As of the first of February 2024, the major search engines like Google and Yahoo will introduce new rules for anyone who sends bulk emails to improve mailbox protection against spam, phishing and spoofing.
You can see what this involves and what you need to do to make sure you are compliant below.
The reason for this is Google Gmail and Yahoo will change their email receipt policies, implementing changes to current authentication and spam prevention requirements.
Inboxingpro Users
If you are using Inboxingpro as your email service provider you have nothing to worry about because we have already created best practice requirements and rules to ensure all outbound emails pass the new requirements listed below
If you are not yet a customer here is what you need to be aware of and ensure you have in place to avoid any delivery issues
To verify messages are authenticated, Google and Yahoo performs checks on messages sent to their accounts.
The following records were best practice recommendations, they are now required from February 1st 2024
Use TLS (Transport Layer Security)
TLS prevents unauthorized access to your email when it’s in transit over internet connections. Major providers like Gmail use TLS already but if you are using a custom SMTP you may want to check if they provide this protocol, as your email connection is safe only when both – the sender and the recipient use TLS.
SPF
SPF prevents spammers from sending unauthorized messages that appear to be from your domain. Set up SPF by publishing an SPF record at your domain.
The SPF record for your domain should reference all email senders for your domain. If third-party senders aren't included in your SPF record, messages from these senders are more likely to be marked as spam.
DKIM
Turn on DKIM for the domain that sends your email. Receiving servers use DKIM to verify that the domain owner actually sent the message.
DMARC
DMARC lets you tell receiving servers what to do with messages from your domain that don’t pass SPF or DKIM.
Set up DMARC by publishing a DMARC record for your domain. To pass DMARC authentication, messages must be authenticated by SPF and/or DKIM. The authenticating domain must be the same domain that's in the message From: header.
We recommend you set up DMARC reports so you can monitor email sent from your domain, or what appears to have been sent from your domain. DMARC reports help you identify senders that may be impersonating your domain.
Infrastructure configuration
IP addresses
Your sending IP address must have a PTR record.
PTR records verify that the sending hostname is associated with the sending IP address. Every IP address must map to a hostname in the PTR record.
The hostname specified in the PTR record must have a forward DNS that refers to the sending IP address.
Set up valid reverse DNS records of your sending server IP addresses that point to your domain.
Important: The sending IP address must match the IP address of the hostname specified in the Pointer (PTR) record.
Shared IP addresses
A shared IP address (shared IP) is an IP address used by more than one email sender.
The activity of any senders using a shared IP address affects the reputation of all senders for that shared IP.
A negative reputation can impact your delivery rate.
If you use a shared IP for sending email:
Make sure the shared IP address isn’t on any internet blocklist. Messages sent from IP addresses on a blocklist are more likely to be marked as spam.
If you use an email service provider for your shared IP, use Postmaster Tools to monitor the reputation of the shared IP address.
Subscriptions
Only send email to people who want to get messages from you so they’re less likely to report messages from your domain as spam.
If messages from your domain are frequently reported as spam, future messages from you are more likely to be marked as spam. Over time, spam reports can lower your domain’s reputation. You can monitor your domain’s reputation with Postmaster Tools.
Make it easy to subscribe
To help ensure your recipients are engaged:
Make sure recipients opt in to get messages from you.
Confirm each recipient's email address before subscribing them.
Periodically send messages to confirm that recipients want to stay subscribed.
Consider unsubscribing recipients who don’t open or read your messages.
Make it easy to unsubscribe
Always give your recipients an easy way to unsubscribe from your messages.
Letting people opt out of your messages can improve open rates, click-through rates, and sending efficiency.
One-click unsubscribe makes it easy for people to opt out. If you send more than 5,000 message per day, your marketing and subscribed messages must support one-click unsubscribe.
Max Spam Rate 0.03%
This is a major issue now we all need to focus on and unless we maintain our spam rate in Google Postmaster tools at 0.03 % or lower, we run the risk of hitting the spam box.
Check for spam using a spam checker tool.
Cleaning your list on a regular a regular basis to remove inactive subscribers and providing a 1 click unsubscribe link is a minimum requirement to do as much as possible to keep within the new rules.
Using a spam monitoring tool to check each new campaign before you send it is highly recommended so you can check the title, content and structure of your delivery server and domain before you hit send and you then have a second chance to correct any issues that are flagged
We include a free spam checker tool in our service and we highly recommend using this or if you use a different service, look for a 3rd party service to ensure your campaigns pass the spam tests before you send
What are the consequences of breaking the rules?
Gmail has long prioritized user safety. Their AI defences stop over 99.9% of spam, phishing, and malware, blocking close to 15 billion unwanted emails daily, as reported by Google. To the new rules, Gmail also reveals the consequences:
Follow these guidelines to help ensure messages are delivered to Gmail accounts as expected, and to help prevent Gmail from limiting sending rates, blocking messages, or marking messages as spam.
Might we get our businesses into trouble for not adhering to the rules?
If you do not meet the minimum authentication requirements (that is SPF and DKIM) your emails will most likely be marked as spam, blocked by Gmail, or rejected with a 550 5.7.26 error.
If emails from your domain are frequently marked as spam, every other email you send is more likely to face the same fate.
Ongoing spam reports lower your domain’s reputation, negatively impact your inbox delivery, and prevent you from raising delivery issues to Gmail in the future.
If you are Inboxingpro customer, nothing to worry about because our service already complies with the new requirements due to come into force on 1st February, if you would like to use our email marketing service, please click here for more details