Gmail and Yahoo Release New Requirements for Bulk Senders |

Gmail and Yahoo Release New Requirements for Bulk Senders

Gmail מציבה למדוורים דרישות חדשות

Gmail and Yahoo will implement updated requirements for bulk email senders in February 2024. Is your email platform ready?

תוכן עניינים

האזנה לפודקאסט

Gmail and Yahoo have partnered to improve inbox security and reduce spam.

These email providers look forward to working with the email community to set a new industry standard. That’s what Google’s Neil Kumaran and Yahoo’s Marcel Becker said in a joint statement.

Gmail’s AI-based protections stop over 99.9% of spam, phishing, and malware from reaching users’ inboxes. It prevents around 15 billion unwanted emails daily.

Until a year ago, Google allowed marketers to send unverified emails to Gmail subscribers, even if they were from ESPs (email marketing platforms) and using a free domain, such as

Email providers like Gmail and Yahoo are introducing new requirements for marketers to combat increasingly complex threats and challenges.

Starting in February 2024, Gmail and Yahoo will have stricter requirements for marketers who send a large volume of emails.

The requirements ask marketers to verify their emails using SPF or DKIM, allow easy unsubscription, and stay between 0.1% to 0.3% of spam reports by users (lower than 0.3% and aim for 0.1% spam reports on Google Postmasters Tools).

sender will also need to deploy a DMARC policy, even if it p=none. 

Prioritizing verified domains

Marketers are already familiar with the new requirements for Gmail and Yahoo. There will be strict adherence to these requirements from now on, and that’s what’s new.

According to Google, many email senders send bulk emails without correctly securing and configuring their systems, making it simple for marketers to impersonate others and hide their identities. To address this issue, Google and Yahoo will prioritize email security to authenticate senders’ identities.

האזנה לפודקאסט

Although it may seem simple and obvious, verifying the source of the email is challenging due to outdated and inconsistent online systems. Google implemented a policy last year that mandates authentication for emails sent to Gmail addresses. At least in SPF or DKIM, it is verified.

Google’s move led to a 75% decrease in unverified messages received by Gmail users, effectively blocking billions of malicious messages and cleaning up subscribers’ inboxes. Google acknowledges this as a significant breakthrough, and its upcoming plan, starting in February 2024, aims to create a safer email inbox by implementing new requirements for marketers sending large volumes.

Google will set a DMARC p=quarantine policy for its domains, and, which will no longer allow emails from private email addresses.

Additionally, marketeers forwarding messages must add ARC headers. The Authenticated Received Chain (ARC) protocol is an email verification standard used to guarantee successful delivery of forwarded messages to the final recipient.

ARC decreases the likelihood of forwarded messages failing email verification. Occasionally, messaging has the potential to alter the substance of the forwarded message. If the content of a forwarded message is altered, it can cause SPF or DKIM validation to fail on the recipient’s end. ARC help safeguard against authentication failure.

These are Gmail’s requirements for bulk senders–everyone who sends over 5,000 emails a day to addresses:

Domain verification:

Google mandates that marketeers who send substantial volumes must verify their emails following established best practices. According to Google, this measure aims to close loopholes used by attackers who threaten email users.

The SPF protocol ride above of SMTP and lets you specify trusted sources for email sending at the domain level, including IP addresses, domains, records, third-party addresses, and networks.

See more about the SPF protocol

The DKIM (DomainKeys Identified Mail) protocol establishes the domains accountable for email signing, such as personal domains or mailing system domains. Because of the association of a DKIM record with a domain, it becomes linked to the reputation of that domain. This is the reason it is beneficial for senders to use their domains to establish, enhance, and uphold domain reputation rather than depending on domain verification from the email platform (ESP).

The record serves the purpose of verifying a domain and acting as a security measure to guarantee the integrity of an email message during its transmission from the sender to the receiver.

See more on the DKIM protocol

DMARC, also known as Domain-based Message Authentication, Reporting & Conformance, does not serve as a protocol for domain verification. It serves a crucial function in safeguarding domains and brands, as well as identifying email infrastructures that send messages under a domain name, and verifying SPF and DKIM authentication for each sending source.

A threshold requirement would be to include a DMARC policy for the domain even if it is none. My recommendation is to implement DMARC using a DMARC management and monitoring tool.

Learn more about the DMARC protocol.

Easy Unsubscription option:

Gmail now allows recipients to easily stop receiving emails from a sender hassle-free. It can be made simple with just one click. That’s why Google now requires bulk senders to give Gmail recipients the ability to unsubscribe from a commercial email with a single click, and process unsubscribe requests within two days.

Make sure you send wanted emails:

Before the change, Gmail had many tools to stop unwanted messages. Google will set a low spam reporting threshold to protect Gmail recipients from unwanted messages.

easy unsubscribe

Major mailbox providers’ collaboration

Gmail and Yahoo, two leading email providers, have collaborated to raise industry standards and invite other email providers to join them. Their goal is to ensure that all email users, regardless of their provider, have a safe experience. They will implement these new requirements in February 2024; many senders already meet most of them. However, those who are unprepared have a responsibility to improve their systems and will be given time to do so before enforcement begins. The announcement emphasizes these actions are necessary for email providers to offer their subscribers a clean and secure inbox and highlights the role of marketers in contributing to this effort.

Podcast interviews with international email marketing experts

go to my new podcast for English only interviews.
רוצה להתייעץ איתי לגבי שיפור האימייל מרקטינג או עבירוּת המיילים שלך? אני מזמין אותך לפגישת ייעוץ ראשונית של 1/2 שעה, ללא עלות. book a 1/2 email deliverability discovery call.

Further reading

New requirements frommarketeers –Google’s announcement

New requirements frommarketeers –Yahoo’s announcement

Detailed explanation onthe wordtothewise blog

ARC protocol

אודות הכותב

סלע יֹפֶה

מלווה חברות, עסקים, סטרטאפים ומערכות דיוור בארץ ובעולם בנושא עבירוּת אימיילים (email deliverability) ואסטרטגיית אימייל מרקטינג כדי שאימיילים שעסקים שולחים יגיעו ל-Inbox ולא אל ה-Spam.

יוצר הבלוג והפודקאסט

Skip to content