Prevent spam, spoofing & phishing with Gmail authentication

Set up SPF, DKIM & DMARC for your organization

Gmail administrators should set up email authentication to protect their organization's email. Authentication helps prevent messages from your organization from being marked as spam. It also prevents spammers from impersonating your domain or organization in spoofing and phishing emails.

If spammers send forged messages using your organization's name or domain, people who get these messages might report them as spam. This means legitimate messages from your organization might also be marked as spam. Over time, your organization's internet reputation can be negatively affected.

Email authentication requirements for sending to Gmail accounts

Google performs random checks on messages sent to personal Gmail accounts to verify messages are authenticated. To help ensure messages you send to Gmail accounts are delivered as expected, you should set up either SPF or DKIM for your domain. Messages without at least one of these authentication methods are rejected with a 5.7.26 error, or are marked as spam. We recommend you always set up SPF and DKIM to protect your organization’s email, and to support future authentication requirements.

If you use an email service provider, verify that they authenticate your organization's email with SPF or DKIM.

If you regularly forward email, be sure to follow Best practices for forwarding email to Gmail to help ensure your messages are delivered as expected.

About email authentication

Set up standard email authentication methods for Gmail, and help ensure message delivery and prevent valid messages from being marked as spam. These videos describe how email authentication benefits your organization, and how to set up authentication.

Video: Why email authentication?

Why email authentication?

How email authentication benefits your organization & your users.

To view available captions or change the caption language, click ""and thenSubtitles at the bottom of the video window, then select a language.

Video: Set up email authentication

Set up email authentication

Learn how to set up email authentication for your organization.

To view available captions or change the caption language, click ""and thenSubtitles at the bottom of the video window, then select a language.

Set up email authentication for Gmail


First, ensure mail delivery & prevent spoofing with SPF

SPF lets you specify the servers and domains that are allowed to send email for your organization. When receiving mail servers get a message from your organization, they compare the sending server to your list of allowed servers. This lets receiving servers verify the message actually came from you.

Go to: Set up SPF to ensure mail delivery and prevent spoofing


Then, increase security for outgoing email with DKIM

DKIMs adds an encrypted digital signature to every message sent from your organization. Receiving mail servers use a public key to read the signature, and verify the message actually came from you. DKIM also prevents message content from being changed when the message is sent between servers.

Go to: Set up DKIM to prevent spoofing


Finally, enhance security for forged spam with DMARC

DMARC tells receiving servers what to do with messages from your organization when they don't pass either SPF or DKIM. DMARC also sends reports that tell you which messages pass or fail SPF and DKIM. These reports help you identify possible email attacks and other vulnerabilities.

Go to: Set up DMARC to help prevent spoofing and phishing 


Optionally, add your brand logo to DMARC-authenticated messages 

After you set up DMARC, you can optionally turn on Brand Indicators for Message Identification (BIMI). When messages pass DMARC, email clients that support BIMI, including Gmail, display your verified brand logo in the inbox avatar slot. Learn more about the benefits of BIMI, and how it works.

Go to: Add a brand logo to outgoing email with BIMI

Was this helpful?
How can we improve it?

Need more help?

Sign in for additional support options to quickly solve your issue

Clear search
Close search
Google apps
Main menu
Search Help Center