6 min read

New Requirements for Email Senders by Google and Yahoo 2024

Written by Natalia Guivan
6 min read
Table of Contents

    Keeping email deliverability high is task No.1 for email marketers who launch email campaigns. Recently, both Google and Yahoo have decided to make it more challenging for businesses by announcing significant changes to their email sender guidelines. 

    Beginning on February 1, 2024, if you don’t comply with Gmail’s and Yahoo’s new requirements for email marketing, your emails might not show up in inboxes. There will be new rules on spam prevention and email authentication implemented. This implies that the standard for sending emails may rise, which could have a significant effect on your email deliverability. What does this change mean for your business? In this article, we’ll look into the implications for your email efforts, and more significantly, into steps you need to take to ensure that you comply with the new email law. 

    Why Google and Yahoo change email authentication requirements

    Although Google and Yahoo are always trying to shield their users from unscrupulous people, it can be difficult to stop every threat when senders don’t adequately safeguard their systems. Because of this, Gmail and Yahoo have concluded that adequate authentification and further account protection are now required in 2024.

    These are not new rules that they’re implementing, but Yahoo and Gmail are going to start enforcing certain security policies to ensure that they keep email spammers out of their inboxes. Let’s explore these major changes in more detail. 

    What are the new Google and Yahoo’s authentication requirements?

    Since Yahoo and Google are prevalent when it comes to email services, businesses must know and comply with the rules of these services if they want to use them effectively. The implementation of these new requirements starts on February 1, 2024.

    Both Gmail and Yahoo are focused on areas that are designed to help reduce the amount of spam in their customer’s inboxes. Those include using a custom domain, authenticating emails correctly, keeping spam complaints below 0.3%, ensuring an easy one-click unsubscribe process, and some others. All of these changes have long been best practices for email deliverability but now they’re becoming an actual requirement. So if you haven’t been using them before, now it’s really time to hop on this train.  

    Overall, the most significant rules are the following.

    • All domains are required to have DKIM, SPF, and DMARC authentification.
    • Your “From:” Email must match your domain.
    • Marketing emails have to include a one-click unsubscribe link.
    • Marketing emails must include an unsubscribe link in the message itself (but this link doesn’t need to be one step).
    • Your spam rate for Gmail or Yahoo addresses must be under 0.3%. 
    • RFC 5322 compliance, PTR records, DNS.

    You can find the full list of updated requirements on the official Google support page about Email sender guidelines.

    Custom domain

    Key requirement: Make sure you’re sending from a verified domain, meaning a domain that’s actually been verified by you claiming your ownership of that domain.

    Start by using your unique domain to send emails. By “custom domain” we mean an email address that ends with your custom name, which you or your company controls, instead of @yahoo.com or gmail.com. Utilizing free domains has never been an effective strategy for email marketing. This lessens the impression that the recipient will have of your brand and increases the possibility that your email will be disregarded entirely or land in the spam folder. Thus, now is the ideal time to buy a custom domain if you don’t already have one. 

    If you use Klaviyo, you can easily create your custom sending domain, sometimes called a branded sending domain, so that emails look to originate from your brand rather than Klaviyo.

    SPF, DKIM, and DMARK authentication

    Key requirement: Install three additional security records: a DKIM, an SPF, and a DMARC (control the security inside of the inbox).

    Make sure your emails are authentic via DMARC, DKIM, and SPF. You must have a valid DMARC record with a policy of at least p=none to comply with the new Yahoo and Google requirements. Use this rule to demonstrate that your emails are, in fact, coming from your company. 

    Your domain can be used to sign emails, just like a physical signature on a letter, if you enable DKIM domain authentication. You also have to verify that the email address you’re using to send emails either corresponds to or is a subdomain of the domain you used for DKIM or SPF authentication.

    These are the technologies that will keep your emails secure and reliable. They aid in the prevention of spam, phishing attacks, and other similar destructive acts that might harm the reputation of your brand and the receivers’ faith in your emails.

    With Klaviyo, you can easily handle configuring SPF and DKIM email authentication for your domain. This is what a correctly set up email authentication looks like in the header metadata of your email.

    Spam rates below 0.3%

    Key requirement: Keep spam complaints below 0.3%.

    Although minimizing spam complaints has always been an excellent practice, staying on top of it is now more crucial than ever. Google and Yahoo’s new guidelines set a high bar for spam rates which should be ideally less than 0.1% but acceptable below 0.3%. Many marketers worry about their deliverability since now 3 spam complaints out of 1,000 sent emails will be enough to send their campaign effort down the drain. However, these rates are rather reachable with the right strategy and close attention. 

