Gmail & Yahoo

New sending requirements starting from February 2024

Author

Vladislav Stankevičius
January 21, 2024

Hello there!

Grab yourself a cup of tea or coffee, and let’s get started! ☕

Upcoming changes in Gmail & Yahoo are two weeks away, and best practices are becoming mandatory thing, are you prepared for this?

Let’s tackle this step by step 👇

This change is quite important as it applies to ALL senders.

Now you have to set a dedicated sender domain in order to send emails from your email service provider. Just like in the example above.

Without this you won’t be able to complete other requirements that are explained down below.

If you just enabled a dedicated sending domain for the first time, it’s worth warming up your new sending infrastructure.

It’s recommended to do a warmup for at least 2 weeks. Here’s Klaviyo's article about it: Link.

Now let’s get to the second part 👇

By now, if you’ve successfully added a dedicated sending domain in Klaviyo, you should be okay with the SPF & DKIM.

Here is the easiest way to check if you have all these protocols in place:
Open email in Gmail > Click on three dots > Show original.

Right there, you will see SPF, DKIM, and DMARC authentication status.

Let’s discuss each protocol in more detail:

All these protocols help email services such as Gmail & Yahoo recognize who is sending email and give them the ability to measure and track your sender’s reputation.

Now it’s mandatory to have these protocols in place if you send more than 5.000 emails on a daily basis.

It also prevents spoofing - when someone takes your brand name and starts sending emails to their audience pretending to be you.

Sender Policy Framework (SPF) - It is so difficult to remember the full definition 😄 

With this protocol in place, I tell email servers that I own the stan-digital.com domain, and I allow Klaviyo or any other ESP to send emails on my behalf.

Domain Keys Identified Mail (DKIM)

This is the second authentication protocol where you add a digital signature on every email you send.

This signature lets receiving servers verify the message actually came from you.

In some cases, SPF or DKIM checks may fail, and you will still be able to deliver that message with one of the protocols in place.

It’s always better to have both of them for better authentication and trust in front of the email providers.

Domain-Based Message Authentication, Reporting, and Conformance (DMARC) - Jesus who named it?

With this protocol, you can decide what to do with your emails if they fail SPF & DKIM checks. There are 3 main options:

v=DMARC1; p=none; - with this tag in your DMARC record, you let your messages be delivered even if they fail SPF or DKIM authentication.

v=DMARC1; p=quarantine; - this one is more strict, in case your email fails SPF or DKIM email going to be delivered straight in the spam folder. User going to decide by himself if this was a legit email.

v=DMARC1; p=reject; - badass policy, if email fails SPF or DKIM your email won’t even make it to the inbox, message will be blocked.

💡 Pro tip: Generate DMARC record with deliverability tool like GlockApps, this way you’ll get reports right there and this will allow you to have a bigger picture on how your messages authenticated, and if you need to take action.

If you don’t want to hassle with deliverability tools, just set your DMARC record like this: v=DMARC1; p=none; adkim=r; aspf=r;

Here is an article from Google about DMARC policy: Link

But still, it’s always good to double-check your authentication rate in the Postmaster Tools.

💡 To make it more simple to understand, imagine this:

You’ve purchased a ticket to the concert; the ticket will be your (SPF protocol).

Upon entrance to the venue, the security guy asks you to provide the ticket and your ID, ID will be yours (DKIM protocol).

If everything is fine, you’ll get inside.

But if the security guy notices something suspicious in your ticket or ID, he will call the venue owner (DMARC) and ask what to do with you.

Depending on the venue policy, this is what will happen:
v=DMARC1; p=none; - You’ll get inside the venue anyway
v=DMARC1; p=quarantine; - You’ll get inside, but you’ll be watching the concert not from the VIP zone but somewhere far away from the stage (spam zone).
v=DMARC1; p=reject; - In this case, the security guy won’t even let you in the venue, and you’ll go home.

That’s it! This is how these authentication protocols work!

Now this is the most concerning part for me…

Google specifically wrote that you must keep your spam rates below <0.10% and avoid ever reaching a spam rate of >0.30% or higher.

Reported in Postmaster Tools

Have you ever noticed that data between Postmaster Tools and your ESP differs?

In my case, using Klaviyo, I was always calm seeing spam rates below 0.10%, but when you open Postmaster Tools, you might see a different picture - stable above 0.30%.

My suggestion is to keep an eye on Postmaster Tools and be more careful with the spam rates, as it can significantly affect your deliverability.

💡 Here are some tips for tackling high spam rates:

1. Avoid sending more than 2 emails per day to one customer. Start using the Smart Sending feature in Klaviyo.

2. Segment your audience, exclude users that are currently in your abandoned cart, and welcome flows. Exclude unengaged users, for example, who have received 15-25 emails from you but didn’t click any of them. They’re likely to mark your email as spam very soon.

3. Make it easy to unsubscribe. Make the unsubscribe link visible and easy to find in the footer or even at the top of your email. Overall, the unsubscribe rate does not affect your deliverability, but spam rates are far more harmful.

4. Enable global unsubscribe withing each list and within the Klaviyo account.

5. If you still see high spam rates after promo campaigns, you can try to split the campaign into 2-3 days by using the A/B test for different send times. This way, your sending volume will distribute the same as the spam rate.

6. Find your spammy emails and fix them. The easiest way to find your spammy emails is to create a custom report, as in the screenshot below:

7. The last resort option is to enable a double opt-in feature and send emails only to those who actually want to receive them.

This requirement is also for those who send more than 5k daily emails. Now, it will be easier for the users to unsubscribe.

Luckily most of the ESPs, like Klaviyo, take care of this, and you don’t need to do anything. This feature will be implemented automatically for all of your emails.

With this, we can expect higher unsubscribe rates and possibly lower spam rates, as this link will be at the very top of the email.

Another cool feature I just noticed:

Now, when you click on ‘‘Report Spam,’’ Gmail highlights the option to unsubscribe rather than report it as spam. This can also reduce the spam rates, isn’t it cool?

  • Start using a dedicated sender domain. Here is an article with instructions: Link.

  • If you’re sending more than 5k emails per day, make sure to set up SPF, DKIM & DMARC authentication protocols. A more detailed article from Google is here: Link.

  • Keep your spam rates low, specifically in the Google Postmaster Tool. For the reference: Link.

  • One-click unsubscribe, most of the ESPs are taking care of this for you. No action is needed.

Overall all these changes are the known best practices in Email Marketing. If you still have questions, please let me know by replying to this email.

POV REAL: You trying to keep up with all the things

See ya next Sunday!