Check you are compliant with Google and Yahoo email policies from February 2024

From February 1st 2024, Gmail and Yahoo are leading the charge in email security and spam reduction, with their latest email policies taking effect from February 1, 2024. Find out what is changing and how you can stay compliant.
10 January 2024 | Digital Business

What’s changing?

Google and Yahoo are enforcing new policies from February 1, 2024. While the mechanisms they require are not new and have been a recommended setup for years, they are becoming much more important this year. These new policies will help limit spam and nuisance email.

Marketing/bulk emails must be compliant from 1st February 2024 to avoid rejection/being spammed by Gmail and Yahoo.

Other providers have not announced any policy changes so far, but it will only be a matter of time. As email senders, compliance is crucial to avoiding issues such as bounces or mail ending in the spam folder.

DMARC, DKIM & SPF Records

All email domains must have a DMARC record enabled if the daily sending volume exceeds 5,000. You are also required to have correct DKIM and SPF records in place. It’s crucial to implement a DMARC policy for each of your sending domains to confirm the success of your DMARC checks. Also, valid forward and reverse DNS/PTR records for your email domains are required.

Unsubscribe Link: June 2024

From June 1, 2024, the unsubscribe link in your emails captures the request with just one click. Google recommends both List-Unsubscribe-Post and List-Unsubscribe headers in outgoing emails, supporting both one-click and mailto unsubscribes. Email recipients should be allowed to review and unsubscribe from individual mailing lists, with an additional recommendation to unsubscribe recipients with multiple bounced messages automatically.


Spam Complaints

Google demands that bulk senders keep the spam rate (as per Postmaster Tools) less than 0.1% to be part of the email good senders list. While the threshold set by ISPs is 0.3%, it’s safe to maintain the spam rate not more than 0.1%. It’s worth considering a threshold of 0.2% as a high alert and 0.3% as a critical alert.

Google won’t be addressing any tickets for senders hitting a 0.3% spam rate, and your email practices will be constantly under watch.

How to ensure your email setup is compliant

Establish proper email authentication and infrastructure configuration
Below is a brief overview of the nitty-gritty of email authentication and the three interlinked mechanisms involved:

Making sure your domain is correctly configured with the following records is a good starting point.

  • Sender Policy Framework (SPF): Prevents domain spoofing by enabling senders to specify authorized email servers for dispatching emails from their domain.
  • DomainKeys Identified Mail (DKIM): Adds a digital signature to outgoing emails, verifying the message’s origin from an authorized sender and confirming it hasn’t been altered during transmission.
  • Domain-based Message Authentication, Reporting, and Conformance (DMARC): Empowers domain owners to define actions for emails failing authentication and facilitates reporting on email authentication outcomes.
  • Gmail spam complaint rate below 0.3%. If a larger share of your recipients mark your emails as spam, your sender reputation will decrease—and you’ll have a harder time reaching the inbox.

You’ll have to register your domain with Google’s Postmaster Tools to see your spam report data from Gmail users. This is free and only takes a few minutes. As soon as Google has gathered some email data, you can see spam report information in your Postmaster account.

Need help? We’ve got you covered

Source: https://blog.google/products/gmail/gmail-security-authentication-spam-protection