How to set up SPF for Mailchimp

SPF (Sender Policy Framework, RFC 7208) authorizes specific servers to send mail for your domain. When you start sending through Mailchimp, you must publish a single SPF record at your domain apex that includes Mailchimp's sending infrastructure — otherwise the messages will fail SPF, your DMARC checks will fail, and your mail will land in spam or be rejected outright.

If you already publish SPF for another sender (Google Workspace for inbound, a marketing tool, your CRM), do not publish a second record. Merge the new include into the existing record. RFC 7208 §3 forbids multiple SPF records on the same name and receivers MUST return permerror when they see one.

Publish these DNS records

Add the following record(s) to your domain's DNS zone. Most registrars (Cloudflare, Route 53, Namecheap, GoDaddy) accept values exactly as shown.

• Mailchimp also issues per-account CNAMEs for click tracking — those are separate from SPF and not required for deliverability.

Where in Mailchimp

The SPF configuration lives in Mailchimp → Account → Domains → Authenticate.

Verify the records

Once published, run the SPF Checker on your domain to verify the lookup chain expands cleanly and stays under the 10-DNS-lookup limit.

Common pitfalls

• Mailchimp's authentication wizard sometimes verifies CNAMEs against their non-authoritative resolver, which can lag. If verification fails after publishing, wait an hour and retry rather than re-publishing.
• If you exported a list from another tool that included unsubscribed addresses, Mailchimp's import will silently skip them. Don't assume your list size in Mailchimp matches the source.