Starting in February 2024, Google and Yahoo will introduce new email rules to mitigate direct spam towards mailboxes such as @gmail.com, workplace and school mailboxes on Workspace, @googlemail.com, @yahoo.it, and @yahoo.com.
For Google, the new rules will involve all senders, with particularly strict requirements for those exceeding 5,000 emails per day. Yahoo will follow similar guidelines without specifying volume limits.
Gmail and Yahoo! are fortifying their defences against spammers and bad actors in the relentless battle to protect users’ inboxes. Marcel Becker, Sr Director of Product Management at Yahoo!, emphasizes the mission to deliver wanted messages while filtering out unwanted ones.
Enforcing Best Practices: A Deeper Dive
As both providers gear up for stricter measures by February 2024, let’s dissect the intricacies of the requirements and understand what compliance entails.
The Known Best Practices Turned Requirements
The good news? The listed requirements are not new; they’ve long been recognized as best practices in the email domain, as highlighted by M3AAWG’s Best Common Practices. Gmail and Yahoo! are now crystallising these practices into enforceable requirements.
- Set up SPF and DKIM email authentication for your domain.
What it means: These foundational email authentication methods, SPF and DKIM, secure your sending domain. If you still need to set them up, follow the domain authentication process. - Keep spam rates reported in Postmaster Tools below 0.3%.
What it means: Maintain spam complaint rates below 0.3% in Google Postmaster. Sign up for Postmaster Tools to monitor and improve your complaint rates. - Avoid mimicking Gmail From: headers.
Refrain from imitating a Gmail From: header. In essence, steer clear of sending emails from addresses like “example@gmail.com“. - Set up DMARC email authentication for your sending domain.
What it means: DMARC builds on SPF and DKIM, communicating policies to mailbox providers. If you lack a DMARC record, add one to your DNS. Learn more about DMARC - Ensure Consistency in Your “From:” Header and Sending Domain
For bulk senders, having a dedicated sending domain is now a necessity; shared domains are no longer permissible. It is crucial that the domain visible in the “From:” header, the friendly identifier seen by your subscribers, aligns seamlessly with your dedicated sending domain. This alignment is essential for compliance with DMARC standards and applies to both marketing and transactional emails.
Simply put, the “setting authentication disabled” is not suitable for those who send over 5000 emails per day. Additionally, it’s imperative to utilize your own authenticated domain. - Streamline the unsubscribe process.
Incorporate an unsubscribe link in the message body, even if it doesn’t require just one click. A seamless unsubscribe experience is crucial. Difficulty in unsubscribing may prompt recipients to label your emails as spam, jeopardizing your deliverability reputation.
Technical Assistance for Compliance
If the list feels overwhelming, our Professional Services team stands ready to assist. Contact us to navigate domain authentication, alignment, DMARC, and complaint levels, ensuring readiness well before the February 2024 deadline.
In the evolving landscape of email security, adapting to these requirements isn’t just compliance—it’s an investment in a more secure and enriched inbox experience for all.