Skip to main content

Authenticate your domain to improve the deliverability of your emails (DKIM, SPF)

In this article, we will explain how to authenticate your domain to improve the deliverability of your emails using standard email signature protocols: SPF and DKIM.

These protocols meet various safety issues and should be implemented to ensure the best possible deliverability, both on shared and dedicated IPs.

Before you start

👆Step 1: Access the Domains page

To access the Domains page:

  1. In Sendinblue, click on your name at the top-right side of the screen.
  2. Select Senders & IP.
  3. Click Domains.

⚙️ Step 2: Generate the DNS records

To generate the DNS records that you will use to authenticate your domain:

If you haven't added your domain yet If you already added your domain
  1. Click Add a domain.
  2. Enter the domain name you wish to use to sign your emails and click Save. In our example, we are using the domain
  3. The DNS records (Sendinblue code, DKIM, and SPF) that need to be added to your domain host display.

🚀 Step 3: Add the DNS records to your domain host

❗️ Important
A domain can only have one SPF record. If you need to add more than one SPF record to a domain, you should add a new rule to your existing SPF record instead of creating a new record. Learn more in our dedicated article Merging multiple SPF records.
  1. Open a new window in your navigator and access your domain hosting platform.
  2. If you haven't verified your domain before, follow Step 2 from our dedicated article Verify your domain. We highly recommend using DNS records to verify your domain as it allows you to verify and authenticate your domain simultaneously.
  3. Create a DNS entry of TXT type for each DNS record: DKIM and SPF. 
  4. In the Hostname field, paste the hostname as it appears under DKIM record and SPF record, respectively.
  5. In the Value field, paste the generated Value code under DKIM record and SPF record, respectively.
  6. Click Verify & Authenticate or Authenticate. 
  7. Once the configuration is complete, a green check appears next to the Value fields for DKIM and SPF records.

Your domain has been authenticated, and your emails will now be signed with your own domain name in your recipients' mailbox! 🚀⬇️


🧐 How to verify if my emails have been signed?

You can easily verify if your emails have been signed. Webmails allow you to see if your email has been signed through both protocols by reviewing the email header and looking for the references "spf=pass" and "dkim=pass".

To learn how to find email headers, check out our dedicated article How do I find email headers?.


In the above example from a Gmail email header, the references "spf=pass" and "dkim=pass" certify that the email is signed with the domain "". Signing your emails with your own domain name helps you manage your own reputation, either on our shared IP or your dedicated IP.

🤔 Have a question?

If you have a question, feel free to contact our support team by creating a ticket from your account. If you don't have an account yet, you can contact us here.