Change is coming. Yahoo and Google are joining forces to crack down on spam and improve Yahoo Mail, AOL, and Gmail users’ experiences in the new year. Bulk email senders will face enhanced authentication domain identification rules and stricter enforcement of anti-spam provisions. What do you need to do now to preserve your deliverability and engagement rates in 2024? Find out what you need to know about inboxing in 2024 here.
In October, Yahoo and Google jointly announced new and strengthened guidelines for email senders that will take effect early in 2024.
Google informed consumers and senders about the coming changes in a blog titled New Gmail protections for a safer, less spammy inbox. The email and inbox service provider also added prominent call-outs about the coming changes to its sender guidelines and FAQ pages.
Yahoo revealed its intentions on the Yahoo & AOL Postmaster blog in the article, More secure, less spam: Enforcing email standards for a better experience.
These updated sender policies and procedures aim to improve sender identity verification and reduce the number of spam or unwanted emails Yahoo Mail, AOL, and Gmail users receive.
To improve email security, reduce spam, and enhance user experiences, Google and Yahoo are:
☑️ Expanding and strengthening authentication requirements for senders;
☑️ Mandating that senders facilitate one-click unsubscribing for their commercial emails;
☑️ Requiring senders to include an unsubscribe link in each email and process all unsubscribe requests within 2 days of receipt;
☑️ Specifying minimum spam complaint rate thresholds that will trigger enhanced penalties
The new and expanded authentication and anti-spam requirements will go into effect for senders to Gmail accounts by February 1, 2024. Yahoo’s announcement says their new rules will take effect in Q1 2024.
Now, the bad news.
Some email senders will have a little work to do between now and February.
The bad news isn’t really that bad, though.
Many of the updated rules codify existing recommendations and best practices, like the ones we share in our email deliverability handbook for high-volume senders.
The October 3, 2023, guideline announcements give senders a reason to do the right thing sooner rather than later, as several previously optional practices become mandatory.
Brands that are serious about reaching Yahoo Mail or Gmail users need to get serious about email security.
To make sure you’re ready, this article walks you through the new Yahoo and Google sending requirements for bulk emailers taking effect in Q1 2024, including:
🗸 Who do these new Yahoo and Gmail sender requirements apply to;
🗸 What authentication and anti-spam standards email senders must meet in 2024;
🗸 How can email marketers prepare now to comply with the new bulk sender rules; and
🗸 Why ESPs are increasing their oversight of email-sending practices (and why you should care).
Here’s what you need to know to avoid email service providers’ spam filters and reach your subscribers’ inboxes in 2024.
Let’s start by figuring out if these rules apply to your email marketing program.
Is your email marketing program affected by the updated sender authentication and deliverability guidelines?
If your brand sends emails to consumers served by Gmail or Yahoo, some or all of the new email sending policies will probably apply to you.
Gmail divides its email sender guidelines’ requirements into two sections, both of which apply to senders sending messages to personal Gmail accounts. According to the associated email sender FAQ page, a personal Gmail account is one that ends with @gmail.com or @googlemail.com, but not messages sent to Workspace addresses.
Your brand doesn’t have to be a bulk sender to be subject to the first tier of those standards–which includes the 0.3% spam complaint rate threshold.
The first section of Google’s email sender guidelines applies to all senders sending messages to personal Gmail accounts. Meanwhile, bulk senders must meet these requirements along with a second, more rigorous set of standards.
If you aren’t sure whether or not you’re a bulk sender, you’re probably close enough that you should prepare to meet the new sending guidelines.
Which senders must comply with Google’s full set of updated sending policies?
High-volume senders like the ones using Ongage’s email marketing platform to distribute 1+ million marketing and transactional emails to people each month don’t need to question whether the rules apply to them.
If you’re sending even a fraction of this number of emails each month to personal Gmail accounts, you’re a bulk sender.