    To stay within the set spam rate limitation only send emails to individuals who have expressed a desire to receive them i.e. engaging subscribers. A high volume of spam complaints is a clear indication that something might be wrong. The wrong people may be subscribing to your list as a result of a flawed subscription process. Alternatively, it’s possible that your subscribers are disliking the content you’re sending them or that they haven’t heard from you in a while, in which case they may have forgotten who you are. Anyway, you must closely monitor your spam complaints and ensure that the likelihood of receiving them is as low as possible. 

    The reporting dashboard on your email marketing platform, for example, Klaviyo, is where you can monitor the situation with spam rates. It’s also worthwhile to review your unsubscribe reports in addition to keeping an eye on your spam complaints. 

    One-click unsubscribe

    Key requirement: Messages must have an obvious unsubscribe link in the message body and allow one-click unsubscribing.

    Make it easy to unsubscribe. Keeping your contacts subscribed when they don’t want to be by making unsubscribing challenging is not a good thing. It will not only harm the reputation of your brand but also result in significant spam complaints and deliverability problems. Because of this, the email sender guidelines of Gmail and Yahoo now mandate the inclusion of a one-click unsubscribe feature.

    Every email sent by Klaviyo can have an automatic one-click unsubscribe link added to the header, making it easier for users to comply with this new requirement. Therefore, there is nothing you need to do to comply with Google and Yahoo’s one-click unsubscribe policy for bulk senders. 

    RFC 5322 compliance, DNS records, PTR

    Key requirement: Use standard message formatting. Verify that sending IP addresses or domains have active PTR (forward and reverse DNS) records.

    According to RFC 5322, the Internet Message Format standard, you must ensure that a valid Message ID is included in every message. It also states that a message must contain single-instance message headers just once (Subject, Date, From, and To). 

    You need to have a PTR record for your sending IP address. The sending hostname’s association with the sending IP address is confirmed by PTR records. Every IP address needs to correspond with a PTR record hostname. There needs to be a forward DNS pointing to the sender IP address for the hostname mentioned in the PTR record.

    You also have to establish reverse DNS records pointing to your domain from the IP addresses of your transmitting servers.

    The reason why you need all of these is because mail servers cannot determine whether an incoming email message is spam unless they have a Pointer Record.

    Thankfully, Klaviyo takes care of ensuring that the forward and reverse DNS records for your sending domain and IP are valid, as well as that your message formatting follows the Internet Messaging Format standard.

    Who’s impacted by the Google and Yahoo’s requirements in 2024?

    Google clearly specifies this as those who send more than 5,000 emails per day to their Gmail contacts. So if you match this description, then these rules especially apply to you. However, even if you’re sending fewer, by putting these changes in place, you’ll be ahead of the game and ready for any future requirements from inbox providers. Following these new Google and Yahoo guidelines will only benefit your email deliverability.

    Prepare to meet the new Google and Yahoo requirements for bulk senders

    Here we have a brief guide on how to be prepared for the big rules of Google and Yahoo coming into effect in 2024. These simple steps will help you to avoid your emails from going into spam and improve your deliverability all at once.

    1. Set up a Custom Sending Domain.
    2. Create a DMARC policy and set “P=none”.
    3. Set up SPF or DKIM authentication (we recommend both).
    4. Make sure you have a visible unsubscribe link in every email.
    5. To keep your spam rates below 0.03%, remove unengaged subscribers from your list. 
    6. Register your domain in Google’s Postmaster tool to monitor spam complaint rates if your platform doesn’t provide relevant reports.
    7. Make sure you don’t use Gmail to mass-send emails.
    8. Make sure your emails comply with the Internet Messaging Format standard and your domain has active PTR (forward and reverse DNS) records to ensure that your email won’t end up in the spam box.

    Final thoughts

    Overall, while these new requirements might seem challenging to meet at first, with the correct strategy and professional knowledge it is easily achievable. The Flowium team has the needed expertise so you don’t have to worry. We’ll help you set up all the needed technologies and follow the required procedures for your email campaigns to be able to adhere to Yahoo and Google’s new sender guidelines in 2024. This way your emails to be delivered to the inboxes of your recipients with no problem. Contact us to start collaboration.

    Talk email strategy with an expert
    Request free email marketing audit from our experts!