// writing

How to get a free email at your own domain (like hello@yourdomain.com)

Own a domain? Get a free email address on it in about 15 minutes. New mail shows up in your normal Gmail, and you can reply from your new address too. Every step explained in plain words, with copy-paste records.

8 min read EmailDNSHow-to

You bought a domain for your website. Now you’d like an email address on it — like hello@yourdomain.com — instead of using a plain Gmail address. It looks more put-together, whether it’s for a business, a side project, a club, or just you.

The problem: Google charges about $7 a month for this, the “free” options are confusing, and most guides skip the parts that actually matter — so your email ends up in people’s spam folders.

This guide fixes that. The setup is completely free, takes about 15 minutes, and does it the right way so your mail is trusted. Here’s the short version of how it works:

You never check a second inbox. Everything stays in the Gmail you already use.

What you’ll need

A quick word on why not Google or Zoho

Two paths that look free but aren’t, so you don’t waste time:

Forwarding avoids all of that.

First, a plain-English glossary

You’ll add four small settings (“records”) to your domain. Each has a job. Don’t worry about memorizing these — just know roughly what they do:

Record In plain words
MX “Send my domain’s mail to this company.” (Here, that’s forwardemail.)
forward-email “And pass it along to this Gmail address.”
SPF “These are the only servers allowed to send mail as me.” (Stops fakers.)
DMARC “Here’s what to do with suspicious mail pretending to be me.”

Now let’s add them.

Step 1 — Send incoming mail to forwardemail (MX)

Add these two MX records to your domain. Both use priority 0:

Type   Name            Priority   Value
MX     yourdomain.com  0          mx1.forwardemail.net
MX     yourdomain.com  0          mx2.forwardemail.net

This tells the internet: “mail for my domain goes to forwardemail.”

Step 2 — Tell it where to forward (forward-email)

Now add a TXT record that says which address goes to which inbox. The nice part: you don’t even need to make an account with forwardemail — this record is the setup.

To forward a few specific names to your Gmail:

forward-email=hello:you@gmail.com,me:you@gmail.com,contact:you@gmail.com

That means hello@, me@, and contact@ all land in you@gmail.com.

Or, to forward everything at your domain to one inbox (simpler, but you’ll get a bit more spam over time):

forward-email=you@gmail.com

Step 3 — Prove your mail is really from you (SPF)

Add another TXT record. This one lists who’s allowed to send email as your domain, which is what keeps scammers from faking your address:

v=spf1 include:spf.forwardemail.net include:_spf.google.com ~all

⚠️ Watch out #1 — don’t erase your other TXT records. Your domain can have only one SPF line, and many DNS providers (including Route 53) keep all your TXT records together in one place. If you already have a TXT record — for example, a Google site-verification for Search Console — make sure you keep it when you add this. The Route 53 example below shows how.

Step 4 — Set a safety policy (DMARC)

One more TXT record, this time on a name called _dmarc.yourdomain.com. Start it in “just watch, don’t block” mode so nothing real gets caught by mistake:

v=DMARC1; p=none; rua=mailto:hello@yourdomain.com; adkim=r; aspf=r; pct=100

Optional shortcut: add them all at once on AWS (Route 53)

🌐 Not on AWS? Skip this section. The four records above are everything you need — add them in your own DNS provider’s control panel (Cloudflare, Namecheap, GoDaddy, etc.) and jump to Test that mail comes through. This part is just a time-saver for people already using Amazon’s Route 53.

If you are on AWS, one command does the whole thing. First, find your zone ID:

aws route53 list-hosted-zones \
  --query "HostedZones[?Name=='yourdomain.com.'].Id" --output text
# → /hostedzone/ZXXXXXXXXXXXXX

