Google and Yahoo's 2024 email authentication requirements: A new era of security

Google and Yahoo's 2024 email authentication requirements: A new era of security

Greeting of the new year!


Starting February 2024, Gmail and Yahoo Mail are rolling out stringent email authentication requirements to combat malicious messages, reduce inbox clutter, thwart phishing attacks, diminish spam, and bolster data security.

Here are the basic protocols all email senders are required to follow:

 

Implement email authentication

Implement SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) protocols to prevent domain spoofing, a tactic often exploited by cybercriminals. SPF is a framework that allows email administrators to specify which mail servers are authorized to send emails on behalf of a particular domain.

DKIM adds a digital signature to an email message, ensuring that it has not been tampered with during transit. Both SPF and DKIM help make sure emails are genuine and haven't been tampered with, which is important for email security and trust.  

Maintain  low spam rates   

Google mandates the senders to maintain a spam rate below 0.3% (as measured by Google's postmaster tools) to ensure that your emails don't get flagged as unwanted or fraudulent. While Yahoo hasn't explicitly suggested a number, 0.3% is a safe bet to avoid getting flagged.

READ - Staying out of trouble in 2024: A look at email marketing laws and compliance 

You can ensure low spam rates by following basic steps like enabling double opt-in, verifying email lists, and cleaning up old/inactive email addresses, among others.

At Zoho Campaigns, we already have a spam threshold of 0.1%, which adheres to the new guidelines Google and Yahoo are establishing.

 For high-volume senders (> 5,000 messages/day)  

In addition to implementing SPF and DKIM, high volume senders are required to implement to DMARC policy and conform to DMARC alignment.

  • DMARC policy

Implement DMARC (Domain-based Message Authentication, Reporting, and Conformance) to provide domain-level protection against email spoofing techniques used in phishing and other attacks. DMARC builds upon SPF and DKIM and allows businesses to publish policies that provide instructions to mailbox providers' recipient servers on how to handle unauthenticated emails sent from their domain.

  • DMARC alignment 

Ensure that messages pass DMARC alignment, which checks whether the sending domain's authentication methods (SPF and DKIM) align with the domains used in the email headers. This is the Return-Path value within email headers.

SPF, DKIM, and DMARC are already handled within in order to send email campaigns in Zoho Campaigns.

  •  One-click unsubscribe    

Google suggests implementing a convenient one-click unsubscription feature for users. This single-click process is aimed at allowing Gmail recipients to easily unsubscribe from emails sent by large senders. Additionally, Google recommends that senders promptly process unsubscription requests within a two-day timeframe.

 


Zoho Campaigns and Zoho Marketing Automation are already in compliance with this recommendation. In our system, we include a one-click unsubscribe link in the header of every email. Users can effortlessly click on the unsubscribe link located next to the sender's address to unsubscribe from the organization promptly. In addition to that, the user can also place the unsubscribe link in the email content.

 

Gmail address as from address

This pertains to cases when the sender's email address for emails sent from Zoho Campaigns is a Gmail address.

What is the change?
Gmail will begin using a DMARC quarantine enforcement policy. DMARC allows domain owners to specify policies that instruct receiving email servers on how to handle messages that fail DMARC authentication.

What is the Impact?
This implies that emails sent with "gmail.com" as the sender (or from) domain will be quarantined by the recipient servers.

To prevent delivery issues and potential IP reputation damage, emails with a sender domain of "gmail.com" will not be triggered from Zoho Campaigns after February 1.

Please be aware that this limitation is specific to when gmail.com and googlemail.com is the sender domain. If you have a custom domain, such as zylker.com, hosted on Google Mailbox, then it will not be impacted by the new sender email limitation.

What is the resolution?
To resolve this situation, we encourage users to use their authorized business domain address as sender address, not a gmail address. In case you don't own a domain, you can purchase one from Zoho domains.


  • If you have created any email campaign using the Gmail address as the sender address, you'll not be able to send campaigns.

  • Scheduled campaign will be moved to the draft state after Feb 1

  • Campaigns that are in Draft state cannot be sent until the sender address is changed to a business specific email address.

  • W.r.t Workflows, we will not stop any workflows. We recommend users edit and change the sender address in case if you have used gmail address.

 

 What happens if you miss the deadline? 

Your emails may not be delivered to Gmail and Yahoo accounts. This in turn will impact your business, your ability to communicate with customers, and potentially affect customer engagement. We, at Zoho Campaigns, are already aligned with the new guidelines to ensure a seamless experience for our users. If you have any questions or concerns regarding these changes, please reach out to our support team at support@zohocampaigns.com.

 



      • Sticky Posts

      • Tip of the week 03 - Sending emails in batches

        Today's marketers not only want their email marketing to be efficient, but also smart. For an email campaign, you may think you have all the essential elements for lead conversion—a big mailing list, an attractive template design, and the most-engaging message content, but after hitting the ‘send’ button, you may not get the expected conversions. Wondering why? Here’s one of the major reasons. Many marketers miss out on sending the email campaign the right way. Did you know that you should not be
      • Zoho Campaigns Expert Diaries on SoundCloud, Spotify, Apple Podcasts, and YouTube

        Hi email champs,  As email marketers, we find great lessons in each other's works—be it the subject lines that worked good, the design that was received well, or the CTA that had the maximum clicks. Email marketing encompasses a wide variety of topics spanning everything from creation and design to development and deliverability.  Here's when we from the Zoho Campaigns team found the need to build an email marketing community comprising of seasoned marketers and email geeks who can help each other
      • Email Deliverability Tip #3: Seal the deal with the preheader

        In the last post, we learned about the subject line. Today we'll be learning about the preheader. A preheader is the short text that follows the subject line in an email. The preheader is designed to hint at what your email message is all about. A good preheader should act as a second subject line and convince your contacts to open the email. Now, let's learn the best way to craft a preheader. Your subject line and preheader should work together and accurately convey the gist of your email. Keep
      • Tip of the week 04 - Know about your recipients' 'prime open time.'

        In today's market, the importance of customer behavior is astounding, with a vast amount of research and resources going into finding how customers make decisions. The process of persuading your customers to open your email and click on your call-to-action becomes easy when you understand the psychology behind their behavioral traits. Time to turn into a psychologist! Let's get to the basics—you want your emails to resonate well with your recipients. So, what's the primary thing involved here? It's
      • Tip of the week 15 - Add subscription-preferences option. Drive more engagement.

        If crafting content for emails, getting creatives done, and running email campaigns is your love, then unsubscribes are the heartbreakers.  You can save your emails from being unsubscribed/trashed by adding a proper subscription-preferences option in your emails (works best at the time of signup). Giving subscribers the option to choose what they want to receive from you and decide how often (frequency of the emails) your emails should hit their inboxes will increase the reach of your campaigns manifolds.