Email domain authentication

Google has published a series of changes it will implement in February 2024 to increase protection for email users against spam and phishing. These requirements will entail a change in the Emails area, which includes the obligation to authenticate each and every one of the mailings that are sent.

This article details the properties and scope of this change in Connectif. 


These requirements also entail the need to include a one-click unsubscribe button. You can learn more about this and how Connectif adapts to it in this article.


1. Properties

1.1. What changes does the domain authentication requirement entail?

The main change is the obligation to authenticate the email sending domain (the from address). Although Connectif always recommends authenticating your sending domain to align with best practice and optimize the reach of your emails, it is now mandatory.

  • This authentication refers to DKIM and SPF.
  • This is achieved by adding DNS records in the domain provider.


1.2. What will happen if it's not complied with

  • Gmail warns that absolutely no unauthenticated emails will enter its inboxes.
  • Additionally, it will negatively impact the domain's reputation. 

To prevent potential damage to the domain's reputation, Connectif is required to enforce domain authentication before enabling email sending from your Connectif account.

  • If the domain is not authenticated, all workflows that send emails using unauthenticated senders (from address and reply-to address) will cease to function and will be paused automatically.

1.2.1. Which workflows will be affected?

  • All active workflows with a "Send email" node configured with an unauthenticated domain will stop functioning and will be paused automatically.

1.2.2. How to resolve the issue?

  • It will be necessary to edit the workflows to use an authenticated domain or authenticate the domain being used in order to resume them.

1.2.3. How to know which workflows have been automatically paused?

  • Before being paused, an alert will appear on the Dashboard with a button that will display all the workflows in the Store that are using unauthenticated domains, including the option to automatically resolve the issue in all of them by using one of the authenticated domains in the store.
    • With this option, all workflows will be using authenticated domains, and no workflow will cease to function.
  • If not all workflows are corrected, those that continue to use an unauthenticated domain will be paused automatically. At that time, another alert will appear on the Dashboard indicating which workflows have been paused automatically, including the option to correct them to use an authenticated domain.
    • However, at this point, even though those workflows will be modified to use the authenticated domain, they will not be resumed automatically and will need to be manually resumed.
    • To simplify this process, all workflows paused automatically will be marked with a Domain not authenticated label, allowing you to filter the list of workflows by those with this label for easy review and resumption.
    • This label will not be automatically removed when resuming the workflow and will function just like any other workflow label.

2. How to adapt to this requirement

To prepare for the change and to avoid having emails blocked, all accounts should authenticate their sending domain as soon as possible. Doing so will ensure better reach and that Google’s requirement is fulfilled.


Authenticate the email domain

If your domain is not authenticated, go to “Store settings > Channels > Email ” to authenticate a domain.

1. In the Domain Authentication section click on Ad new domain.

Autenticar dominio email - 1-min.png

2. Introduce the domain direction from which you want to send and click on Confirm.

Autenticar dominio email - 2-min (1).png

3. In the domain menu, the domain you have included will appear with the status Pending and some values you have to add in your domain provider:

  • Three DNS CNAME records that you must add to your domain provider.
  • A TXT record for DMARC that is recommended to add if you haven't configured it previously.

Autenticar dominio email - 3-min (1).png

4. Once the records have been added to your domain provider, return to Connectif and click on the Verify Domain button to confirm that the records have been added correctly.


The propagation of DNS records can take a while, so if you have just added them and the verification has not completed, try again a little later.

Autenticar dominio email - 4-min.png

5. As soon as the verification is complete, the domain will appear as Verified and your Store will be enabled for sending emails again, using any of the domains that you have authenticated.


You can contact our support team any time with questions about this process.

Autenticar dominio email - 5-min.png


Monitor sending using PostMaster Tools


We recommend that you monitor your email performance using PostMaster Tools.

Google offers a free email monitoring tool, PostMaster Tools, and recommends its use to ensure compliance with good practices, including keeping reported spam percentages below 0.3%, ideally even lower than 0.1%.

To configure PostMaster Tools, log in with your Google account via the following link.

Follow the steps provided by Google to set up PostMaster Tools for your domain:


It’s very important to configure PostMaster Tools because in case of any deliverability incident involving Gmail, Connectif will request the reports that this tool helps to generate.



You’ve reached the end of the tutorial.


Do you have questions?
Don’t forget, our Connectif specialists are here to help you. To contact them, just open a Support ticket by clicking the blue “Help” button on your dashboard.


Keep learning!

To make the most of your Connectif account, we recommend reading these articles next:



Was this article helpful?
0 out of 0 found this helpful