MailerLite sends your newsletters on shared infrastructure until you authenticate your domain — and the DKIM record it needs differs depending on whether you're on the new MailerLite or Classic.
MailerLite authenticates a sending domain with an SPF include of _spf.mlsend.com and a DKIM record whose host depends on your version: the new MailerLite adds a CNAME at litesrv._domainkey pointing to litesrv._domainkey.mlsend.com, while MailerLite Classic used a TXT record at ml._domainkey. Add whichever your account shows, then let DMARC align to your From domain. Source: mailerlite.com/help · verified 2026-07-15
p=none and a rua address, watch reports for a week, confirm this sender shows 100% pass.No. Adding SPF includes and DKIM records only adds authentication — it never blocks existing mail. The only risky step is tightening your DMARC policy, and that comes later, after reports confirm everything passes.
Send yourself a test email and inspect the headers for spf=pass, dkim=pass and dmarc=pass — or just watch your DMARCKeeper dashboard: the sender's pass rate should hit 100% within a day or two.
Yes. SPF and DKIM authenticate mail; DMARC is what tells receivers to BLOCK mail that fails, and it's the piece Gmail, Yahoo and Outlook now check for explicitly.