On October 03, 2023, Google announced their new authentication requirements for bulk senders (those who send more than 5,000 messages to Gmail addresses in one day) to keep the customer’s inbox even more safe and spam-free. This means that your messages will continue to land in inboxes, while spam emails will never even make it in.
The (new) requirements for bulk senders are:
- E-mail authentication: Authenticate yourself by using well-established best practices like SPF, DKIM and DMARC (see below).
- Easy unsubscription: Implement a one-click, user-friendly unsubscription process for commercial emails. These requests should be processed in two days. This method called List header Unsubscribe.
- Ensure you are sending wanted e-mails: Maintain a spam rate below the threshold of 0.3% to ensure that the mails are delivered in the customer’s inbox.
What does this mean exactly?
E-mail authentication
Starting February 2024. All bulk senders must have SPF, DKIM and DMARC:
- SPF (Sender policy framework) is an authentication method that checks whether the sending service is an authorized sender .
- DKIM (domain keys identified mail) is a method that detects forged sender domains by creating digital fingerprints that can be verified.
- DMARC (domain-based message authentication, reporting and conformance) extends SFP and DKIM by allowing the administrative owner of a domain to publish policies that protect their domain from email spoofing.
If you are unsure how to configure your policies, you can speak with your IT team. This set up is on the company’s domain name system (DNS), which is normally managed by IT. You can also reach out to your Merkle servicemanager for additional support.
Easy unsubscription
All bulk senders must adhere to specific one-click unsubscribe protocols. Which includes adding a specific one-click unsubscribe button in the e-mail headers.
This explicit code needs to be included in the e-mail. The header code allows the inbox provider to incorporate unsubscribe functionality into their inbox application. Note that almost all e-mail tools are implementing it automatically for you. Though, it is important to double check with your e-mail tool provider.
The CAN-SPAM mandate allows senders a ten-day grace period to process op-outs. The new requirement says that senders must process, and honor unsubscribe requests within two days. When using multiple systems (platforms, tools, vendors), the two-day unsubscribe might introduce complexities.
Ensure you are sending wanted e-mails
According to Google (and Yahoo), all bulk email senders must stay below a spam rate of 0.3% to be delivered to inboxes. If you are close to or above 0.3% it is time to see how you can improve your deliverability. We’ve got you covered! Merkle can assist with that to lower the spamrate to ensure the e-mails will make it to the inbox.
What do you need to do?
First, start to understand your company’s current email authentication to see if you adhere to the standards Google has outlined. These requirements are not new but are going to be mandatory. So, a double check is important.
After that:
- Set up SPF, DKIM email authentication for your domain(s) if not done already.
- Set up the DMARC email authentication.
You can expect that SPF and DKIM are already in place. But where DMARC was an option, it now will be required. What is good to know is that DMARC is also needed for BIMI.
BIMI is an emerging standard that gives brands the ability to display their official logo next to their emails in recipients' inboxes. It's a powerful way to increase your brand's recognition and build trust with your recipients. If you want to know about this, please contact your service manager.
- Implement the List unsubscribe header if not done already by the email-tool.
- Check your current spam rate and optimize where needed.
- The following links might help you getting started. And feel free to reach out to one of us if you need more information!
Sources
- Google announcement https://blog.google/products/gmail/gmail-security-authentication-spam-protection/
General safety information https://safety.google/gmail/
Email sender guidelines https://support.google.com/mail/answer/81126