Email Service Compliance

Important Email Update! New requirements from Gmail and Yahoo Mail effective February 2024. 𝐄𝐦𝐚𝐢𝐥 𝐬𝐞𝐧𝐝𝐢𝐧𝐠 𝐛𝐞𝐬𝐭 𝐩𝐫𝐚𝐜𝐭𝐢𝐜𝐞𝐬: As part of their ongoing commitment to enhance email security and protect user inboxes, Gmail and Yahoo Mail have announced a set of new requirements for email senders, effective February 2024. The new requirements include long-standing best practices that all email senders should follow in order to achieve good deliverability with mailbox providers. What's new is that Gmail, Yahoo Mail, and other mailbox providers will require alignment with these best practices for those who send bulk messages over 5000 per day or if a significant number of recipients indicate the mail as spam. 𝐑𝐞𝐪𝐮𝐢𝐫𝐞𝐦𝐞𝐧𝐭𝐬: - SPF (Sender Policy Framework) is a domain-based way to determine what IPs are allowed to send email on somebody's behalf. - DKIM (Domain Keys Identified Mail) is a message-based signature that uses asymmetric cryptography to sign email and verify that a message was not altered in transit. - DMARC (Domain-based Message Authentication, Reporting & Conformance) builds on top of SPF and DKIM and instructs receivers to approve, quarantine, or reject email messages. 𝐖𝐡𝐲 𝐢𝐭 𝐦𝐚𝐭𝐭𝐞𝐫𝐬: For senders of bulk messages, meeting these requirements is crucial to maintaining good deliverability and ensuring that your emails reach the intended recipients' inboxes. Failure to comply may result in emails being marked as spam or rejected by mailbox providers. 𝐖𝐡𝐚𝐭 𝐲𝐨𝐮 𝐬𝐡𝐨𝐮𝐥𝐝 𝐝𝐨: Review your current email sending practices to ensure alignment with SPF, DKIM, and DMARC. If necessary, update your SPF, DKIM, and DMARC configurations to comply with the new requirements. Check the diagram showing how SPF and DKIM work together with your DMARC policy. #EmailSecurity #GmailUpdate #YahooMail #SPF #DKIM #DMARC #Authentication #CyberSecurity #EmailBestPractices

If you’re sending emails in bulk (>5000 emails/day), you need to know this. In a recent update, Google laid down a threshold of spam rate for bulk senders, which is less than 0.3%. This means two things: [1] You need to monitor the no. of spam complaints regularly - Spam complaints are NOT emails landing in your spam folder [2] You need to keep your spam complaints below 0.3% - Many of the companies I know have higher spam complaints First, start monitoring spam complaints by setting up Gmail Postmaster Tools for your domain. It’s a free tool by Google to check delivery errors, spam reports, domain reputation, and IP reputation. The more important question though is how to maintain spam complaint rates below 0.3%. The answer is simple - Be more relevant and valuable to users. For that, make sure to: [a] Segment your users (Use their activity, intent, and need to segment) [b] Understand what each of these segments want (Ask them questions) Send emails that are relevant to their needs. Don’t just sell but educate, entertain, and engage them [c] Bring novelty in each email. Don’t just keep sending the same sales-oriented email every day. If you don’t have any value to add, don’t send the email. There are other requirements for senders, too, like: [1] Authenticate outgoing emails by setting up SPF, DKIM, and DMARC. DMARC may be set to p=none. [2] Enable one-click unsubscribe. And process unsubscription requests within two days. The deadline to set these up is February 1, 2024 - but they’re nudging senders to set them up already. In fact, setting these up earlier “may improve your email delivery”, the update said. For more details - read their email sender guidelines [link in comments]

