update two: this is what’s worked for us (so far…anyway)
-
create DKIM 1024 in google workspace (under apps, workspace, gmail, authenticate email)
-
in google domains, delete DNS records just under the google workspace header (mx, spf x 2, dkim) (the only option for us was to delete–when we clicked on manage, it just went to the email tab)
-
still in google domains, create a new DKIM record using the info from that DKIM 1024 you just created in google workspace
-
go back to google workspace where you created the DKIM and click on start authentication…they say it may take 24-48 hours but was pretty quick for us…after a about 20 minutes and refreshing page, the status changed to “email authenticating”
-
return to google domains and create new MX record – below is what google domains gave us:
-
Host name: leave it blank
-
Type: MX
-
TTL: 3600
-
Data: 1 aspmx.l.google.com
-
Click “Add more to this record” four times and add these values under Data:- 5 alt1.aspmx.l.google.com
-
10 alt4.aspmx.l.google.com
Click Save.
If there’s a prompt, click “Yes, replace records.” -
then create your SPF as txt (we have other providers beside google and shopify but for just those two, we used
“v=spf1 include:_spf.google.com include:shops.shopify.com ~all” -
then add your DMARC
If anybody from shopify is out there and any of this is incorrect, would be great if you’d chime in…
We sympathize with everybody having a heck of a time dealing with this given shopify’s extremely lacking DMARC support.