However, organizations and individuals who don’t consider themselves to be bulk senders may be in for a surprise.
Here’s what I mean. 👇
The 5000 messages per day measure: How Google defines bulk email senders
When is a sender subject to the second tier of more rigorous sending standards?
The sender FAQs answer this question as well.
Under a “what is a bulk sender,” heading, Google explains that a bulk sender is one that sends “close to 5,000 messages in a 24-hour period 1 or more times.”
Emails sent with the same domain in the From: header within a 24-hour period count toward this total.
Just one mass email blast, such as an annual policy update or an announcement sent to an entire list, could push your (or your client’s) organization into the bulk sender category.
Transactional and customer support emails aren’t excluded from your sending totals, either.
⚠️ If you separate some of your business communications by domain, check the sending volume of those lesser-used domains and make sure you’ve brought each one into compliance with the applicable set of requirements before February.
What about Yahoo? What will they require, and for which senders in 2024?
Which senders are subject to the sender practices Yahoo announced in October?
I wasn’t able to find a clear definition of “bulk sender” in the Yahoo Sender Hub’s Sender Best Practices guide. Instead, the guide references senders that deliver messages to consumers and send commercial, bulk, or marketing emails.
One clue to Yahoo’s intent is in the guide’s “Control the flow of your outbound emails” section.
This section states that Yahoo only “accepts a limited number of messages per SMTP connection,” and a sender’s send may be automatically terminated if they exceed this volume.
Senders who regularly hit this limit are advised to employ a multi-server strategy.
I’d say that if that ‘control your flow’ advisory applies to you, Yahoo probably considers you a bulk sender.
⚠️ Yahoo’s sender best practices still use permissive language for the promised mandates. It’s likely that Yahoo will edit its guidance ahead of a February launch date and may clarify which senders they apply to. Both ESPs have said more details are coming.
Don’t wait for the word from Yahoo to begin optimizing your email marketing programs for deliverability, though.
With a nearly 30% market share, if Gmail considers your brand a bulk sender, you’ll need to meet its authentication and anti-spam requirements to reach your subscriber’s inboxes in 2024.
Plus, the coming standards are already deliverability best practices.
Google’s email sender guidelines specifically recommend that senders implement these policies “as soon as possible” to improve their email delivery.
Exceeding ESPs’ minimum standards for authentication and spam prevention positions your brand for improved deliverability and better user experiences now.
👀 Discover targeted tips for avoiding Gmail’s spam filters and boosting engagement among Gmail users in Optimizing Emails for Gmail Subscribers.
Okay, let’s have a look then.
💬 I’m using Gmail’s guidelines as the framework to introduce the standards because Google has already added mandatory language, while many of Yahoo’s entries remain suggestions. Where Yahoo’s best practices significantly add to or differ from Gmail’s, I’ve added a (❗️) note.
I recommend reviewing both sets of guidelines (and those of all the other major ESPs) as you prepare for the new year.
I mean, what else do you have to do? You didn’t really want to watch fireworks and ball drops on New Year’s Eve, right?
New authentication and deliverability standards Gmail and Yahoo will enforce in 2024
Nested under the “Send bulk mails” category of Gmail Help, the email sender guidelines include a collection of mandates, suggestions, and advice.
Following the guidelines benefits senders by helping ensure that their messages are delivered as expected and that Gmail doesn’t limit their sending rates, block their messages, or mark them as spam.
Yeah. Nobody wants that.
The first set of standards I’ve summarized below must be met by all senders who send emails to Gmail accounts, and most are strongly urged or required by Yahoo’s best practices.
Gmail’s updated email sender guidelines for all senders
All senders to personal Gmail accounts must meet the following requirements, or their messages may be blocked, rate limited, or marketed as spam:
☑️ Set up SPF or DKIM email authentication for their domain.
Senders must create a Sender Policy Framework (SPF) record for each of their sending domains, including any third-party sender domains such as a shared sender domain provided by an ESP.
