Fix the ‘This mail has been blocked because the sender is unauthenticated. Gmail requires all senders to authenticate with either SPF or DKIM’ error

The ‘This mail has been blocked because the sender is unauthenticated. 550-5.7.26 Gmail requires all senders to authenticate with either SPF or DKIM.’ is an email error generated by Google when sending email to Gmail based email addresses.

Here is an example of what the error looks like:

If you receive this error message from Google after sending to a Gmail email address, you need to enable SPF and DKIM on the DNS zone for your domain name to clear it.

Depending on your nameserver and email service setup, different action steps are required. Please see below for each applicable scenario and the required steps.

SPF (Sender Policy Framework)

SPF (Sender Policy Framework): An email authentication system that uses DNS to check if a mail server is authorized to send emails from your domain name.

Scenario A Your domain name is using the Skystra Nameservers and Skystra MX records: This means your nameservers and email service operate through the Skystra hosting platform.

Action Required? No. Domain names connected to your hosting control panel, pointed to our network via Skystra Nameservers, and using our MX records will automatically have SPF enabled. No action is required.


Scenario BYour domain name is using External Nameservers and Skystra MX records: This means your nameservers are external and your email service operates through the Skystra hosting platform.

Action Required? Yes. Go to this guide: Manage SPF record and complete all of the steps under this section:
SPF Authentication for domain names using external nameservers with Skystra-hosted email


Scenario CYour domain name uses Skystra Nameservers but External MX records: This means your nameservers are internal but your email service operates through an external email service provider.

Action Required? Yes. Go to this guide: Manage SPF record and complete all of the steps under this section:
SPF Authentication for domain names using internal nameservers and an external email service provider

DKIM (DomainKeys Identified Mail)

DKIM (DomainKeys Identified Mail): A system to authenticate your email, ensuring it genuinely came from your domain and that email truly originates from you.

Scenario A Your domain name is using the Skystra Nameservers and Skystra MX records: This means your nameservers and email service operate through the Skystra hosting platform.

Action Required? No. Domain names connected to your hosting control panel, pointed to our network via Skystra Nameservers, and using our MX records will automatically have DKIM enabled. No action is required.


Scenario BYour domain name is using External Nameservers and Skystra MX records: This means your nameservers are external and your email service operates through the Skystra hosting platform.

Action Required? Yes. Go to this guide: Manage DKIM record and complete all of the steps under this section:
DKIM Authentication for domain names using external nameservers with Skystra-hosted email


Scenario CYour domain name uses Skystra Nameservers but External MX records: This means your nameservers are internal but your email service operates through an external email service provider.

Action Required? Yes. Go to this guide: Manage DKIM record and complete all of the steps under this section:
DKIM Authentication for domain names using internal nameservers and an external email service provider