It’s official: email best practices are no longer best — they’re required. Here’s why... Microsoft recently announced new bulk sender requirements that mirror the ones Google and Yahoo rolled out last year. And they aren’t just doing this for fun, promise. They’re doing it because too many senders ignored best practices when they were optional. So, now they’re mandatory. ¯\_(ツ)_/¯ Starting May 5th, if you’re sending more than 5,000 emails a day and not following the rules, Microsoft’s going to start rejecting your mail. Not junking it. Rejecting it. And I wanna be clear here: this isn’t coming out of nowhere. The writing’s been on the wall for a while... and mail has been silently filtered away from the inbox all this time. Now it's just that the rules aren't written in invisible ink! So, what are these rules I speak of? 💌 Authentication (SPF, DKIM, DMARC) Yes, we’re still talkin’ about this… get used to it. Microsoft wants the same setup Google and Yahoo asked for. If your domains aren’t properly authenticated and aligned, your deliverability will suffer. 💌 Valid “From” and “Reply-To” Addresses Microsoft wants to make sure that when someone replies to your message, there’s someone on the other end. No more sending from a “noreply@brand.com” black hole. 💌 One-Click Unsubscribe (RFC 8058) They’re cracking down on bad unsubscribe flows. Make it easy. No weird hoops or loops or “oops, we need 10 days to process your request.” Just a simple unsubscribe option that actually works. If you’re already sending it right (ahem, compliant with Google and Yahoo’s requirements), this is mostly a “cool, cool, carry on” moment. But you’ll need a whole lotta margaritas and tacos to overcome your sorrow if you’ve been dragging your feet. May 5th (ahem, cinco de mayo!) is not the day to find out Microsoft doesn’t play. What happens if you’re not ready? If you need help figuring out where you stand, here are a few fast checks: ✅ SPF, DKIM, and DMARC passing in headers? ✅ “Reply-To” address monitored and functioning? ✅ One-click unsubscribe live and working? ✅ Lists clean and bounce/spam complaint rates under control? If not, now’s the time to fix it. Not next week. Not next quarter. Now. TLDR: if you’re not sending responsibly, you’re not sending at all. Because come Monday — yes, THIS Monday — non-compliant mail will be rejected at the door. No inbox. No spam folder. Just blocked. So, get it together, you (not so) filthy animals! LinkedIn says I’m outta characters, but if you need tool recommendations or a second set of eyes on your setup, I'm happy to help. Reach out, email scout. 💌

Amongst customers and on my network, I’ve seen continued chatter around the new bulk send requirements from Google and Yahoo. As most of you are aware, these new regulations will hit February 1, 2024. Like Outreach CEO Manny Medina said a couple of weeks ago, don't worry - these changes are positive for our industry. These new requirements are actually reinforcing best practices Outreach has been encouraging customers to adopt over the years. And as Outreach’s President of Product and Technology, I’d like to dive into this a bit more.   Last week, Google elaborated on its email sender guidelines and clarified they do not apply to messages sent to Google Workspace accounts. Sender requirements and Google enforcement apply only when sending email to personal Gmail accounts (@gmail.com accounts). We know these new regulations will impact our customers - those sending B2C communications more quickly than B2B - and will work with you to help update your settings to avoid business disruptions when these changes roll out. While these regulations impact personal emails, we can’t be sure it will be this way forever so we recommend organizations adopt our best practices now. How do you get a prospect to read your email? Send better, more relevant emails with personalized content that is targeted at a specific persona. As we've been recommending for years, we advise all of our customers to follow these best practices when sending emails to get more ROI: - Use Persona-based messaging to drive an Account-based selling motion - Limit use of automated email steps in sequences, and vary content when doing so - Limit exposure to unnecessary spam complaints by auditing your contact database to remove personal Gmail accounts and ensure that you are sending to corporate emails for all B2B prospects and customers  And I want to reiterate that we are here to help you through these changes. We want to partner with you to design a more efficient, strategic, organized sales process to unleash seller productivity and ultimately help your organization generate revenue. Our customers always come first - if you have any questions, please reach out, and the Outreach team will be happy to help you. 

