Google has been notifying us that they will be rolling out an email update. I’ve been doing some research and want to fill you in on what you need to do to be compliant.
DKIM (Domain Keys Identified Mails) allows email recipients to verify that the domain owner sent the email and that the email has not been modified while in transit. We digitally sign our emails with a private key.
SPF (Sender Policy Framework) allows us to specify which servers can send email on behalf of our domain.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is another email authentication protocol that uses SPF and DKIM to validate the sender of the email. It assists the different mail systems in deciding what to do with messages sent from our domain that fail SPF or DKIM checks.
We will need to ensure easy unsubscription. Subscribers need the option to unsubscribe by clicking only one link. Reputable email service providers mandate that emails contain a method to unsubscribe.
We need to ensure we’re sending wanted email. Nothing new here. Make sure your subscribers are opt’ing into your email list because they have chosen to become part of your community. We are being required to keep our spam complaint rate under 0.3%.
You maybe wondering whether your existing tech skills can get you though this update. Email authentication can be techie, maybe a little confusing, but it’s necessary. Authenticating your email requires you to make changes to your DNS (Domain Name Server) records. DNS is scary at first but with the right guidance and tech knowledge, you can get it done.
Next, you’ll wonder whether you fall into the category of being a bulk sender. Whether you are or aren’t, it is recommended that you comply with the latest requirements for enhanced deliverability and engagement.
Understanding Why Google and Yahoo are Making these Changes
Ensuring you’ve met those three requirements are what needs to be done. We’ll talk about the how a little later. Let’s discuss the why now. The concept of authenticating emails has always been a recommended best practice. Not authenticating your email makes it easy for bad actors to impersonate domains and send out illegitimate emails on behalf of our business (domain).
So, to protect our subscribers from spam and unwanted emails Google and Yahoo have taken a stand. They are implementing new guidelines for bulk email senders next month (Feb 2024) to protect against spam, fraud and phishing. While they’re protecting us, the intent is to improve email deliverability.
Like I stated before this has always been best practice, but now it is a mandate. The best chance our email has to make it to the subscribers inbox is to comply. Notice I used the words “best chance”. Even after you have setup and configured the DKIM, SPF and DMARC authentication, there are additional elements that we’ll need to monitor to increase the chances that our email will land in the subscribers inbox and not their junk/spam folder.
How to Ensure Compliance with the New Requirements
First, decide if you are going to ignore the new requirements. The requirements are for bulk senders. Bulk senders are those of us who send close to 5,000 or more messages to personal Gmail accounts within a 24-hour period. Messages sent from the same primary domain count toward the 5,000 limit. That’s the textbook definition from Google.
Senders who meet this requirement at least once are permanently considered bulk senders. Is that you? Have you sent 5,000 messages from the same primary domain at least once? If the answer is yes then you should comply. If the answer is no, you should still comply.
You never know when the rules may change. You, could all of a sudden hit the bulk sender threshold. Plus its good practice because Google and Yahoo have added new policies that apply to all senders.
Action Steps to Get Compliant
Providing a guide to show how to setup SPF & DKIM would be an exhaustive task. Each email service provider has their own unique interface on how to install and configure the SPF & DKIM records. I have included instructions for a few of them below.
- Identify. Determine what email providers are being used to send email for your domain. Now that you know the domain, use a domain checker to see how your domain stacks up with the new guidelines.
- Set up SPF. You will need to add a text record to your DNS records. Pro Tip: There will be only one SPF record, even if you have multiple email providers sending email for your domain. SPF helps to identify the mail servers that are allowed to send email for your domain.
- Set up DKIM. DKIM uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain.
- Set up DMARC. You will need to create your DMARC record and then add the text record to your DNS records. This one gets techie. Here is a site that will generate your DMARC record.
- Verify. Revisit the domain checker and verify that your records have been input correctly.
- Use a List-Unsubscribe Header. This is usually handled by your email service provider. Here is a great article from SendGrid that explains the what exactly is a list-unsubscribe header.
- Include an Unsubscribe Link. This is an opportunity to honoor an individuals desire to unsubscribe. Do it in as few clicks as possible (Google recommends 1-click) and don’t hide it in the small print.
To avoid spam complaints, keep a visible unsubscribe link in each of your email templates so that your subscribers have a quick and easy way to get off your list. You need to process unsubscribe requests within 2 days and send no further emails. This helps to avoid SPAM complaints.
Low Spam Complaint Rate
The spam complaint rate formula takes a look ate the number of recipients reporting your email as spam compared to how many emails were delivered. With users having the ability to mark incoming messages as spam, this one is out of our control.
Best recommendations are to find a sending rhythm that resonates with your audience, personalize your emails, make them more engaging and make the unsubscribe process easy. Providing value helps keep users from reporting email as spam.
Once you complete the steps for each of your domains, you should not have to make any changes unless you modify your email service provider(s) or there is another update, so breathe easy.
You still need to monitor what is happening with your email. So its probably a good idea to pull out your website maintenance checklist and add “Review Email Deliverability” to the never ending list of things to do.
Email Service Provider Instructions
What Happens if I Don’t Comply
Well you already know the answer. It depends. If you’re not a bulk sender and you’re sending targeted emails to individuals who want to engage with you and your content, you’re probably safe.
However, if you do not keep your spam complaints within a tolerable level, even though you are not a bulk sender, you’ll risk getting flagged as being non-compliant.
If you are a bulk sender, you are required to comply with the new guidelines or you risk getting on the bad side of Google, not recommended. Non-compliant emails are subject to rejection or they could end up in the spam folder.
Monitoring Your Email Reputation
Monitoring Your Email Reputation After you have completed all of these steps, you’ll want to keep an eye on how your doing. Google Postmaster Tools is an awesome resource that allows senders to troubleshoot deliverability hiccups. Learn how to get started with Google Postmaster.
The tools deliver essential insights into important metrics that can identify problems within your email program. Your able to monitor your Spam rate, IP reputation, domain reputation, authentication, encryption and email delivery errors.
Google Postmaster will only show data for your domain if it is able to detect that you are sending emails. Key here is email consistently to build a good sending reputation.
Are you looking for tech support to get compliant. If your struggling to figure it out or just not in the technical mood to do-it-yourself, check out my Email Authentication Setup powerup.