In February 2024, Gmail and Yahoo implemented new requirements for bulk senders. A bulk sender is any organization that sends 5,000 or more emails on any given day to Gmail or Yahoo email addresses. Once an organization’s domain has been flagged as a bulk sender, it is forever considered a bulk sender.
The new requirements are intended to improve user protections and the user experience for those receiving emails to their Gmail and Yahoo accounts. While these requirements particularly apply to bulk senders, following them can be beneficial for the credibility and deliverability of all senders.
The new requirements are:
- Email authentication
- Easy unsubscribe options that are processed within two days
- Spam threshold of 0.3%
The implications of these new requirements are outlined below for all partners:
- Ensure SPF and DKIM authentication is enabled for your domain. These policies are most likely already active if you have verified an email domain and send email via the platform. The best way to verify that these authentication mechanisms are enabled is to trace an email with the full header. Depending on the provider you use to receive emails, look for the message source, full headers, or raw message. Copy the header and analyze it using Google Admin Toolbox Messageheader. If authentication is configured correctly, you should see a flag denoting a “pass” for the policy. If you are unsure of how to check for SPF and DKIM authentication, reach out to your network administrator or reach out to Support.
- Honor unsubscribes and maintain the integrity and hygiene of mailing lists to keep your spam rates below 0.1%.
- In order to build a segment or list in Community Builder for email outreach, you'll likely want to filter to include Email Address> Usability is either Usable or Unknown. Email addresses are by default "unknown" until they are used in an email campaign or unless the email addresses were specified when importing as "usable." You will also want to exclude profiles where Email Address>Contact Consent is "Optout" to honor any Opt-Outs collected in an email campaign.
- Avoid ever reaching a spam rate of 0.3% or higher. You can view the rate of spam complaints for each email campaign directly in Organizer. To track spam rates and view detailed information about spam reports at the mailbox provider level, you can use various tools such as Gmail's Postmaster Tools and Yahoo's Complaint Feedback Loop. Note that these tools will require you to add records to your DNS.
The implications of these new requirements are outlined below for our partners who are bulk senders:
- Authentication: There are three mechanisms Gmail and Yahoo will use to authenticate senders. One mechanism, DKIM, is provided via the email delivery platform (SparkPost) we use for sending bulk emails.
- SPF: Since emails are being sent from our email delivery platform, the Sender Policy Framework or SPF policy will come from us for emails sent through the platform. You should not need to make any changes regarding SPF since the email platform we use has a compliant policy.
- DKIM: DomainKeys Identified Mail (DKIM) is established during the email verification process when you add a new sending domain. This will be the text record that is added to the partner’s DNS records. This information is available in the domain settings within the platform. There will be no changes necessary since this is part of the existing domain verification process.
- DMARC: Domain-based Message Authentication, Reporting, and Conformance (DMARC) is built on top of SPF and DKIM. For DMARC to pass, either SPF or DKIM must pass, although this does not guarantee DMARC will pass. When both SPF and DKIM fail validation and alignment, the DMARC policy is activated. This mechanism allows you to create a policy that considers how SPF and DKIM are aligned and indicates what to do with a message that fails an authentication check on the receiving server. You will need to create a DMARC policy in your DNS records. See the example in the following table.
| Message ID | <20204170921.2182.21359143@emailesp.emailmarketer.com> |
| Created at: | Thu, Jan 4, 2024 at 12:03 PM (Delivered after 389 seconds) |
| From: | Marketing <marketer@marketing.com> |
| To: | User <user@murmuration.org> |
| Subject: | Big News: Email |
| SPF: | PASS with IP 192.92.97.227 Learn more |
| DKIM: | 'PASS' with domain marketing.com Learn more |
| DMARC: | 'PASS' Learn more |
Indications that you may not be in compliance:
- Starting in February 2024, you may start receiving temporary errors (with error codes) on a small percentage of your non-compliant email traffic to help identify email traffic that doesn’t meet guidelines so that issues that result in non-compliance can be addressed.
- Starting in April 2024, Gmail will start rejecting a percentage of non-compliant email traffic, and gradually increase the rejection rate. For example, if 75% of your traffic meets requirements, Gmail will start rejecting a percentage of the remaining 25% of traffic that isn’t compliant.
- Your messages might be rejected or delivered to recipients’ spam folders. You can set up Google’s Postmaster Tools to view additional delivery information for Gmail addresses.
The following external articles include more information about these changes:
- Intro to Email Authentication
- Gmail Email Sender Guidelines
- Yahoo Sender Hub Deliverability
- Gmail Announcement
- Yahoo Announcement
- Gmail Defining DMARC Policy
- Gmail Email Sender Guidelines FAQ
- Learn and Test DMARC Console
- Trace an Email with Full Header
- DMARC Standard
- SPF Standard
- DKIM Standard
- Gmail Postmaster Tools