Mailchimp domain SPF authentication

Question

We need to authenticate our domain with Mailchimp, and get the below shown window when going to Website > Domains > Email Domains > Authenticate.

I wonder whether anyone has some idea here: This doesn't seem to be SPF authentication. Is there no such thing for Mailchimp? I cannot find anything in Mailchimp's docs, but I thought that an SPF record would be essential? Thank you.

Answer 1

@user1154435, SPF record is essential if you send email from your own mail system (e.g. corporate mail server)

SPF validates domain in return-path/bounce address which, in case of most ESPs, is their own email, so that they could handle bounces.

In order to pass DMARC validation check of emails, sent from your domain, you need either SPF or DKIM to pass the check, and Mailchimp, like many other ESPs, give you an option to configure DKIM signing / validation

Answer 2

Indeed this is not SPF; it's called delegation or, less charitably, cloaking. What happens is that you point a hostname in your domain at theirs, and then they are free to create SPF and DKIM records in their own DNS. This is done so that they are in control of the records rather than you, since getting end users to do DNS updates is often very difficult. It also means that the SMTP envelope sender of messages needs to use that same hostname so that the SPF and DKIM records match up.

While it's very convenient for them, this approach has become unpopular lately because it hides the involvement of a third party (hence the cloaking name) in the processing of personal data. OTOH they don't make any attempt to be GDPR compliant in other areas, so it's clearly not something that worries them, though it should worry you if you have any EU-based subscribers!