The domain listed in your messages’ From header must be a match for one of these records. Adding a Domain Key Identified Mail (DKIM) encryption signature is optional but recommended.
❗️ Yahoo strongly urges senders to publish a Domain Message Authentication Reporting and Conformance (DMARC) policy, authenticate every email with DKIM, and publish valid SPF records. (Gmail includes this standard in its enhanced bulk sender standards.)
☑️ Ensure that sending domains or IPs have valid forward and reverse DNS (domain name system) records.
Gmail is mandating that every sender clearly declare which IPs are sending messages on its behalf so that SMTPs can check the records before passing along messages. Your sending IP address must match the IP address of the hostname you’ve designated in your Pointer (PTR) record.
❗️ Yahoo’s best practices and FAQs emphasize that a generic DNS record is suspicious. Senders should record a static mail server’s IP (not one that appears to be dynamically assigned).
☑️ Keep their spam complaint rate (reported in Postmaster Tools) below 0.3%.
When a recipient or Gmail’s spam filters mark an email as spam, it adds to the sender’s spam complaint total. Google calculates senders’ spam complaint rates daily.
❗️ Yahoo has stated that it will impose a threshold but has not disclosed a specific number yet.
☑️ Format messages in accordance with RFC 5322.
The RFC 5322 standards aren’t new. This instruction reminds senders to stay in compliance. Maintaining appropriate header and content formatting enables SMTP relays and ESPs to accurately track and forward messages across the email ecosystem.
❗️ Yahoo’s sender best practices require all emails to be compliant with RFC 5321 (the SMTP standards) as well as RFC 5322.
☑️ Stop using Gmail From: headers for messages not originating from a Gmail account.
Google warns that they will use DMARC’s quarantine enforcement policy to put a stop to brands’ spoofing of the ESP. They won’t be able to use Gmail’s credibility to gain opens anymore.
❗️ Yahoo’s sender FAQs disclose that it uses the p=reject DKIM policy, instructing receivers to reject messages attempting to spoof the Yahoo domain.
☑️ Add ARC headers to outgoing forwarded emails. Mailing list senders should add the List-id: header to their forwarded, outgoing emails.
The ARC notation is a reminder that ESPs want to look all the way back to the source when authenticating senders.
High-volume senders should already meet most of these standards because of their impact on deliverability.
Business senders who have yet to formalize their domain status should act now to ensure continued delivery to Yahoo and Gmail users in the new year. In particular, brands using email marketing or sending platform’s domains or shared IPs without properly recording the relationship will be affected.
Those sending directly from their domain without SPF or DKIM authentication will need to act as well.
🛑 After February, messages like the one pictured below may be blocked instead of just being flagged in the inbox.
Gmail added a caution to this confirmation email sent by a small brick-and-mortar retailer offering ecommerce sales as potential spam but still delivered it to the user’s inbox.
What did the sender get wrong?
There are a few problems with this sender, but the point of failure was a missing IP in the SPF record.
The recipient visited Entity A, the retailer, and was invited to subscribe to their list. The friendly From name refers to Entity A, and the From: address uses an Entity A domain. This From domain is not a match for the Sender: domain, Entity B. Entity B is the company named in the “powered by” portion of the email’s subject line.
The sender (Entity B) domain–labeled as a domain of transitioning–hasn’t designated the sending IP as authorized in its SPF record (spf=softfail).
These requirements improve email users’ experiences and help protect them from phishing attacks and other harmful messages.
Bulk senders will need to meet these minimums and more to ensure deliverability in the new year.
What do Google and Yahoo say bulk senders must do by February 1, 2024?
Google’s second tier of email sender requirements, those applicable specifically to senders who send more than 5k messages a day to personal Gmail accounts, add authentication layers and require senders to enable subscribers to control their inboxes with easy unsubscribe options.
