Using a Gmail alias with a custom domain (e.g., xxx@gading.dev) allows you to send professional-looking emails through Gmail while maintaining your brand identity. However, without proper SPF and DMARC configuration, your emails might get rejected or flagged as spoofed by recipient servers such as Gmail or Outlook.

This guide walks you through how to set up a Gmail alias, generate an App Password, configure DNS records for SPF and DMARC, and test everything to ensure reliable email delivery.

Alias email flow diagram

1. Prerequisites

RequirementDescription
A Gmail Account
Requirement: A Gmail Account
Description: A personal Google account (not Google Workspace).
A Gmail AccountA personal Google account (not Google Workspace).
A custom domain & DNS access
Requirement: A custom domain & DNS access
Description: e.g., gading.dev, with access to manage its DNS settings.
A custom domain & DNS accesse.g., gading.dev, with access to manage its DNS settings.
Email forwarding set up
Requirement: Email forwarding set up
Description: e.g., xxx@gading.dev → youraccount@gmail.com, and verified working.
Email forwarding set upe.g., xxx@gading.dev → youraccount@gmail.com, and verified working.
2-Step Verification enabled
Requirement: 2-Step Verification enabled
Description: Required to generate a Gmail App Password.
2-Step Verification enabledRequired to generate a Gmail App Password.

2. Gmail Configuration

2.1 Generate an App Password

  1. Visit Google App Passwords.
  2. Select MailOther (Custom name) → name it (e.g., “Gmail Alias SMTP”) → click Generate.
  3. Copy the 16-digit App Password that appears. You’ll use it shortly.

App Password UI

2.2 Add Your Alias in Gmail

  1. Open Gmail → ⚙ → See all settingsAccounts and Import tab.

  2. Under Send mail as, click Add another email address.

  3. Enter the following:

    • Name: The sender name you want to display.
    • Email address: xxx@gading.dev
    • Check Treat as an alias, then click Next Step.

  4. On the SMTP configuration screen, enter:

    FieldValue
    SMTP Server
    Field: SMTP Server
    Value: smtp.gmail.com
    SMTP Serversmtp.gmail.com
    Port
    Field: Port
    Value: 587 (TLS)
    Port587 (TLS)
    Username
    Field: Username
    Value: Your primary Gmail address (youraccount@gmail.com)
    UsernameYour primary Gmail address (youraccount@gmail.com)
    Password
    Field: Password
    Value: The 16-digit App Password you just created
    PasswordThe 16-digit App Password you just created
    Connection
    Field: Connection
    Value: TLS (recommended)
    ConnectionTLS (recommended)

  5. Click Add Account. Gmail will send a verification code to your alias. Since forwarding is enabled, the code will arrive in your Gmail inbox. Enter the code to complete verification.

3. Add SPF and DMARC DNS Records

To allow Gmail to send emails on behalf of your domain, and to pass authentication checks (especially DMARC), you need to set up SPF and DMARC records in your domain’s DNS settings. This can be done via your domain registrar or DNS provider (e.g., Cloudflare, Namecheap, GoDaddy, etc).

3.1 Add SPF Record

  1. Go to your domain’s DNS management page.

  2. Add a new TXT record:

    • Host/Name: @
    • Value: 
      v=spf1 include:_spf.google.com ~all

  3. Save the record.

⚠️ Note: Only one SPF record is allowed per domain. If one already exists, merge the values instead of creating a new one.

3.2 Add DMARC Record

  1. Add another TXT record:

    • Host/Name: _dmarc
    • Value: 
      v=DMARC1; p=none; rua=mailto:postmaster@gading.dev; aspf=r; adkim=r

  2. Save the record.

p=none instructs mail servers to only monitor failed authentication, without rejecting messages. Once you verify proper setup, you may change it to quarantine or reject.

Example DNS record UI

4. Testing & Verification

  1. Wait 15–30 minutes for DNS propagation.

  2. In Gmail, compose a new message and select xxx@gading.dev as the From address.

  3. Send the message to a different email provider (e.g., another Gmail or Outlook account).

  4. Open the received email, click More → Show original, and verify:

    • SPF: PASS
    • DKIM: PASS (signed by gmail.com)
    • DMARC: PASS or aligned with p=none

  5. Use tools like MXToolbox, Google Admin Toolbox, or Mail-tester.com for deeper validation and header analysis.

Selecting an alias mailing

5. Optional Hardening & Monitoring

OptionBenefit
Set DMARC to quarantine or reject
Option: Set DMARC to quarantine or reject
Benefit: Prevent spoofed emails from passing validation.
Set DMARC to quarantine or rejectPrevent spoofed emails from passing validation.
Use a third-party SMTP provider
Option: Use a third-party SMTP provider
Benefit: e.g., SendGrid, Brevo – ensures full DKIM alignment with your domain.
Use a third-party SMTP providere.g., SendGrid, Brevo – ensures full DKIM alignment with your domain.
Use Google Postmaster Tools
Option: Use Google Postmaster Tools
Benefit: Monitor domain reputation and DMARC reports over time.
Use Google Postmaster ToolsMonitor domain reputation and DMARC reports over time.

Conclusion

By correctly adding a Gmail alias, generating an App Password, and setting SPF and DMARC records in your domain’s DNS, you can send emails as xxx@gading.dev directly from Gmail—securely and reliably. Always monitor your email deliverability and update your policies accordingly.

Success email result

Happy emailing!

Share

Support Me

GitHub SponsorsKo-fiTrakteerKaryakarsa