Website Pandas


Google and Yahoo New Email Deliverability Requirements

Table of Contents

Is there a way that your emails always land in your inbox?

With Google and Yahoo imposing new email deliverability rules, reaching your subscribers will become a bit difficult. That said, if you follow the new rules, your email campaigns should skip the spam folder.

We’ll also walk you through the actions you need to take to sustain and improve your inbox reach, from verifying your emails to preventing spam complaints and bounces.

Why Yahoo and Google are Altering Their Policies Around Email Senders?

Google and Yahoo will start imposing new limits on bulk email senders starting February 2024. This guideline covers three main elements:

  • Outgoing authentication of your emails
  • The reported rates of spam
  • Simple unsubscribe options from your email lists

Although it has long been recommended to properly authenticate emails. But not all senders are making use of the tools available to secure their emails. That’s a big issue because senders are making it very simple for malicious actors to pose as domains and send phishing emails, which will harm your reputation in the long haul as a sender.

Yahoo and Gmail try their best to shield users from unsolicited and spam emails. But it becomes much more difficult to do so if senders do not adequately safeguard their systems and leave the door open for exploitation. Gmail and Yahoo agreed that appropriate email authentication and adherence to deliverability best practices are no longer necessary as a result.

Our Take – These Changes are Crucial for Email Senders

Large bulk senders are the main aim of Gmail and Yahoo’s new criteria. Some of these will only apply to high-volume senders that send more than 5,000 emails each day if you dig into their specifics. You won’t be as affected by the changes if you send fewer emails or solely transactional emails, but it doesn’t imply you should disregard them.

In the future, it’s conceivable that requirements that are currently applicable to big senders will apply to all senders. Furthermore, it’s seldom a smart idea to operate in the “barely compliant” zone and hope that the authorities won’t examine you too thoroughly since you’re a little fish. We think this applies not only to filing taxes but also to sending emails.

Therefore, maintaining your subscribers’ security and the health of your email campaigns depends on safeguarding your domains, abstaining from spam, and adhering to deliverability best practices—regardless of the volume of emails you send.

Here’s What Email Marketers and Businesses Should Know

Email marketers from both the business-to-business (B2B) and business-to-consumer (B2C) milieu took notice when Google announced in early October of 2023—that “those who send more than 5,000 messages to Gmail addresses per day” qualified as bulk senders.

What are the New Email Deliverability Guidelines for Gmail?

The email business is about to undergo significant upheaval as Google and Yahoo will start enforcing new regulations on bulk senders starting February 2024.

Sending more than 5,000 emails per day to Yahoo and Google domains requires you to:

  • Use security methods like SPF, DKIM, and DMARC to authenticate emails.
  • One-click list unsubscribing should be implemented, and unsubscribers should be honored within two days.
  • Keep the rate of spam complaints below 0.3% (three reports of spam per 1,000 messages).

Senders using Gmail in bulk will need to give recipients a one-click unsubscribe option. Within two days, all requests to unsubscribe must be handled.

These “tune-up” steps, according to Google, are just standard email hygiene, and a lot of reliable senders already employ them.

In the months preceding the imposing of new rules, Google intends to offer implementation support to those who require it.

Related Article:- How to use DKIM for email in your custom domain?

What are Bulk Senders’ Needs for Email Authentication?

Senders of bulk emails will be obliged by the two corporations to verify their senders using “well-established best practices,” as Google puts it. This will patch security gaps that attackers may exploit.

Three Techniques for Email Authentication

  • By enabling senders to specify the email servers that are authorized to send emails from their domain, the Sender Policy Framework (SPF) aids in the prevention of domain spoofing.
  • By adding a digital signature to outgoing emails, DomainKeys Identified Mail (DKIM) confirms the message was sent by an authorized sender and wasn’t altered in transit.
  • Domain owners can designate what to do in the event that an email fails authentication with the assistance of Domain-based Message Authentication, Reporting, and Conformance (DMARC). Reports on email authentication outcomes are also made possible by it.

Bulk senders must set up all three of these techniques by February 1, 2024, per Google and Yahoo requirements.

The goal of all these guidelines is to make using Gmail or Yahoo email safer and more pleasurable for the typical user. A company is less susceptible to spam and spoofing assaults when it uses email authentication. Users may quickly unsubscribe from an email list with only one click. Reducing the number of spam complaints guarantees that users are receiving appropriate information in their inboxes.

What are Bulk Email Senders’ Claimed Spam Rates?

According to Google, senders in bulk must “avoid ever reaching 0.30% or higher” and maintain their reported spam rate—that is, the proportion of outgoing messages identified as spam by recipients—below 0.10% in Google Postmaster Tools.