Email marketers, it's time to mark your calendars. On February 1st, 2024, Google and Yahoo will require bulk senders to authenticate their emails, make unsubscribing easy, and stay under a spam rate limit. Let's walk through the new standards: ✅ Email Authentication: Senders need DMARC, SPF, and DKIM verification. 🚫 Easy Unsubscription: One-click unsubscribe with a two-day honor period. 🙅 Low User-Reported Spam: Under 0.3% spam rate threshold. These new requirements are a good thing! Less spam in inboxes means your legitimate emails are more likely to be seen. Authenticated emails are also essential for security reasons, making phishing attempts easier to squash. Emails also look more reputable and on-brand from your organization's domain than your technology provider's. (The same guidance applies to URLs.) For nonprofits, these rules take effect after the EOY fundraising season. That said, February 1st will be here before you know it. Here are some steps to take: EMAIL AUTHENTICATION There are two ways to verify if you have DMARC, SPF, and DKIM records in place. 1. Find an email from your organization sent to your personal Gmail address. Click the three dots and select "Show Original." Each record should be marked as "PASS." 2. Use a web tool such as EasyDMARC's domain scanner. Enter each domain you use to send bulk emails, and it will show you whether DMARC, SPF, and DKIM records are in place. If you don't have all three in place, check with your tech provider for a how-to guide. EASY UNSUBSCRIPTION To meet the new "one-click" unsubscribe requirements, emails must include a List-Unsubscribe header. Email services use this to add unsubscribe links directly to their interfaces, so readers don't need to dig through the fine print to find the link. Look for an underlined "Unsubscribe" link in Gmail next to the email sender. In Yahoo's interface, click the three dots next to the spam button and look for an "Unsubscribe" option. Most modern email platforms have this covered, but contact yours if it is not in place. Honoring unsubscribes within two days means ensuring you have your email tool(s) set up correctly to exempt opt-outs. This should be instant, but watch out if you send from multiple platforms. When someone asks to unsubscribe from one tool, make sure their choice is respected in all the others. This is all the more reason to integrate your tech stack and have a centralized system for collecting consent, sending emails, and managing opt-outs. LOW USER-REPORTED SPAM With the right tools, the 0.3% threshold is easy to manage. First off, enable Google's Postmaster Tools to see where you stand. Secondly, make sure you only send to engaged contacts. This will reduce your spam rate and increase your engagement rates. Email deliverability doesn't need to be a mysterious process! Familiarize yourself with the terminology, get your house in order, and commit to better email practices.

