Shopify DMARC authentication for email

If you’re using Shopify and sending emails from your own domain email address, you may have received an email telling you that you need to authenticate and add a DMARC record to continue sending emails from your domain.

Gmail and Yahoo have announced changes that require you to authenticate and add a DMARC record on your domain if you’d like to continue sending emails from a branded email address.

Authenticate and add a DMARC record to continue sending emails from your domain

Currently, your emails are sending from To continue, you’ll need to ensure you have a valid DMARC record and have authenticated the email address.

If you take no action, we will rewrite your sender email to to meet the minimum requirements so that you can continue sending emails to your customers with no interruption.

This actually sounds much more complicated than it is. You’ll simply have to add 4 new CNAME records to your domain name. Provided you’ve got access to your domain’s DNS record, all you need to do is the following:

  1. log into Shopify and click on the ‘settings’ option in the bottom-left corner
  2. from the ‘settings’ menu go to ‘notifications’
  3. You’ll see the ‘The email your store uses to send emails to your customers’ and under this there is an option to ‘Authenticate now’. Here you’ll be given 4 x CNAME DNS records to add to your domain DNS
  4. Log into your domain admin panel and edit the DNS to add the 4 new records
  5. Go back to Shopify and confirm you’ve made the changes. Once the DNS has fully resolved and propagated, your domain is now authenticated and can send to GMAIL and YAHOO addresses again

What is DMARC?

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It’s a powerful email authentication protocol that helps protect your domain from email spoofing, phishing attacks, and other forms of email fraud.

A DMARC record is a TXT record that you publish in your domain’s DNS (Domain Name System). It contains instructions for email receivers on how to handle emails that fail authentication based on SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) checks.