MailerLite SPF and DKIM setup
The DKIM, SPF, and verification records MailerLite asks for, the one you can publish exactly as written, and the appended-domain trap that breaks the rest.
What you are setting up
MailerLite sends your newsletters and automations. Authenticating your domain publishes a DKIM key under your domain (so MailerLite signs as you and aligns) plus an SPF record and a one-time verification record. Unlike some marketing tools, MailerLite does want an SPF record alongside DKIM. One nice detail: the DKIM record is a fixed value you can publish exactly as written, while the SPF and verification values are specific to your account.
Authenticate your domain
In MailerLite, go to Account settings > Domains and add your domain (enter an address on it). MailerLite shows three records. The DKIM one is the same for every account:
Type: CNAME (DKIM) Host: litesrv._domainkey Value: litesrv._domainkey.mlsend.com Type: TXT (SPF) Host: @ Value: (copy the exact SPF value MailerLite shows you) Type: TXT (domain verification) Host: @ Value: (the one-time verification token MailerLite shows you)
Publish all three, then click Check DNS Records. Note the DKIM selector is litesrv (not ml), and the value points at MailerLite's mlsend.com sending domain. Copy the SPF value from your console rather than typing it from memory, and if you already have an SPF record, merge MailerLite's include into it instead of adding a second one. Our SPF builder handles the merge. MailerLite can also write these records for you automatically on supported DNS hosts.
If you are on the older “Classic” MailerLite, the screens differ; the steps above are for current MailerLite.
Add DMARC
Standard _dmarc TXT record. MailerLite recommends starting in monitor-only mode:
Type: TXT Host: _dmarc Value: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
Build it with our DMARC builder and progress past p=none carefully once your reports are clean.
The MailerLite gotcha
The number-one break is the DNS host appending your domainto the record. MailerLite's own advice: do not add your domain to the end of the host field (most providers do it for you), and to stop the CNAME value from getting your domain appended, add a trailing dot, litesrv._domainkey.mlsend.com. Two more it documents: SPF is case-sensitive, so copy it exactly, and you can only have one SPF record, so merge rather than duplicate.
Confirm it worked
- Check the records. Our DKIM checker confirms the
litesrvCNAME resolves, and a free DMARC audit confirms SPF and DMARC parse. - Send a test and read the headers. Send yourself a campaign, open the original, and confirm the DKIM signature shows
d=yourdomain.comanddmarc=pass. Our header analyzer makes it readable. - Watch the reports. MailerLite should appear as an aligned, passing source in your DMARC aggregate reports, labeled as a known sender in trustyourinbox.
Connect your DNS once and we publish the MailerLite records above in a single click, with a five-minute window to undo. Then we keep watching this sender in your DMARC reports and tell you the moment MailerLite mail starts failing, so a typo in a record never quietly costs you the inbox.
Keep reading
Run a free DMARC audit
Paste your domain and see your published SPF, DKIM, and DMARC in plain English.
DMARC alignment, in plain English
Why the litesrv DKIM CNAME aligns your MailerLite mail to your domain.
SPF record builder
Merge the MailerLite SPF value into one record without busting the 10-lookup limit.
Mailchimp SPF and DKIM setup
Another marketing ESP with CNAME-based DKIM authentication.
Last verified 2026-06-22.
Free for one domain. Set up in five minutes. We parse the reports; you read plain-English summaries.