Starting in Q1 2024, bulk senders must meet all of the ‘all sender’ requirements, plus:
☑️ Implement both SPF and DKIM protocols to authenticate their domains.
Smaller senders sending to personal Gmail accounts get to choose one authentication protocol. Bulk senders must implement both SPF and DKIM. This facilitates proper DMARC processing and adds extra layers of security for high-volume senders and their recipients.
The minimum DKIM key size for sending to personal Gmail accounts is 1024 bits. But Google recommends using a 2048-bit key when possible.
❗️ Yahoo’s single set of sender best practices recommends that senders implement both protocols as well as setting up DMARC.
☑️ Set up DMARC email authentication for their sending domains.
DMARC setup enables senders to monitor messages sent using their credentials that don’t pass SPF or DKIM authorization tests. Messages that don’t pass either SPF or DKIM will generate a DMARC enforcement action, which you, as the sender, choose.
❗️ While senders may choose p=none as their DMARC enforcement option, senders must set the DMARC policy (p) to quarantine or reject if they wish to display their logos in the inbox using Brand Indicators for Message Identification (BIMI).
☑️ Demonstrate domain alignment between the email address in the sender’s From: header and its SPF or DKIM domain records.
DKIM alignment requirements may be strict or relaxed. Under the relaxed DKIM standard, a message will pass if one of a sender’s DKIM-authenticated signing domains is the same as the domain of the email address in the From header. The strict DKIM alignment standard requires an exact match between the d=signature and the From domain.
❗️ In its Sender Hub FAQs, Yahoo states that if a message has multiple DMARC-aligned signatures and some of them don’t pass DKIM checks, Yahoo doesn’t guarantee that they will pass DMARC.
☑️ Support one-click unsubscribe for marketing and subscribed messages, and include a clearly visible unsubscribe in the message body.
The reference to marketing and subscribed messages in this requirement is intentional. In its FAQs, Google clarifies that one-click unsubscribe is required only for “commercial, promotional messages.”
Transactional messages are excluded from the requirement.
❗️ To ensure that critical information isn’t blocked or marked as spam, Yahoo’s best practices recommend that senders segregate their marketing or bulk emails from other messages, including transactional emails or alerts.
Many ESPs and email marketing platforms, including Ongage, automatically add a list-unsubscribe header to your outgoing emails for you. You may need to adjust your system settings to exclude transactional messages. (Learn more about Ongage’s list-unsubscribe process here.)
☑️ Process unsubscribe requests within two days.
This turnaround time is more restrictive than the US CAN-SPAM 10 business day requirement, and it’s unclear how the ESPs will monitor requests not made through the list-unsubscribe header function.
⚠️ Neither ESP’s sender guidelines mention this 2-day limit yet. But this turnaround time gets a prominent mention in both providers’ October announcements. It’s possible that Google and Yahoo are still working out the enforcement logistics for this mandate.
This is a good reminder that the ESP’s guidelines aren’t the only place where they share deliverability and compliance tips. FAQs, blogs, community or forum posts and answers, and other sources may contain information about improving delivery rates and meeting ESPs’ expectations.
For example, Yahoo’s and Gmail’s documentation reveal steps bulk senders would be wise to take even if they aren’t labeled as requirements, including details about:
- IP warm-ups,
- Double opt-in and subscription confirmations,
- Using multiple or shared IPs,
- IP or domain segregation of emails by type,
- Partnering with third-party email providers,
- Message formatting standards (both RFC 5322 and HTML standards),
- From: and other message header practices,
- In-message URL formatting,
- Registration for and use of complaint feedback loops and Postmaster Tools,
- Regulatory compliance,
- List maintenance,
- Sending volume and cadence,
and other topics critical to ensuring your inboxing success.
Expect further adjustments and additions to bulk sender guidelines throughout 2024 as ESPs battle fraud and spam and strive to deliver quality experiences to their users.
What should bulk email senders do now to prepare for the updated sender rules coming in 2024?
