No longer just best practice guidelines, Google and Yahoo are now making certain steps mandatory for email sender requirements as of February 2024. If you’re not complying with the new standards, it's likely that you will start seeing issues in your email deliverability and, consequently, results in 2024. Here’s a quick guide for Email Marketers to Google and Yahoo’s new email sender requirements and what you need to do to ensure compliance:
Why are the rules changing?
This groundbreaking announcement in 2023 has caused a real buzz in the email world. It marks a significant turning point in email communication standards from two of the world’s leading email service providers aimed at combating the ever-increasing challenge coming from SPAM and email security.
While many of the new requirements have always been considered best practice, not all senders were implementing them. Failure to properly authenticate emails makes it easier for phishing attacks and impersonators to damage your company’s reputation.
Google and Yahoo aim to protect their users from SPAM and unwanted emails, but if email senders leave themselves vulnerable to exploitation, it makes Google and Yahoo’s job a whole lot harder. This is why the email giants have decided that proper email authentication and enforced deliverability best practices are now must-haves. So, if you want to continue seeing success from your emails, you’ll need to comply with these best practices:
- Authenticate your emails using DKIM, SPF and DMARC
- Maintain a SPAM complaint rate under 0.3%
- Enable users to one-click unsubscribe
- RFC 5322 compliance
- Making sure your sending server IP addresses have valid reverse DNS records
- Use a TLS connection for sending email
Why do the changes matter for email senders?
Google and Yahoo’s new requirements mainly target bulk senders. If you read more about the details, you’ll see that some of the changes apply to high-volume senders sending more than 5,000 emails from the same domain within 24 hours. If you’re a smaller sender or only sending transactional emails, you’re less likely to be affected, but we’d encourage you to do your research. While applicable to larger senders today, these things tend to trickle down the food chain, so it’s possible that they will become a requirement for all senders in the future. Either way, whether your company sends one email a day or a hundred thousand, following deliverability best practices is the best way to keep your database safe and your emails healthy.
A Quick Checklist to Kickstart Your Compliance
To start with, use this handy (and free) tool to check if you already meet Google’s SPF, DKIM and DMARC requirements.
Register your domain for Google Postmaster Tools and Yahoo’s Complain Feedback Loop and keep your spam complaint rates under 0.3%
- Google Postmaster and Yahoo’s Complain Feedback Loop provide essential insights into various email metrics including SPAM rate, domain reputation and feedback results for emails going to Gmail/Yahoo addresses
- These tools will both enable you to keep track of your various metrics and ensure you’re keeping your SPAM complaint rate under control
Understand the domains you use for email sending today and check their authentication status
- A strong sender reputation will enhance your deliverability, reducing the chances that your emails will be marked as SPAM or lost on their way to your customer.
Authenticate your mail with custom DKIM
- Publish a DKIM record in your domain’s DNS settings. There are several steps to setting up your DKIM records and they will vary depending on the email provider and DNS provider.
- Your ‘From:’ header should align with this
Authenticate your mail with custom SPF
- Create a DNS record that lists the IP addresses and domains that can send emails on your behalf, then publish this. Your DNS provider will have specific instructions on how to do this.
- Your ‘From:’ header should align with this
Set up DMARC Record on Your Root Domain
- Go to your domain’s DNS management page
- Create a new TXT record for DMARC
- Set the host to _dmarc.yourdomain.com
- Input the DMARC record value, for example “v=DMARC1; p=none; rua=mailto:your@email.com” where ‘p=none’ is the policy and RUA is the reporting email address
- Save the record and allow time for it to set itself up
Ensure you have a One-Click Unsubscribe link
- You must include a one-click unsubscribe link in the header of your email as well as a clearly visible unsubscribe link in the copy of the email. This may be something your email service provider already supports so it’s worth checking with them.
If you’ve seen a lot of chatter about the changes but you don’t work in the email world at all then you can put it to the back of your mind, although if you’d like to find out more we’ve pulled together a guide to the new requirements from an ‘Email Receivers' perspective too because we like it when people are interested!
If you have any additional questions about these changes, feel free to reach out to us on Twitter, and we can put our brains together to navigate this new world and the impact it might have.