IMPORTANT: Google & Yahoo New Email Requirements
In October 2023, Google and Yahoo announced new requirements for bulk senders, or, as Google defines, anyone who sends more than 5,000 emails per day. These changes impact customers of any email service provider—not just Mailchimp customers, and will go into effect in February 2024. While these changes will require you to take a few new steps, enacting these measures can help improve your deliverability by building your credibility as an authenticated email sender.
These new requirements primarily impact two groups of email senders:
- Large senders, or anyone who sends to more than 5,000 Gmail or Yahoo email addresses on any single day.
- Anyone who uses a Gmail email address as their “From” email address when sending emails through any email service provider, regardless of sending volume or the email domains of their recipients.
You can read Google’s and Yahoo’s announcements for the full details, but here is a quick summary of the new requirements:
- Senders will need to have the right authentication for the email domain they’re sending from
In particular, senders will need to have SPF, DMARC, and DKIM set up correctly. SPF is already set up on all of our sending IP domain names, so there’s nothing you’ll need to do to set that up. DMARC stands for Domain-based Message Authentication, Reporting & Conformance. It’s a way for you to show that emails sent from your domain are legitimate, and tell receiving inbox providers what to do with an email that isn’t legitimate. This protects both senders and recipients from activities like phishing, spamming, and spoofing. DMARC uses DomainKeys Identified Mail (DKIM)—a method of email authentication that helps identify that the email you sent is really from you—to evaluate the authenticity of email messages. When both DMARC and DKIM are set up correctly, someone can send an email via an email service provider—i.e Constant Contact, Mailchimp—and Gmail and Yahoo will see that your domain records have approved Mailchimp as a service that can send emails that display as coming from your domain. Gmail and Yahoo will then allow your emails to go to Gmail and Yahoo email addresses.
- Senders must include a one-click unsubscribe link in your email.
- All bulk emails must have an unsubscribe method in place that allows recipients to unsubscribe in one click, as well as an unsubscribe link in the body of the email and header of the email. All bulk email senders are required to honor unsubscribe requests within two days.
- Senders’ spam rates will need to fall below a certain threshold.
Google and Yahoo will begin enforcing a spam rate threshold that senders must stay under to ensure Gmail and Yahoo recipients aren’t being sent spam.
It is important to reiterate that these changes impact all email service providers. If you want to use an email service provider to send out newsletters and marketing automation, we strongly encourage you to use a custom domain and make sure it is properly authenticated.
What You Can Do
If you’re a customer who will need to make adjustments based on these new requirements, we’ll email you with specific guidance on how to navigate these changes based on your unique sender setup. If you want to set up everything yourself, here are the steps you’ll need to take:
Acquire or Set Up a Custom Domain
Starting in February of 2024, Gmail will begin using DMARC to protect their domain from unauthorized use. Gmail doesn’t allow for users to set up authentication for their individual address—this is because DMARC applies to the entire @gmail.com domain. When you send an email from any service other than Gmail itself using a @gmail.com domain, Gmail will tell recipient inboxes that Gmail didn’t send the email and therefore they should reject the email.
It is likely that more services could adopt the same requirements as Google and Yahoo in the future and impact email senders who are using other freemail domain services. For this reason, we strongly encourage you to set up a custom domain. You can learn more about what those are and why they’re important for your brand here.
We recommend that you find a domain through a registrar that is accredited with the Internet Corporation for Assigned Names and Numbers (ICANN) and provides email hosting, like Godaddy or Domain.com. View ICANN’s full list of accredited registrars here.
Once you have a custom domain, or if you already have a custom domain, you’ll need to set up DMARC and DKIM.
Set up DMARC
You can set up DMARC authentication for your sending domain in your DNS provider yourself, and you can take care of it at any time.
Your DMARC enforcement policy can be set to none, and Google has some specific guidelines to set your brand up for success.
Set up DKIM
We’ve set up in-app guidance and instructions on the Domains page of your account. Additionally, this help resource explains the process in detail: How to set up email domain authentication
Once you complete all of the steps outlined above, you’ll then meet the new authentication requirements for Google and Yahoo.
If you need help authenticating your domain, or if you have any questions about improving your email campaigns, feel free to reach out at: [email protected]
Leave a reply