In Mailchimp, go to Account > Settings > Domains. Click Add & Verify Domain, enter your domain, and Mailchimp provides a CNAME record for DKIM. Add this CNAME to your DNS provider pointing to dkim.mcsv.net or the value Mailchimp specifies. Verify in Mailchimp, and all outbound email will be DKIM-signed with your domain.
DKIM for Mailchimp: Setup Guide
Authenticate Your Domain
- Log into Mailchimp and go to Account > Settings > Domains
- Click Add & Verify Domain
- Enter the domain you send from (must match your From address)
- Mailchimp provides DNS records including a CNAME for DKIM
Add the DNS Record
Add the CNAME record to your DNS provider:
| Record Type | Host | Value |
|---|---|---|
| CNAME | k1._domainkey.yourdomain.com | dkim.mcsv.net (or as specified by Mailchimp) |
Copy the exact values from Mailchimp's dashboard. The hostname and value may change — always use what Mailchimp gives you, not a generic example.
Practitioner note: Mailchimp's domain authentication has evolved over the years. Older accounts may have different record formats. If you set up DKIM years ago, it's worth verifying in the current dashboard that everything still matches.
Verify the Domain
Go back to the Domains page and click Verify. Mailchimp checks for the DNS record and confirms authentication.
If verification fails:
- Wait for DNS propagation (up to 48 hours)
- Check that you didn't duplicate the domain in the hostname (a common DNS provider issue)
- Verify the CNAME value matches exactly — no trailing spaces
Why This Matters for DMARC
Without custom DKIM, Mailchimp signs your email using their own domain. Your DMARC policy checks whether SPF or DKIM aligns with your From domain. If neither aligns, DMARC fails.
With custom DKIM enabled:
- DKIM signs with
d=yourdomain.com - Your DMARC record sees alignment
- Authentication passes even when SPF fails (common with forwarding)
Practitioner note: I've had clients panic when they moved to p=quarantine and Mailchimp emails started hitting spam. Nine times out of ten, they never authenticated their domain in Mailchimp. Five minutes of DNS work fixes it.
Confirm It's Working
Send a test campaign and check the email headers in Gmail:
Authentication-Results: mx.google.com;
dkim=pass [email protected]
You can also use MXToolbox DKIM Lookup to verify the public key is published.
If you need help getting Mailchimp authenticated alongside your other sending services, I can handle the full setup.
Sources
- Mailchimp: Set up email domain authentication
- Mailchimp: About email authentication
- RFC 6376: DomainKeys Identified Mail (DKIM) Signatures
- MXToolbox: DKIM Record Lookup
v1.0 · April 2026
Frequently Asked Questions
How do I set up DKIM in Mailchimp?
Go to Account Settings > Domains, add your domain, and Mailchimp generates a CNAME record. Add it to your DNS, then verify in Mailchimp.
Does Mailchimp support custom DKIM?
Yes. Mailchimp supports custom DKIM via authenticated sending domains. You add a CNAME record that delegates DKIM signing to Mailchimp's infrastructure.
What happens if I don't set up DKIM in Mailchimp?
Your emails will be signed with Mailchimp's default domain, not yours. This causes DKIM alignment failures in DMARC, which can lead to messages being quarantined or rejected if you have a DMARC policy.
How long does Mailchimp DKIM verification take?
Usually under an hour for DNS propagation, though it can take up to 48 hours. Mailchimp will show a verified status once the record is detected.
Can I authenticate multiple domains in Mailchimp?
Yes. You can add and authenticate multiple sending domains in Mailchimp. Each domain needs its own CNAME record for DKIM.
Want this handled for you?
Free 30-minute strategy call. Walk away with a plan either way.