Search
Clear search
Close search
Google apps
Main menu

Check if your Gmail message is authenticated

If you see a question mark next to the sender's name, the message isn't authenticated. When an email isn't authenticated, that means Gmail doesn't know if the message is coming from the person who appears to be sending it. If you see this, be careful about replying or downloading any attachments.

Check if a message is authenticated

Note: Messages that aren't authenticated aren't necessarily spam. Sometimes authentication doesn't work for real organizations who send mail to big groups, like messages sent to mailing lists.

Check Gmail messages
  1. Open the Gmail app Gmail app.
  2. Open an email.
  3. The message is authenticated if you see:
  • "Mailed by" header with the domain name, like google.com.
  • "Signed by" header with the sending domain.

The message isn't authenticated if you see a question mark next to the sender's name. If you see this, be careful about replying or downloading any attachments.

Check messages in another mail client, like Outlook or Apple Mail

If you're checking your email on another email client, you can check the message headers.

  1. Open an email message.
  2. Find the "Authentication-Results" header.
  3. If the message was authenticated by SPF/DKIM, you'll see "spf=pass" or "dkim=pass."
Learn more about how authentication works (SPF & DKIM)

Emails can be authenticated using SPF or DKIM.

SPF specifies which hosts are allowed to send messages from a given domain by creating an SPF record.

DKIM allows the sender to electronically sign legitimate emails in a way that can be verified by recipients using a public-key.

Fix messages that aren't authenticated

A message I received wasn't authenticated

If a message you get from a trusted source isn't authenticated, contact the person or company who sent you the email. When you contact them, provide a link to this help page so they can learn how to authenticate their messages.

A message I sent from my domain wasn't authenticated

If a message you sent arrived with a question mark "?" next to your email address, the message wasn't authenticated.

Messages must be authenticated to make sure they're classified correctly. Also, unauthenticated messages are very likely to get rejected. Because spammers can also authenticate mail, authentication by itself isn't enough to guarantee your messages can be delivered.

Fix messages that aren't authenticated

First, make sure messages you sent are authenticated using DKIM (preferred) or SPF.

Next, check out these tips for sending bulk messages with Gmail:

  • Use RSA keys that are at least 1024-bits long. Emails signed with less than 1024-bit keys are considered unsigned and can easily be spoofed.
  • Gmail combines user reports and other signals, with authentication information, when classifying messages. Authentication is mandatory for every mail sender to ensure that your messages are correctly classified. For best practices, see Gmail's Bulk Senders Guidelines.
  • Learn how to create a policy to help control unauthenticated mail from your domain.

Vivian is a Gmail expert and the author of this help page. Leave her feedback about this help page.

Was this article helpful?
Watch video tutorials

To get the latest tips, tricks, and how-to's, subscribe to our YouTube Channel.