You may already be complying with a lot of the rules slated to arrive in 2024. But it doesn’t hurt to double-check, right?
Follow these steps to get your email-sending house in order before the new rules take effect:
📋 Update your email audit and pre-send checklists to reflect the new deliverability standards and recommendations
❒ Begin your preparations by adding each of the major ESPs’ sender recommendations to your email marketing program audit checklists. Make note of which practices are mandatory under the new sender guidelines and mark these for review before the February deadline.
Set aside some time in Q1 to do a deep review of your foundational email templates, including both your marketing and transactional templates.
When was the last time you looked at the Internet Message Format Standard, RFC 5322?
It’s not exactly light reading. But Gmail’s guidelines remind senders that they must meet those standards.
📋 Validate, authenticate, and align all your domain names, IP addresses, and other data across your sending infrastructure
❒ Authentication. Just do it! That’s the core message of dual announcements released by Google and Yahoo regarding new email safety and anti-spam initiatives that will take effect in 2024.
If you haven’t already implemented SPF, DKIM, and DMARC authentication for all your sending domains and IPs, do this as soon as possible using our step-by-step guide to email sender authentication. Authentication will be mandatory in February, but not having it now is likely harming your deliverability.
Also, you’ll need to set your DMARC record to either quarantine or reject if you want the ESPs to display your BIMI-enabled logo.
❒ Check and update your DNS records to ensure that each of your sending IPs is represented. Confirm that your DNS and reverse DNS lookups are accurate. Follow the steps for finding your DNS record at Project Shield to get started.
❒ When reviewing your SPF and DNS records, check for stale IP addresses and remove them from your record sets.
Leaving these unauthorized IPs on your ‘approved’ lists leaves you vulnerable to IP-use-after-free or spoofing attacks and other malicious activities. Use your DMARC reports to monitor for any IPs you may have missed, as well as other impersonation attempts.
❒ Send emails from your domain and make sure your Friendly From (sender name) and From: headers aren’t deceptive.
Not impersonating Google or Yahoo by using “gmail” or “yahoo” in your sending addresses is a pretty obvious step. Take your transparency efforts further to ensure that your email recipients know who is contacting them before they open your messages.
When you review your automation, make sure your systems are inserting current and accurate from, reply-to, and return-path addresses into your headers.
❒ Review your sending practices to determine whether you need to add ARC to your email templates. This is critical if your organization forwards messages to your lists.
📋 Activate one-click unsubscribe and fast-response unsubscribe processes
❒ Add the list-unsubscribe header to your marketing and subscribed emails to facilitate one-click unsubscribing. Google’s email sender guidelines FAQs note that this header must conform to RFC 8058. Relying on an in-body mailto link isn’t good enough.
While I recommend taking this step as soon as possible, Google says senders that already include an unsubscribe link in their message have until June 1, 2024, to implement one-click unsubscribe.
The header unsubscribe feature makes it easy for subscribers to leave your list, one of the stated goals of Google’s and Yahoo’s announcements. It can also prevent subscribers from reporting your emails as spam as a shortcut when they can’t immediately find your unsubscribe link or don’t trust that you’ll honor their request.
⚠️ You do not need to add this option to your transactional messages and shouldn’t.
Permitting automatic unsubscribes from your transactional messages could prevent recipients from receiving essential information about their purchases or accounts with your business.
The US’s CAN-SPAM law permits businesses to include marketing or promotional content in their transactional messages. But this allowance isn’t universal. Make sure you are complying with local regulations and ESPs guidelines when sending transactional messages.
Be aware that your subscribers may still choose to mark your transactional messages as spam if you overdo it. Monitor your transactional and marketing emails’ complaints and unsubscribe rates.
❒ Review all of your email templates to confirm that they include an easy-to-locate, active unsubscribe link. This unsubscribe requirement is in addition to, not in lieu of, the one-click header unsubscribe option.
