Navigating Google and Yahoo’s Latest Email Deliverability Policies

This year is proving to be a massive year of change for the marketing profession. With a variety of elements at play, which include GenAI, changing consumer behaviors, and the ever increasing updates to privacy regulations, to name but a few of this year’s challenges. It’s no wonder that many marketers are feeling a little overwhelmed.

To help you navigate one of the compliance updates that is being rolled out this year, this article is focused on helping you to understand the implications of the new Google and Yahoo guidelines. Effective February 1st 2024, Google and Yahoo are introducing new guidelines for Bulk Senders (defined as those who send more than 5,000 messages to Gmail / Yahoo email addresses in a single day). As part of this rollout, Google has also announced updated Gmail Sender Guidelines applicable to all, not just Bulk Senders. 

The goal of these updated policies is to reduce spam and as a result, improve the user experience and protect the security and privacy of their customers. 

To ensure your company is compliant across all sender regulations, we’ve put together an updated Gmail Policy Overview. Our goal is to help you learn to embrace these changes, to continue to drive email engagement, while also strengthening the relationship you have with your customers.

Bulk Sender Requirements

Effective February 2024, Gmail and Yahoo will require that bulk senders:

Requirement #1: Email Authentication & Alignment (SPF, DKIM & DMARC)

Google’s new requirements emphasize email authentication as a key focus area. According to Google’s findings, many bulk senders have inadequately secured and configured their systems, leaving domains vulnerable to exploitation by attackers for spoofing and phishing purposes. The Email Authentication & Alignment requirement comprises three essential components:

• Fully authenticated SPF & DKIM: These authentication methods enhance domain security and ensure that messages from your domain are delivered reliably.
• Properly configured DMARC policy: Google recommends initially setting the DMARC policy to p=none. Over time, as you gain insights into how messages from your domain are authenticated by receiving servers, Google suggests updating the DMARC enforcement policy to p=quarantine.
• DMARC alignment: DMARC evaluates messages based on the alignment between the message’s “From:” header and the sending domain specified by SPF or DKIM. This alignment determines whether the message passes or fails DMARC checks.

These authentication requirements aim to mitigate loopholes exploited by attackers, safeguarding all users of email services.

Requirement #2: Enable 1-Click Unsubscribe

Google and Yahoo have mandated that all Bulk Senders incorporate a simple, one-click unsubscribe option in their marketing emails, ensuring recipients can easily opt out of receiving further communications. Additionally, senders must prominently an unsubscribe link within the email body and promptly process unsubscribe requests. These requirements aim to empower recipients to manage their email preferences effectively, thereby improving the overall user experience. By basing these mandates on open standards such as XML, SQL, and HTML, these changes benefit all email users once implemented by senders. 

Requirement #3: Maintain a Spam Rate Under 0.30%

Moving forward ensuring the delivery of quality content to engaged recipients will be paramount. Google has announced penalties for senders with a spam rate exceeding 0.3%, aiming to prevent recipients from being inundated with unwanted messages. Google has clarified that such penalties may restrict access to remediation measures, potentially leading to emails being blacklisted. Your spam rate is typically determined by the percentage of emails flagged as spam or unwanted relative to the total email volume. It’s crucial to closely monitor User Reported Spam, with Google Postmaster Tools offering a free solution for domain monitoring once configured. This pioneering initiative in the industry promises to further diminish spam in

Additional Sender Guidelines

The following guidelines, issued by Yahoo and Google for Bulk Senders, are crucial to adhere to. Failure to comply with these guidelines may result in adverse impacts on Email Delivery Rates, Sender Reputation, and User Reported Spam.

• Ensure that your sending domains or IPs have valid forward and reverse DNS records, also known as PTR records. 
• Use a TLS (Transport Layer Security) connection for transmitting emails. 
• If you regularly forward emails, whether through mailing lists or inbound gateways, it’s essential to add ARC (Authenticated Received Chain) headers to outgoing emails. ARC headers indicate that the message was forwarded and identify you as the forwarder.
• Format your messages according to the Internet Message Format standard (RFC 5322), ensuring compliance with industry standards for email formatting and structure.

Failure to Meet Requirement Penalties  

Google announced that in April 2024, they’ll start rejecting a percentage of non-compliant email traffic, and gradually increase that sender’s rejection rate. For example, if 75% of a sender’s traffic meets Google’s requirements, they’ll start rejecting a percentage of the remaining 25% of traffic that isn’t compliant. This will look like an increase in hard bounces and could have significant impacts to the sender’s reputation. 

FAQs

Does this impact Transactional emails? 

Google’s Policy currently states this is only applicable to marketing messages and subscribed messages. 

What does one click unsubscribe mean?

One click unsubscribe means users click once and are immediately unsubscribed, with no extra confirmation necessary. It is recommended to also include a clearly visible unsubscribe link in the body of the email.  

How can I set up one click unsubscribe? 

To set up one-click unsubscribe, include both of these headers in outgoing messages:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Unsubscribe: <https://solarmora.com/unsubscribe/example>

When a recipient unsubscribes using one-click, you receive this POST request:

“POST /unsubscribe/example HTTP/1.1
Host: solarmora.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 26
List-Unsubscribe=One-Click”

What can companies do in preparation for the Policy updates?

Implement Sender Guidelines or Bulk Sender Guidelines based on your send volume, validate that SPF, DKIM, and DMARC have been configured properly, and monitor User Reported Spam Rates on GPT. 

How else can I improve my overall email deliverability? 

Implementing BIMI can help combat email phishing and can help senders strengthen their brand identity and build trust with customers. The adoption of BIMI depends on email providers and organizations implementing and supporting the standard. 

What are the most common error messages associated with Gmail?

• 421, “4.7.0”: Messages are rejected because the sending server’s IP address is not on the allowed list for the recipient’s domain.
• 550, “5.7.1”: Messages are rejected because the sending server’s IP address is on an IP suspended list. You might get this error if you’re sending mail using a shared IP with a poor reputation.

What is considered problematic User Reported Spam?

User Reported Spam above 0.10% is considered problematic and the source of the spikes should be addressed immediately. It’s recommended to never let your User Reported Spam reach 0.30%. Maintaining a low spam rate makes senders more resilient to occasional spikes in user feedback. Similarly, maintaining a high spam rate will lead to increased spam classification. It can take time for improvements in spam rate to reflect positively on spam classification.

Where can I find additional details about these requirements & guidelines?

• Yahoo Support: https://senders.yahooinc.com/faqs/
• Google Support: https://support.google.com/a/answer/14229414?hl=en

If you’re experiencing issues with your deliverability or navigating these new privacy updates, talk to SH/FT and we’ll ensure you’re getting in the inbox, and staying in the inbox.