The ease with which an email may be reported as spam distinguishes this need from others, like authentication and unsubscribe links. It all boils down to what the recipient believes they are receiving. It’s out of the sender’s control to some extent.

What are Bulk Senders’ “Unsubscribe” Requirements?

It should come as no surprise that Google mandates that marketing communications and other subscription mailings have one-click unsubscribe options.

For seasoned email marketers, these should have been a standard practice. Any remaining resistance to using the functionality indicates a quantity-over-quality email approach.

The individuals who get your emails are just one among many who have the potential to damage your reputation. That covers both list size and open rates. Ultimately, these figures are negatively impacting your engagement metrics. We must consider segmentation and focused content rather than list quantity.

To What Extent Should Email Marketers Be Concerned About These Specifications?

Senders should not worry too much since they have more to worry about in February than they have right now. They should do the authentication and follow proper email practices.

There’s a catch, though.

The criteria are applicable at the domain level, which implies that they cover not just marketing emails but any emails sent by the company using the domain. This comprises sales teams, especially business development and sales development personnel, who frequently rely extensively on cold-calling outbound.

These teams can produce a lot of emails since they have access to sales engagement platforms and generative AI technologies.

These roles also don’t necessarily report to marketing. So, it’s possible that they are not aware of the specifications for email authentication. This creates a kind of turf war for marketers defending their email approach. 

Typically, marketing is in charge of authentication. This is where sales and marketing working together effectively is essential.

In any organization, marketing should be the leader in authentication and ethical email practices. Marketing needs to be aware of the message-sending domain, as a few could mistake this for the domain name of the website.

Since any alteration at the DNS level may result in a major issue, marketing has to counsel the team in charge of authentication as well.

For Mass Senders, Why Are There New Requirements?

Spam is a serious issue. Because the great majority of spam messages are filtered before they reach the inbox, most individuals are unaware of the scope of the problem. Spam is a security risk as well, and it may pose an actual real risk if it finds its way into the inboxes of employees of particular companies or government organizations.

However, the goal here is not just to eradicate spam from the internet.

One source of revenue is the inbox—the advertisements at the top of the inbox and the ads on mobile apps. It serves as Google’s link to data.

For years, Google has taken precautions to safeguard its income stream, such as separating social and commercial emails in Gmail with tabs. The most recent actions are an additional means of resolving the issue. The obvious response is to use strategies like authentication to help select who gets to the inbox to filter out the noise.

The change is mostly motivated by the desire to maintain the inbox as the hub of people’s everyday lives. Google is astute. They are aware that an increasing number of users are selecting other methods, such as SMS and in-app messaging. It’s like when parents tell their kids, “I gave you way too many chances.”

What about Inboxes in Google Workspace?

Email accounts hosted on Google servers and controlled by companies or educational entities are called Google Workspace inboxes. The effect of the new regulations on outbound cold sales emails has been the subject of extensive discussion on social media. Many outbound sales representatives could sleep better if this didn’t apply to corporate email addresses on Google Workspace accounts.

Observers have speculated that Google might exempt Workspace accounts because Google’s rules include “Gmail addresses” specifically. Google has not stated whether or whether that is the case thus far. 

How to Abide by the Latest Email Deliverability Guidelines from Google and Yahoo?

You already have a lot on your plate as an email marketer. It’s difficult enough to write, develop, and test your email campaigns. However, you cannot afford to disregard Google and Yahoo’s guidelines if you want your excellent emails to show up in the inbox.

The good news is that following the regulations isn’t too difficult.

Let’s go over them and see how you should modify your email guidelines for the best results.

Step 1: Authenticate Emails

Authentication is the most important email deliverability guideline that Yahoo and Google have highlighted for a very good reason. Email authentication aids in confirming that all emails sent from your domain are valid and are not the result of spoofing.

Google has been strict on verifying that an email sender is who they say they are, which is a critical aspect of email security. Businesses must “leverage email authentication standards to guarantee the verification of the email sender’s identity,” according to Yahoo.

The Authentication Protocols Listed Below Must Be Used by February 2024:

  • You can choose the IP addresses or domains that can send emails on your behalf using the Sender Policy Framework (SPF).
  • The DomainKeys Identified Email (DKIM) standard allows you to append a digital signature to emails you send. As a result, email service providers such as Yahoo and Gmail can confirm that an email originated from you and isn’t fake.
  • A security standard called Domain-Based Messaging Authentication, Reporting, and Conformance (DMARC) specifies how mailbox providers should handle emails that fail an authentication check and sync your SPF and DKIM settings. All the information you need to start safeguarding your domain is provided in this comprehensive essay on DMARC and other email security procedures.
What Email Senders Must Do?

Since email service providers perform this level of authentication automatically, the majority of business senders already use DKIM and SPF. This is your signal to verify, though, if you’re unsure that your email is verified.