Then run this. Notice the middle block keeps three TXT values together — your existing site-verification, the forwarding rule, and SPF — so nothing gets wiped:

cat > email-dns.json <<'JSON'
{
  "Comment": "forwardemail forwarding + SPF + DMARC",
  "Changes": [
    {
      "Action": "UPSERT",
      "ResourceRecordSet": {
        "Name": "yourdomain.com.",
        "Type": "MX",
        "TTL": 300,
        "ResourceRecords": [
          { "Value": "0 mx1.forwardemail.net" },
          { "Value": "0 mx2.forwardemail.net" }
        ]
      }
    },
    {
      "Action": "UPSERT",
      "ResourceRecordSet": {
        "Name": "yourdomain.com.",
        "Type": "TXT",
        "TTL": 300,
        "ResourceRecords": [
          { "Value": "\"google-site-verification=KEEP_YOUR_EXISTING_VALUE\"" },
          { "Value": "\"forward-email=hello:you@gmail.com,me:you@gmail.com\"" },
          { "Value": "\"v=spf1 include:spf.forwardemail.net include:_spf.google.com ~all\"" }
        ]
      }
    },
    {
      "Action": "UPSERT",
      "ResourceRecordSet": {
        "Name": "_dmarc.yourdomain.com.",
        "Type": "TXT",
        "TTL": 300,
        "ResourceRecords": [
          { "Value": "\"v=DMARC1; p=none; rua=mailto:hello@yourdomain.com; adkim=r; aspf=r; pct=100\"" }
        ]
      }
    }
  ]
}
JSON

aws route53 change-resource-record-sets \
  --hosted-zone-id ZXXXXXXXXXXXXX \
  --change-batch file://email-dns.json

UPSERT just means “add it, or update it if it’s already there,” so it’s safe to run again if you change something.

On any other DNS host: add the same four records by hand — two of them (the forwarding rule and SPF) are separate TXT entries on your main domain, and DMARC is a TXT entry on the _dmarc name. That’s it.

Step 5 — Test that mail comes through

Wait a minute for the settings to spread, then check them:

dig +short MX yourdomain.com
# 0 mx1.forwardemail.net.
# 0 mx2.forwardemail.net.

dig +short TXT yourdomain.com          # your forwarding rule + SPF
dig +short TXT _dmarc.yourdomain.com   # your DMARC policy

Now send an email to hello@yourdomain.com from your phone or another account. In a minute or two, it should show up in your Gmail. That’s the important half done.

Step 6 — Reply from your new address in Gmail

Right now, mail arrives in Gmail but your replies would go out from your old Gmail address. Let’s fix that so you can send as hello@yourdomain.com.

In Gmail: Settings (⚙️) → See all settings → Accounts and Import → “Send mail as” → Add another email address. Type your name and hello@yourdomain.com, then click Next.

⚠️ Watch out #2 — the easy button is gone. Google removed the simple “Send through Gmail” choice for most accounts, so it jumps straight to a settings form — and it fills in mx1.forwardemail.net, which is wrong (that’s for receiving mail). Clear it and use Gmail’s own mail server instead:

Setting What to enter
SMTP Server smtp.gmail.com
Port 587
Username your full Gmail (you@gmail.com) — not the new address
Password a Google App Password (steps below)
Connection TLS

The trick: Gmail logs in as you, but stamps your new address on the “From” line.

Getting a Google App Password

An App Password is a special one-time code Gmail gives you so another app can log in. Here’s how to get one:

1. Turn on 2-Step Verification (if it isn't already):
   myaccount.google.com/signinoptions/two-step-verification

2. Open the App Passwords page directly (the link is hidden in the menus):
   myaccount.google.com/apppasswords

3. Give it a name like "domain mail", click Create,
   and copy the 16-character code it shows.

⚠️ Watch out #3 — App Passwords is hidden. Google took the link out of the menus, so you have to type myaccount.google.com/apppasswords into your browser yourself. And it only shows up after you’ve turned on 2-Step Verification. If it still says “not available,” your account has extra security (Advanced Protection) that blocks it — in that case, skip this step and just reply from your normal Gmail.

Paste that 16-character code into the Password box and finish. Gmail sends a confirmation code to hello@yourdomain.com, which forwards to your inbox — type it in, and you’re set. From now on, when you write an email, you can choose to send it From: hello@yourdomain.com.

Step 7 — Make sure it won’t land in spam

Send a message from your new address to mail-tester.com and aim for a score of 10/10. Or, in any Gmail you send it to, click ⋮ → Show original and check that it says SPF: PASS. That’s your proof the setup is trusted.

The honest downsides of doing it free

Nothing free is perfect. Here’s what you’re giving up, in plain terms:

When it’s worth paying (it’s cheap)

If you later want the “block all fakers” switch turned on, or a real separate inbox, these are the cheapest steps up:

For most people, none of that is needed. Four DNS records and a Gmail setting give you a real email address at your own domain — for free.