Google & Yahoo Set New DMARC Requirements for Email Deliverability

In an effort to combat fraudulent and unsolicited messages from cluttering up users’ inboxes, major mail platform providers like Google and Yahoo are implementing email authentication measures to do a better job of blocking those types of messages. The requirements, however, are impactful to any businesses that send transactional or marketing messages to @gmail.com or @yahoo.com recipients.

Beginning February of this year, Google will require email authentication to be in place when sending messages to Gmail accounts.

Per Google, the requirements for all mail sent to Gmail accounts are:

• Set up SPF or DKIM email authentication for your domain.
• Ensure that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records. Learn more
• Use a TLS connection for transmitting email. For steps to set up TLS in Google Workspace, visit Require a secure connection for email.
• Keep spam rates reported in Postmaster Tools below 0.10% and avoid ever reaching a spam rate of 0.30% or higher. Learn more about spam rates.
• Format messages according to the Internet Message Format standard (RFC 5322).
• Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail From: headers might impact your email delivery.
• If you regularly forward email, including using mailing lists or inbound gateways, add ARC headers to outgoing email. ARC headers indicate the message was forwarded and identify you as the forwarder. Mailing list senders should also add a List-id: header, which specifies the mailing list, to outgoing messages.

If you send bulk messages in excess of 5,000 emails per day, Google’s requirements are even more complicated:

• Set up SPF and DKIM email authentication for your domain.
• Ensure that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records. Learn more
• Use a TLS connection for transmitting email. For steps to set up TLS in Google Workspace, visit Require a secure connection for email.
• Keep spam rates reported in Postmaster Tools below 0.10% and avoid ever reaching a spam rate of 0.30% or higher. Learn more about spam rates.
• Format messages according to the Internet Message Format standard (RFC 5322).
• Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail From: headers might impact your email delivery.
• If you regularly forward email, including using mailing lists or inbound gateways, add ARC headers to outgoing email. ARC headers indicate the message was forwarded and identify you as the forwarder. Mailing list senders should also add a List-id: header, which specifies the mailing list, to outgoing messages.
• Set up DMARC email authentication for your sending domain. Your DMARC enforcement policy can be set to none. Learn more
• For direct mail, the domain in the sender's From: header must be aligned with either the SPF domain or the DKIM domain. This is required to pass DMARC alignment.
• Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body. Learn more

You can access Google’s detailed Email Sender Guidelines here.

What Does That All Mean?

Simplified, all businesses sending emails to Google or Yahoo addresses need to adhere to three primary things:

• Set up SPF, DKIM and DMARC for their sending domains (more on that below)
• Ensure unsubscribing is an easy, one-click process
• Remain under the Spam threshold of 0.3%

What are SPF, DKIM and DMARC?

Send Policy Framework (SPF) records are a type of DNS record that includes a list of all IP addresses/servers authorized to send email from a particular domain. E-dreamz uses the SendGrid mailing service to send all transactional messages through our ECHO by E-dreamz website platform, which means those SendGrid IPs will need to be added to your SPF record(s) on your DNS

DKIM stands for “DomainKeys Identified Mail”. These records store the public key the receiving mail server will use to verify a message’s signature.

Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication standard that provides domain-level protection of the email channel to detect and prevent email spoofing techniques.

How Do You Meet These Requirements?

Businesses with internal IT teams that already manage their email networks likely have these requirements in place or would be able to implement them readily.

Businesses that do not have internal IT resources may struggle to understand the details of these requirements and how to put them in place.

E-dreamz provides technical consultation support of this type to all of our Active level (or above) retainer clients. For those Active clients, we’ll connect with you to verify you meet these new requirements and/or work with you to help you implement the necessary DNS changes.

For any non-retainer clients who would like E-dreamz’s support in meeting these requirements, we can work with you on an ad hoc basis through our help desk. If you do not already have the appropriate DMARC in place, contact us today to schedule a time to talk with our engineering consultants.