Place a clearly labeled unsubscribe link in your email templates’ preheader and/or footer copy. Confirm that your unsubscribe links are functioning as part of your email pre-send review for each campaign.
Further, check your entire path to unsubscribing for points of friction.
Are you forcing subscribers to click through multiple pages or answer questions before their unsubscribe becomes valid?
If so, stop.
It’s okay to ask follow-up questions or offer subscribers alternatives to unsubscribing, such as opting down or directing them to a preference page. But don’t use these actions as an alternative to immediately honoring their unsubscribe requests.
❒ Set up procedures to ensure that your organization processes both list-unsubscribe and in-email unsubscribe requests within two days of receipt.
In an alert to its customers, Ongage partner SMTP.com notes that it includes a list-header unsubscribe in every email it handles. However, the addresses for subscribers selecting this option are not suppressed automatically.
Create automation that transfers unsubscribing contacts to the appropriate suppression lists and records their preferences across all your data sets. Test your new processes to confirm that unsubscribes are handled within the two-day window.
When using Ongage’s email marketing platform, list contacts who unsubscribe, make a spam complaint, or have a hard bounce are automatically changed to inactive status. You can control the details of these settings through your list management account settings.
📋 Monitor and control your spam complaints
This category deserves special attention because compliance isn’t simply a matter of entering data on a list or adding a snippet of code to your messages. It’s not even as simple as automating a few more tasks.
There are some obvious steps to reduce spam and your spam complaint rates, like only sending messages to opted-in subscribers. But even if you do everything right, it’s ultimately up to your recipients to decide if your emails are spam or not.
Also, the baseline spam complaint rate to ensure deliverability may be much lower than the threshold of 0.3% Google states in its updated email sender guidelines or the yet-to-be-revealed Yahoo threshold.
🔎 In the monitoring and troubleshooting section of Google’s guidelines, the rate to which bulk senders should aspire is revealed as 0.1%, or one-third of the new threshold.
Wait. What?
Yup. That’s the real number you want to stay below.
We all know spam complaints are bad. No sender wants to get dinged with a spam complaint. And, to be honest, 0.3% isn’t a great rate. The lower 0.1% is the accepted industry standard.
Hitting a spam complaint rate of 0.3% “for any sustained period of time” is bad, really bad.
Google advises senders that “maintaining a high spam rate will lead to increased spam classification” and “it can take time for improvements in spam rate to reflect positively on spam classification.”
Email senders of any volume that tip that 0.3% are going on the bad sender list, and they may be stuck there for a while.
Google calculates senders’ spam complaint rates daily, so one bad send can trip the spam classification trigger. On the plus side, if the send was an outlier, you should be able to lower the rate quickly.
However, there are consequences for exceeding the complaint rate limit that will last longer than a day.
Senders who breach 0.3% won’t qualify for bulk sender mitigation, the process that allows senders to request relief if they believe their spam classification is undeserved.
Besides, if your emails are generating spam complaints, it means you have people on your list who don’t want to be there, or your recipients don’t like the messages you’re sending.
There’s no ROI in sending unwanted emails to unwilling recipients.
With these details in mind, here are the steps you should take to avoid spam filters and reach subscribers who want to hear from you in 2024:
❒ Create a dedicated address to receive complaints and enroll in Yahoo’s complaint feedback loop (CFL).
❒ Implement the Gmail Spam Feedback Loop (FBL) by adding the Feedback-ID header to your emails. Then, sign up for Google Postmaster Tools to monitor spam complaints, your IP and domain reputation, and other details through the Postmaster dashboard.
❒ Check your reputation with third-party blocklists like the ones listed in our guide to protecting your domain reputation regularly. Use automation tools to monitor and send you alerts about your status.
❒ Follow good sign-up practices, including obtaining explicit consent from new subscribers, before adding them to your list. For example, don’t auto-populate your consent forms with a checkmark. Let contacts choose for themselves.
