Google and Yahoo are getting serious: for senders who send more than 5,000 emails per day, stricter requirements regarding the authentication of messages will apply starting February 2024. In order to further reduce the amount of spam in inboxes, the providers are making standards such as SPF, DKIM and even DMARC mandatory for their free email services.
So, especially for companies that send large volumes of emails to end customers via business applications, there is an urgent need for action. Below we have compiled a summary of what exactly you need to bear in mind.
Which authentication changes you should make immediately
To ensure proper authentication, you should make the following changes to the DNS entry for your domains:
SPF (Sender Policy Framework) is a type of DNS TXT record that allows senders to specify which IP addresses are authorized to send email on behalf of a particular domain, for example
v=spf1 ip4:22.214.171.124 ip4:126.96.36.199 include:thirdparty.com -all
This indicates that a recipient should only accept emails from a domain that either originates from IP address 188.8.131.52 or 184.108.40.206 or from an IP address that belongs to the DNS record of “thirdparty.com”.
DKIM is a process to validate sending domain names associated to email messages through cryptographic authentication. It achieves this by inserting a digital signature into the message header which is then verified by the receiving host to validate the authenticity of the sending domain. There are plenty of website that can help you create DKIM DNS header, for example socketlabs.com
DMARC is an open email authentication protocol that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC), and other email-based attacks.
In addition to SPF and DKIM, DMARC is also a technology being used to make the header “from” domain trustworthy. The domain owner publishes a DMARC record in the DNS to tell receivers what to do with emails that fail authentication.
v=DMARC1; p=quarantine; rua=mailto:firstname.lastname@example.org; ruf=mailto:email@example.com; fo=1
If you are new to DMARC then you might initially consider setting p=none
“List Unsubscribe” mandatory from June 1
In addition to proper authentication, there are a number of other requirements to consider in order to optimize the delivery rates of your messages. For instance, from June 1st, Gmail will also require a simple, integrated “List Unsubscribe” function.
Also ensure your spam complaint rate at Gmail is less than 0.3% at all times. This means a maximum of three complaints per 1,000 emails, a figure that is quickly reached.
You should therefore…
- continue to consistently avoid sending emails to people without permission and buying emails from dubious email databases
- include a clearly visible unsubscribe link in every email and/or support the list unsubscribe function (see also above)
- immediately remove recipients who have objected to receiving emails from your mailing lists and not contact them again
What other steps can you take to improve email deliverability?
Maintain your mailing lists.
Google have introduced a new policy where inactive mailboxes will be deleted, so it is important that you filter out subscribers who haven’t engaged with your emails in more than six months. If it’s been years since someone last clicked on your emails then consider removing them immediately. Features such as the “Suppresion List” help you in this endeavor.
Support the use of BIMI standards and VMC certificates.
BIMI or ‘Brand Indicators for Message Identification’ is an open system used by businesses to check an email’s authenticity. It works in a similar way to the other DNS based authentication methods where meta-data is stored in a specific DNS record. This meta data contains a Verified Mark Certificate (VMC) which can be obtained from certificate authorities such as Entrust and Digicert which the mail client can validate.
From a senders perspective, it improves the chances of being delivered and it also displays your defined logo as the sender of the message enhancing brand recognition in a potentially cluttered mailbox.
Compliance with RFC5322
Make sure that your messages are formatted correctly and comply with the RFC5322 standard so that they are not rejected by the mail systems.
All of the requirements mentioned are of course fully supported when sending via Retarus Transactional Email. We have compiled more information about these and other measures for the “reputation” of your domains and messages in this whitepaper. For more on the topic of “Deliverability”, continue reading here. Thanks to their many years of experience, Retarus’ email experts can also support you from onboarding to the ongoing optimization of your email jobs. If you would like to learn more about your potential for optimizing the email communication channel, feel free to contact us at any time.