To send emails using Mailgun and MailChimp so that it comes from your domain, an DNS TXT Record needs to be added:
Mailgun advises using a subdomain (I do not know why) and the record looks like this:
host: mg
value: v=spf1 include:mailgun.org ~all
Thus I understand it sends email from the mg.expertbox.com domain
Mailchip assumes the root domain is used to send and requires the following (no option to specify subdomain):
host: expertbox.com
value: v=spf1 include:servers.mcsv.net ?all
So this assumes sending from the root domain.
The Mailgun DNS record has been happily working and I do not want to break it, but I cannot add a seperate subdomain record on the DNS manager in my GoDaddy account where the domain is hosted. Adding any other TXT with value v=spf1 creates an error that duplicates are not allowed.
From my research on the topic, it seems I can use the value: v=spf1 include:mailgun.org include:servers.mcsv.net ?all
, however that assumes both accounts are sending from the root.
How do I solve this conundrum? Why does Mailgun advise using a subdomain, while MailChimp forces using the root? Will MailGun work if I just change the value and keep the host name 'mg'?
You should be able to use the same subdomain in MailChimp that you use in Mailgun. I think it's just that the MailChimp documentation specifies a root domain. I don't think that means you can't use a subdomain, it's just that it uses a root domain as an example in the documentation. You can verify a subdomain for MailChimp as long as you have a working email address at that subdomain. Try it.
As for your SPF record, keep in mind that the ?ALL
authorization type is "neutral" so is of little value. Use the softfail: ~ALL
. Here's a complete list:
• -ALL - Fail unauthorized email (useful)
• ~ALL - Softfail unauthorized email (useful)
• ?ALL - Neutral regarding how email's handled (not typically useful)
• +ALL - Pass all email authorized or unauthorized (not useful)
So assuming that MailChimp and Mailgun are the two services you're authorizing to send outgoing mail for the subdomain in question, here's your SPF record:
host: mg
value: v=spf1 include:mailgun.org include:servers.mcsv.net ~all
You will still need an SPF record for your root domain as well that includes any service you want to authorize to send outgoing email on your behalf. Your mx record indicates Godaddy. If you send outgoing email with Godaddy then you'd want to include: spf.secureserver.net
in the root domain's SPF record, though I'd double check Goddaddy's docs to make sure it's not changed very recently. By the way, the reason I recommend the ~ALL
rather than the more strict -ALL
is that it's easy to forget to add something you use for outgoing email and it's easy to forget to change the SPF when changing to another service for email.
Then, after you have the SPF record for both mg
and your root domain, validate both using a tool such as the SPF Survey.