🚨𝗢𝘂𝘁𝗹𝗼𝗼𝗸 𝗠𝗲𝘀𝘀𝗮𝗴𝗲𝘀 𝘄𝗶𝗹𝗹 𝗯𝗲 𝗿𝗲𝗷𝗲𝗰𝘁𝗲𝗱 𝗼𝘂𝘁𝗿𝗶𝗴𝗵𝘁 from 𝗠𝗮𝘆 𝟱, 𝟮𝟬𝟮𝟱🚨 ✅ 𝗠𝗮𝗻𝗱𝗮𝘁𝗼𝗿𝘆 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗦𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝘀: 𝗦𝗣𝗙 (𝗦𝗲𝗻𝗱𝗲𝗿 𝗣𝗼𝗹𝗶𝗰𝘆 𝗙𝗿𝗮𝗺𝗲work): Must pass. Your domain's DNS must list all authorized IPs/hosts that can send email. 𝗗𝗞𝗜𝗠 (𝗗𝗼𝗺𝗮𝗶𝗻𝗞𝗲𝘆𝘀 𝗜𝗱𝗲𝗻𝘁𝗶𝗳𝗶𝗲𝗱 𝗠𝗮𝗶𝗹): Must pass. Ensures the email hasn’t been tampered with and confirms authenticity. 𝗗𝗠𝗔𝗥𝗖 (𝗗𝗼𝗺𝗮𝗶𝗻-𝗯𝗮𝘀𝗲𝗱 𝗠𝗲𝘀𝘀𝗮𝗴𝗲 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻, 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴 & 𝗖𝗼𝗻𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲): Must be published with at least p=none. Must align with either SPF or DKIM (ideally both). Helps prevent spoofing and phishing using your domain. ⚠️ 𝗪𝗵𝗮𝘁 𝗛𝗮𝗽𝗽𝗲𝗻𝘀 𝗜𝗳 𝗬𝗼𝘂'𝗿𝗲 𝗡𝗼𝘁 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝘁? 𝗦𝘁𝗮𝗿𝘁𝗶𝗻𝗴 𝗠𝗮𝘆 𝟱, 𝟮𝟬𝟮𝟱: Non-compliant messages will be rejected outright. 𝗥𝗲𝗷𝗲𝗰𝘁𝗶𝗼𝗻 𝗺𝗲𝘀𝘀𝗮𝗴𝗲:  550 5.7.15 Access denied, sending domain [YourDomain] does not meet the required authentication level. 🧼 𝗔𝗱𝗱𝗶𝘁𝗶𝗼𝗻𝗮𝗹 𝗘𝗺𝗮𝗶𝗹 𝗛𝘆𝗴𝗶𝗲𝗻𝗲 𝗕𝗲𝘀𝘁 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲𝘀: Use a valid "From"/"Reply-To" address that can receive mail. Include a clear, functional unsubscribe link in bulk/marketing emails. Keep your lists clean: regularly remove bounced, invalid, or inactive addresses. Avoid misleading headers or deceptive subject lines. Follow consent and privacy rules (e.g., opt-ins). 🔧 If You Use a Third-Party ESP (like Sendgrid, Mailchimp, Salesforce, etc.) You still need to publish SPF/DKIM/DMARC in your own DNS for your domain. Coordinate with your ESP to get the proper DNS records and DKIM selectors. 📌 𝗡𝗲𝘅𝘁 𝗦𝘁𝗲𝗽𝘀 𝗳𝗼𝗿 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 Audit your DNS for SPF, DKIM, and DMARC. Flatten SPF if you exceed 10 DNS lookups. Gradually enforce DMARC: p=none → p=quarantine → p=reject (recommended final state). Internet Service Providers (ISPs) are stepping up — tightening standards, enforcing authentication, and demanding cleaner, more responsible email practices. Gone are the days of sloppy sending and shady headers. It’s not just about deliverability anymore; it’s about digital credibility. Would you like help auditing your current email infra? Ask me.

Updated bulk email requirements by Google and Yahoo. I would imagine Microsoft won’t be far behind. Yahoogle will begin enforcing these requirements beginning in Feb. So only 26 days left to get this done or risk your emails being blocked/denied by Yahoo, AOL, and Google. I’ve color coded the screenshot to make it super easy to know what *you* are responsible for. ‣ RED: Set up your SPF and DKIM Records ‣ ORANGE: Install Google Postmaster Tools and monitor your spam rate. It should be kept under 0.1%. Spam complaints are calculated on a daily basis. If your complaint rate gets close to or over 0.3% - you’re at risk of burning your sending domain/email. ‣ BLUE: Use your own domain - you’ll no longer be able to send from email addresses like tyler@gmail(.)com from your ESP. This is because Google themselves are implementing their own DMARC policy and if you’re sending from a gmail(.)com email address, that will fail Google’s DMARC and none of your emails will be delivered. ‣ PINK: Set up a DMARC policy. Here’s a copy/paste example DMARC Record for you ----- Record Type: TXT Name: _dmarc Value: v=DMARC1; p=none; rua=mailto:email+dmarc@yourdomain(.)com; sp=none; adkim=r; aspf=r ----- ***update that RUA tag to *your* email. I recommend putting the “+dmarc” to make these reports easy to filter since dmarc reports are generated daily. So my email tyler@hypermediamarketing(.)net would look like this tyler+dmarc@hypermediamarketing(.)net. Then in gmail I would create a filter for any emails to the email address “tyler+dmarc@hypermediamarketing(.)net” to go into a dmarc folder. Or there are DMARC monitoring services you can have those reports sent too. Which I would also recommend so you're actively monitoring your DMARC reports. ----- Last, this is something that needs to be done for every software you're using for emailing. If you're using Google Workspace for 1:1 emails - ensure all authentication measures have been set up. If you're using ActiveCampaign, HubSpot, Keap, MailChimp, etc - SPF and DKIM records need to be set up for those *as well as* Google Workspace. If you're using a help desk - SPF and DKIM records need to be set up. Hit me up with questions if you have them! #emailmarketing #emailmarketingtips