Brands must establish their p=none policy level for DMARC and, in some situations, build up their DMARC records in the first place. Not all ESPs set up DMARC for their clients, but some do.

For Gmail and Yahoo, the entry-level p=none policy is necessary. That gives brands access to the IP addresses and domains that are sending emails from them or posing as them. But it does not protect brands from becoming spoofs. That’s really helpful information.

Having said that, configure your DMARC policy to p=reject, which instructs mailbox providers to reject any email that fails SPF and DKIM tests to completely safeguard your brand from spoofing. That’s the policy that Oracle Eloqua suggests in its DMARC setup instructions. And it’s the policy that Responsys establishes for its clients when it sets up DMARC on their behalf.

Additionally, we advise brands to validate their non-sending domains to guard against spammers faking those as well.

You may use Brand Indicators for Message Identification (BIMI) in a few short steps when your brand has adopted all three authentication standards: SPF, DKIM, and DMARC. When configured, BIMI shows the sender’s name in the inbox next to a brand’s logo.

The newest of the three standards, DMARC, has been adopted by several businesses in recent years due to the increased branding possibilities it presents. The announcements made by Yahoo and Gmail will undoubtedly encourage the adoption of BIMI. It also raises the question of whether BIMI users will soon experience simpler spam filter navigation.

Related Article:- How to Setup DMARC for Email Delivery

Step 2: Stop Emailing People and Make It Simple for Them to Unsubscribe

Making it simple for individuals to sign up is something you should aim for while expanding your email list. The new email deliverability regulations will compel you to unsubscribe using the same methodology.

You shouldn’t have to take extra steps to unsubscribe from a certain email sender’s unsolicited mailings. Google claims that only one click is required. You have until February 2024 to change this option if you haven’t done it yet.

Make sure your unsubscribe link is prominently displayed in each one of your email templates to prevent spam complaints. You want people to be able to swiftly opt-out and discover it with ease. If not, they’ll report you as spam right away. Possessing a strong preference center where subscribers can select the messages they like to receive is another excellent method to ensure that your audience only sees the information that they desire from your business.

What Senders Must Do?

Most email service providers have enabled list-unsubscribe headers by default. Speak with your ESP if you are unable to find native unsubscribe links in the emails sent by your brand on Gmail or Yahoo.

Senders might choose to deactivate their list-unsubscribe headers on certain email marketing systems. You should re-enable them if your brand has engaged in such behavior. Senders’ ability to stop this feature should hopefully be eliminated by ESPs, but if you’ve turned off the list-unsubscribe headers, they may not turn these headers back on.

Transactional emails are exempt from this requirement as they do not require list-unsubscribe headers and do not require unsubscribe links. Just be certain about the distinctions between transactional and non-transactional emails.

Additionally, this mandate does not affect your preference center or unsubscribe process, which is still a fantastic method to try to address some of the reasons why someone would want to unsubscribe. Having said that, take this notice as a prompt to check that your preference center and unsubscribe procedures are understandable and simple to use. With just one click, each subscriber who views these sites should be able to unsubscribe from all promotional emails.

Step 3: Within Two Days, the Process Unsubscribes.

Gmail and Yahoo both require senders to respect unsubscribe requests within two days, in addition to allowing a one-click unsubscribe using list-unsubscribe. It’s unclear how they plan to enforce this if list-unsubscribe isn’t used to make an unsubscribe request. When one is, though, they’ll be aware if someone emails the user after the two-day timeframe has ended, which might damage the sender’s reputation.

Legally, the CAN-SPAM Act gives mailbox providers up to ten business days to handle unsubscribe requests. But there’s nothing stopping them from imposing stricter guidelines. Furthermore, it has always been the spirit of CAN-SPAM for senders to handle unsubscribe requests as quickly as feasible. This is clearly what customers anticipate.

The CAN-SPAM ten-day window was an understanding that certain decentralized businesses—insurance firms. For example, a large number of independent brokers—might require more time to spread an unsubscribe request throughout their organization.  

What Email Marketers and Senders Must Do?

Regarding technology, the vast majority of senders should have no problem adhering to this. Make sure that, in the event that your organization is decentralized, unsubscribe requests are sent throughout the network in less than two days. You have until February 2024 to expedite that procedure if you are now unable to do so.

Senders who have been adhering to CAN-SPAM’s letter rather than its spirit will need to make adjustments to comply with this rule from a procedural perspective. Senders that knowingly decided to keep sending unsolicited messages to recipients over the 10-day legal window will now be subject to significantly harsher deliverability penalties than previously.

Step 4: Maintain a Low Rate of Spam Complaints

Mailbox providers have historically relied heavily on spam complaints to determine a sender’s level of trustworthiness. It’s more probable that your emails will end up in the garbage bin the more reports you receive.