Yahoo recommends that senders use a double opt-in or two-step subscription confirmation process. This strategy prevents third parties from adding emails to your list (some people subscribe to others for malicious reasons). However, your confirmation emails might not reach your new subscribers if your deliverability performance is low.
❒ Regularly prune your email lists to remove unengaged subscribers.
As part of your list hygiene practices, automatically re-validate the email addresses for contacts that haven’t engaged with your brand via email for a predetermined period. Inactive subscribers drag down your deliverability metrics and can damage your sender’s reputation.
Somewhere between 30 and 90 days is a reasonable standard to gauge inactivity for many businesses. However, you should set your inactivity interval based on your audience’s historical behavior and buying cycles.
Stale or abandoned email addresses may be spam traps or generate hard bounces. Ongage’s AI-powered validation module uses unsubscribe and complaint data to score your contacts and alert you about the high-risk addresses on your lists.
❒ Once you have a clean list, use customer valuation and predictive tools to decide which of the remaining lapsed subscribers to target with reengagement campaigns. The costs of low response rates to these types of campaigns may outweigh the benefits.
Sunset contacts that you decide not to pursue and those that don’t respond to your re-engagement campaigns so that your list remains populated by active, engaged subscribers.
Sunset contacts that you decide not to pursue and those that don’t respond from your lists.
❒ Send content your subscribers want. Well, yeah, that’s always a good plan. It’s also one of the three named objectives for the new bulk sender guidelines to send wanted emails.
You can accomplish this by understanding your audience, creating smart segments that speak to who your subscribers are and what they need at each point on their journey, and developing content that serves their needs.
Use email automations and AI-powered analytics to help you develop custom-orchestrated journeys for your subscribers and adjust your methods in real-time to meet their changing needs.
❒ Review this list of 23 reasons emails go to spam folders instead of the inbox. If any of those reasons apply to your email marketing program, follow the ‘what to do about it’ instructions to get your inboxing performance back in shape for the new year.
Preparing for next year’s deliverability challenges now will save you plenty of headaches in the new year and boost your email marketing program’s performance.
Those are good reasons to get started now.
But just in case you were curious or want to know what could go wrong if you aren’t prepared when February 1 rolls around like I was, here are a few more reasons email marketers should be making plans to secure their deliverability in the new year now.
What are the stakes for email senders who don’t satisfy the new deliverability guidelines?
You’re probably used to seeing updates on sender recommendations from various ESPs from time to time.
So what makes these Yahoo and Gmail updates announcement-worthy?
Consequences.
In the past, Yahoo’s and Google’s sender recommendations used ‘carrot’ motivators.
Their sender guides said we “strongly urge” that you do this to “ensure your messages are delivered” and “follow these guidelines” to “successfully send and deliver email” to the ESP’s accounts and “help prevent” your emails from being limited, blocked or marked as spam.
In 2024, compliance with several formerly helpful suggestions published by Yahoo and Google will become mandatory for email senders.
Senders that don’t comply won’t be allowed to send messages to personal Gmail accounts or Yahoo Mail and AOL recipients.
With these new guidelines, Yahoo and Google are giving senders who ignore gentle nudges a hard push to authenticate and only send wanted emails.
Gmail’s updated guidelines advise senders that following the guidelines now should improve their email delivery, and failure to follow them may cause their emails to be rejected and not delivered or marketed as spam and delivered to users’ spam folders.
In February, more of the guideline recommendations will become mandatory. Meaning there will be more situations where messages will be rejected or treated as spam.
Complying with the new guidelines reduces the chances that your messages will be flagged by ESPs’ spam filters.
Avoiding spam filters is critical in the short term because being flagged prevents your emails from being delivered. In the long term, Google uses your spam filter performance to score your IP and domain reputation in Postmaster Tools.
These reputation calculations include both users’ spam complaints and emails flagged as spam by Gmail’s spam filters.
