All Products
Search
Document Center

Alibaba Mail:Bounce emails due to missing SPF, DKIM, and DMARC configurations

Last Updated:Jun 17, 2026

Emails sent to Gmail, Yahoo, and other providers may bounce if SPF, DKIM, and DMARC are not configured for your sending domain.

Problem description

Starting February 2024, Gmail and Yahoo require senders to configure SPF, DKIM, and DMARC. Emails sent to domains such as gmail.com, googlemail.com, yahoo.com, and aol.com without these configurations may bounce or be marked as spam. Configure all three protocols for your sending domain. For help, contact the Alibaba Mail support team.

For details about Gmail sender requirements, see Email Sender Guidelines.

Solution

DNS query tool: Alibaba Cloud DNS

For example, for `example.net`:

SPF query: `example.net`

DKIM query: `default._domainkey.example.net`

DMARC query: `_dmarc.example.net`

image

Configure these protocols in your domain's DNS settings. For detailed steps, see the documentation for each protocol.

Note

If you have multiple SPF records, merge them into a single record.

When you configure a DMARC record, set up a dedicated mailbox to receive reports from email providers. You may receive a large volume of reports.

SPF

Sender Policy Framework (SPF) is an email authentication method that combats spam. Receiving mail servers check the domain's SPF record to verify whether the sender's IP address is authorized. Authorized addresses are accepted; unauthorized addresses are rejected as forgeries.

To add an SPF record, see Bounce message: spf check failed.

DKIM

DomainKeys Identified Mail (DKIM) is an email authentication method that detects forged and tampered emails. Senders attach a digital signature to prove the email originated from the claimed domain and was not altered in transit.

To add a DKIM record, see What is DKIM and how do I add it?

DMARC

Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication protocol that prevents domain spoofing and provides reports on spoofing attempts.

To set up a DMARC record, see What is DMARC and how do I set it up?