The approved spam complaint rate is 0.1%, or one complaint for every 1,000 emails, as email marketers know. According to Google and Yahoo, their bar will be 0.3% as of early next year. That does not imply that you should sit back and let the volume of spam complaints grow. Conversely, to preserve good email deliverability, you need to:

  • Steer clear of buying email databases and sending unsolicited emails to individuals.
  • Put an unsubscribe link in the body of each email you send.
  • If a subscriber marks you as spam, immediately remove them and don’t send them any emails again.
Bonus Tip

78% of individuals will flag an email as spam only because “it looks like spam.” By employing a reliable email verification service, you can reduce this danger even further. Certain email verifiers identify and eliminate well-known dissenters from your list before they have an opportunity to file a complaint against you and harm your sender’s reputation.

Sending the type of emails that people anticipate from you is the greatest approach to prevent spam complaints, in addition to properly growing your email list. Therefore, be true to your brand, refrain from being unduly promotional, and provide compelling information to encourage interaction.

Before the deadline, adhere to the standards for an increase in email deliverability.

The new guidelines from Google and Yahoo for heavy senders won’t take effect until February 2024. That shouldn’t deter you from implementing the aforementioned best practices before the due date. Google suggests that you can improve your email delivery by putting them into practice right away.

However, Google warns that “your email might not be delivered as expected, or might be marked as spam” if you don’t follow the new guidelines before the end of the year.

Google Will Soon Delete Dormant (Inactive) Accounts

Google has other initiatives in place to combat spam, phishing scams, and malware outside its partnership with Yahoo.

The internet giant plans to begin erasing accounts that have not been used for over two years in December 2023. Though limited to personal Google accounts, this step will impact all Google Workspace applications, including Gmail.

The change made by Google might cause a high bounce rate and, consequently, problems with email deliverability for businesses that communicate with a significant portion of Gmail users. Any bounce rate above 2% tarnishes your email provider’s reputation. Also, it increases the likelihood that all of your next emails will be regarded as spam.

Be proactive and verify your email list before Google starts purging inactive accounts to avoid these issues. Verify that the numerous Gmail addresses you have in your database are still current and legitimate. Send each one via an email validator, and don’t forget to remove subscribers who haven’t interacted with your emails in over a year. Remove the person from your list right now if they haven’t clicked on your emails in years. You don’t want to take a chance on your Gmail email deliverability being hacked!

Yahoo’s Sending Best Practices place a strong emphasis on email list quality. A fundamental criterion of email deliverability is to make sure your list is healthy. Thus, Yahoo advises you to “remove invalid recipients from your list promptly.”

Existing Best Practices

With the possible exception of configuring DMARC, the majority of business senders won’t need to make any adjustments to abide by these new Gmail and Yahoo regulations. From our perspective, the main goals of these requirements are to make senders’ expectations more visible and to rectify the conduct of those senders who have not been adhering to industry best practices.

Nevertheless, all senders should be reminded by these notices to review their procedures and make any necessary changes. If not, you can be in for an unpleasant surprise when Gmail and Yahoo begin implementing these new regulations in February 2024.

Will These New Rules Impact Email Marketing and SEO?

These changes highlight how important it is to authenticate emails using recognized standards.

You must also maintain a clear spam rate threshold and give recipients a simple unsubscribe option.

You should familiarize yourself with these new standards and take action to comply with them by February if you have an email list that has more than 5,000 recipients.

Here are some pointers to maintain compliance:

  • Making use of a trustworthy email provider
  • Maintaining clean email lists
  • dividing up lists to send more specialized emails
  • Adding more personalization to emails

Even if your email list has less than 5,000 recipients, it is still advised that you adhere to these guidelines.

Looking Forward

These new Gmail security measures should lessen spam and email abuse, even if they won’t address every email security concern.

Furthermore, the benefits apply to other email providers because the criteria adhere to open Internet standards.

If you follow the guidelines, you’ll be able to thrive as a business, even if email marketing changes.

Need help to comply with the new email deliverability requirements, contact us.

Ankur Goyal
Ankur Goyal

Ankur is a Digital Evangelist with over 20 years of work experience. Ankur has been managing Google and Facebook Ads for over ten years. He loves the digital world and everything about it! His goal is to help as many businesses as possible by sharing his knowledge of online marketing with them.

Ankur has an extensive background in Shopify, E Commerce, Social Media, Search Engine Optimization (SEO), Pay-Per-Click (PPC) Strategies, Sales Funnels, and Conversion Rate Optimization. He is a founder of Website Pandas – a digital agency specializing in Web Design & development, Digital Marketing, and Data Analysis & Optimization. Apart from managing overall agency operations, Ankur also leads the company's digital marketing efforts.



Latest Posts

Stay Informed And Inspired