Yahoo tells senders that it will block or rate limit those that abuse its resources. And, like Gmail, the ESP considers multiple factors when gauging a sender’s reputation and deciding how much access to Yahoo’s email users the sender will have.
Senders who follow the rules are more likely to reach their intended audience and less likely to have their messages “de-prioritized” by Yahoo.
The changes announced by Google and Yahoo are likely just the first wave of changes coming to email and other marketing channels as service providers and regulators attempt to balance privacy and personalized commerce.
Why did Yahoo and Gmail team up to expand email sender authentication and anti-spam guidelines?
Over the past several years, all the major email inbox service providers have implemented systems to eliminate malicious and unwanted emails and improve their users’ experiences. Sophisticated filters monitor incoming messages and senders’ reputations to ensure that the messages email recipients open are safe.
Authentication protocols make it easier for ESP to ensure only messages authorized by the sender arrive in users’ inboxes.
Gmail began requiring some form of authentication for senders in 2022. This change cut the number of unauthenticated messages arriving in Gmail account inboxes by 75%.
Who’s sending the 25% still getting through? Are they sending wanted, welcomed emails or targeting the unwary with scams and malicious attacks?
Not being able to answer these questions is a problem for ESPs.
Getting high-volume senders on board with full authentication will help Google and Yahoo answer those questions and enable them to focus their resources on eliminating bad actors.
While it seems basic, outdated and inconsistent systems across the internet make it sometimes impossible to validate that “a sender is who they claim to be,” Google’s Neil Kumaran acknowledges in the Gmail announcement.
In the Yahoo and AOL Postmaster article, Yahoo’s Marcel Becker observes that “numerous bulk senders fail to secure and set up their systems correctly,” and this lack of diligence leaves senders and email recipients vulnerable to malicious actions.
Of course, not all those scofflaws are bulk email senders.
But Gmail and Yahoo suspect that enough of the senders who have failed to comply are high-volume senders that these new mandates can make a difference.
As Becker explains, “[s]ending properly authenticated messages helps us to better identify and block billions of malicious messages and declutter our users’ inboxes.”
The new sender guidelines aim to deliver fewer unwanted messages and better inbox experiences to email users
In its October announcement, Gmail was careful to emphasize that its “AI-powered defenses stop more than 99.9% of spam, phishing, and malware from reaching inboxes.”
One-tenth of one percent? Is that what all this is about?
Not exactly. There’s more to it than achieving zero inbox incursion.
It’s not just inbox users’ safety that ESPs who are also inbox service providers (ISPs) care about though.
Like any business, delivering a superior customer experience is critical to compete. Besides traditional inbox providers like Outlook, Yahoo Mail, and Gmail, consumers can choose premium providers that promise to help them manage their inboxes and save time.
Stopping unwanted emails from reaching subscribers is central to inbox service providers’ competitive efforts. Crowded inboxes frustrate users and could tempt them to turn to other channels to meet their digital communication needs.
For ESPs offering inbox services to consumers, preventing spam is an existential crisis.
Using filtering algorithms, responding to user feedback, and lobbying for better industry practices are just a few of the ways ESPs have pushed back against email scammers and spam emails.
Now, Google and Yahoo are taking further action to improve users’ experiences, increase inbox security, and prepare to fend off more sophisticated attacks in the future.
Avoid ESPs’ spam filters and existential crisis in the new year by preparing for the new bulk sender guidelines now
It’s not just inbox service providers that risk extinction if they fail to keep email users happy. Email marketing gives brands a unique channel to communicate with their audiences and deliver personalized, right-timed messages. But if your emails don’t demonstrate respect for your subscribers’ privacy and a genuine interest in delivering value, you’re likely to be locked out of their inboxes.
Use the new authentication and anti-spam guidelines as a starting point for your email marketing program’s ongoing efforts to up its value game in the new year.
We’ll be right here by your side to help.
Login