The eCom email game is changing in Q1. With Google's new sender requirements going live soon, we're taking a proactive approach. Here’s the checklist we’re following to help our brands be compliant early 2024: ☐ Remove Gmail from your friendly ‘From’ address ☐ Set up a branded sending domain ☐ Set up DMARC authentication with p=none ☐ Align your ‘From’ Address with your branded domain ☐ Make it easy to unsubscribe ☐ Keep spam complaints low ☐ Setting up SPF and DKIM email authentication for your domain ☐ Ensuring your sending domain and IP has valid forward and reverse DNS records ☐ Formatting messages according to the Internet Messaging Format standard These are the changes that ensure our clients' emails land straight in the inbox, without disruptions. Even the most stunning emails and the most enticing offers are worthless if they don't land in front of your audience's eyes. How are you getting ready for the Q1 sender changes? #ecommerce #marketingandadvertising #shopify

Microsoft dropped their new rules today for high-volume senders... They are expected to come into enforcement in just over 30 days. The main update. Any messages for high-volume senders (more than 5K per day) that don't pass SPF, DKIM and DMARC will: a) Get routed through to the junk/spam folder. b) Start to be completely blocked if this isn't resolved. This might ring a bell because Google and Yahoo did something similar in late 2023. So, if you pass DKIM, SPF, and DMARC -- What's the big deal? These guidelines typically signal additional tightening of spam filtering in general, so I wouldn't be surprised if you see deliverability issues start to increase. Some of the recommended guidance from Microsoft includes: 1. Clean your lists: Ideally, on a monthly basis (Allegrow has your back). 2. Clear Unsubscribe Options: Provide visible, functional opt-out mechanisms, especially for marketing emails. 3. Valid Sender Addresses: Use legitimate "From" or "Reply-To" addresses that match your sending domain and can receive responses. Interestingly, Outlook specifically mentioned that they reserve the right to take NEGATIVE ACTION, particularly against senders who breach email hygiene or authentication standards. So, bounces increase the chances of your emails being flagged for filtering + blocking. Outlook has stated this applies to ‘Outlook.com - our consumer service, which is supporting hotmail.com live.com’, probably because of the backlash Google support received when they announced similar policies for workspace users. Although this applies specifically for messages sent to those types of inboxes (at the moment), it does apply to senders FROM ANY email provider or service. The first comment will provide the full post from MS.

Google New Email Rules: What Marketers Need to Know Google new email rules, effective from October 15, 2024, are designed to reduce spam and improve email quality for Gmail users. These rules are particularly aimed at bulk email senders who send emails to 5,000 or more Gmail addresses within a day. Here’s a clearer breakdown: 1. Why the change? To reduce spam, phishing, and low-quality emails that clutter inboxes and often lead to unsubscribing. 2. What's the rule? Bulk email senders must: 📍 Authenticate emails using protocols like SPF (Sender Policy Framework) or DKIM (DomainKeys Identified Mail). This confirms the email is really coming from you and not a scammer. 📍 Keep spam rates below 0.3%, meaning that less than 0.3% of your sent emails should be marked as spam. 📍 Use real sender names in the "From" field, avoiding misleading names or trying to imitate Gmail. 📍 Include an easy, one-click unsubscribe option, and you must process unsubscribe requests within two days. 3. Solution for email marketers? →Ensure your email system is properly set up with authentication protocols. →Send targeted, relevant content to reduce spam complaints. →Be transparent with your sender details and honour unsubscribe requests immediately to maintain trust and comply with the rules. Following these rules will keep your emails from getting blocked or flagged as spam. This change is particularly challenging for marketers because maintaining a low spam rate and processing unsubscribe requests quickly requires careful list management and high-quality content delivery. #Google #email #gmail #EmailMarketing #DigitalMarketing #EmailTrends #GmailUpdates