Kicking off February 2024, Yahoo and Google have put in place sender regulations which will require the following for senders who send bulk emails to these accounts: Authenticate outgoing email, avoid sending unwanted or unsolicited email, and make it easy for recipients to unsubscribe. You must ensure you meet these requirements in order to avoid a negative impact to the delivery of your mail.
The Requirements:
- Set up SPF or DKIM email authentication for your domain.
- Ensure that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records.
- Use a TLS connection for transmitting email.
- Keep spam rates reported in Postmaster Tools below 0.10% and avoid ever reaching a spam rate of 0.30% or higher.
- Format messages according to the Internet Message Format standard (RFC 5322).
- Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC “quarantine” enforcement policy, and impersonating Gmail From: headers might impact your email delivery.
- If you regularly forward email, including using mailing lists or inbound gateways, add ARC headers to outgoing email. ARC headers indicate the message was forwarded and identify you as the forwarder. Mailing list senders should also add a List-id: header, which specifies the mailing list, to outgoing messages.
If you send more than 5000 emails per day:
- Set up DMARC email authentication for your sending domain. Your DMARC enforcement policy can be set to “none”.
- For direct mail, the domain in the sender's From: header must be aligned with either the SPF domain or the DKIM domain. This is required to pass DMARC alignment.
- Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body
If you would like to read the requirements directly:
What You Need To Do
If you send emails from any Spotler Group product, note that we already handle most of these requirements for you. The only ones that you need to do are the items bolded and underlined in the list above. These are, setup DMARC authentication on your domain. Create a Google Postmaster Tools account and monitor your spam rate. Finally for marketing and subscribed messages, include a clearly visible unsubscribe link.
The unsubscribe link is self-explanatory, but we will now dive into explaining more about the other two.
DMARC
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It is a DNS TXT record that lives on the visible From address that you use to send your campaigns.
There are several different tools you can use to check whether you have a DMARC record set up, two popular ones are:
Whether you have a DMARC record, and whether it is doing what it needs to do are not exactly the same question, but in practice if you have a DMARC record it will be effective.
If you don’t already have a DMARC record, here’s what you need to know.
DMARC has 3 policy levels, which you should move through one at a time:
- P=None (minimum requirement)
- P=Quarantine
- P=Reject (best)
“P=none” means no further action is required automatically. “P=reject” means you are confident all emails sent using your domain passes authentication, and an email which fails DMARC checking should be deleted. “P=Quarantine” is in the middle; the mailbox provider should quarantine the email so the recipient could still get to it.
DMARC DNS records can also use a reporting address (rua and ruf) for where mailbox providers should send reports about your DMARC authentication.
An example DMARC record for a staged rollout with reporting would look something like:
- v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com; ruf=mailto:dmarc@yourdomain.com
- v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com; ruf=mailto:dmarc@yourdomain.com
- v=DMARC1; p=reject; rua=mailto:dmarc@yourdomain.com; ruf=mailto:dmarc@yourdomain.com
- (optional) v=DMARC1; p=reject;
Getting all this set up is complicated and should be the responsibility of your DNS administrator.
Google Postmaster Tools (GPT)
This is a set of tools that show you various metrics for your delivery to Google. The 2 best graphs to pay attention to are “User-Reported Spam”, where’ you’ll see how close you are to the target of <0.3%, and “Domain reputation”. Domain reputation is mostly for B2C senders at this point, as it measures how you perform when sending to @gmail, and @googlemail, but not GSuite (Google’s business accounts). However, there is a belief among deliverability experts that this will be expanded, so it’s worth familiarizing yourself with the tool now and benchmarking your current performance.
Our Recommended Next Steps
Ensure Opt-Ins - Ensure you are emailing people who want to hear from you
Test Subscribed Contacts - Periodically send messages to ensure subscribed contacts are engaging
Avoid Spam Content - Links and attachments should be visible and easy to understand. Don’t encourage contacts clicking on links they don’t understand
Unsubscribe Contacts - Consider manually unsubscribing contacts who aren’t interacting
Readability - Keep spam score down with clear and engaging subject lines, and avoiding misleading text
At Spotler, we have done most of the work for you in preparation of this but should you require further assistance please get in touch with your Account Manager via email or contact our Support team by logging a ticket to support@spotler.co.uk