission step, not proof that DMARC or DKIM pass.
Should I add a second SPF record for Mailchimp?
No. A domain should normally have one SPF policy. If SPF needs to change, merge legitimate senders into the existing record and check lookup count, duplicate-record risk, and the effect on other senders.
Can a Mailchimp status badge prove Gmail/Yahoo/Microsoft readiness?
Not by itself. A provider status can prove that provider's DNS check passed, but public DNS, aligned headers, DMARC policy, unsubscribe handling, spam complaint rates, and list consent still matter.
Do Marketing and Transactional use the same authentication records?
Not necessarily. Mailchimp Transactional has its own sending-domain setup, DKIM CNAMEs, domain verification, and DMARC requirements. Inventory the product actually sending each stream before editing DNS.
Turn the scan into a Mailchimp fix list
SenderReady readiness audits organize public DNS findings, provider-specific review steps, and cautious next actions for the domain owner or DNS admin. The report is a diagnostic aid, not a deliverability guarantee.