Greeting of the new year!
Starting February 2024, Gmail and Yahoo Mail are rolling out stringent email authentication requirements to combat malicious messages, reduce inbox clutter, thwart phishing attacks, diminish spam, and bolster data security.
Here are the basic protocols all email senders are required to follow:
Implement email authentication
Implement SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) protocols to prevent domain spoofing, a tactic often exploited by cybercriminals. SPF is a framework that allows email administrators to specify which mail servers are authorized to send emails on behalf of a particular domain.
DKIM adds a digital signature to an email message, ensuring that it has not been tampered with during transit. Both SPF and DKIM help make sure emails are genuine and haven't been tampered with, which is important for email security and trust.
Maintain low spam rates
Google mandates the senders to maintain a spam rate below 0.3% (as measured by Google's postmaster tools) to ensure that your emails don't get flagged as unwanted or fraudulent. While Yahoo hasn't explicitly suggested a number, 0.3% is a safe bet to avoid getting flagged.
READ - Staying out of trouble in 2024: A look at email marketing laws and compliance
You can ensure low spam rates by following basic steps like enabling double opt-in, verifying email lists, and cleaning up old/inactive email addresses, among others.
For high-volume senders (> 5,000 messages/day)
In addition to implementing SPF and DKIM, high volume senders are required to implement DMARC policy and conform to DMARC alignment.
DMARC policy
Implement DMARC (Domain-based Message Authentication, Reporting, and Conformance) to provide domain-level protection against email spoofing techniques used in phishing and other attacks. DMARC builds upon SPF and DKIM and allows businesses to publish policies that provide instructions to mailbox providers' recipient servers on how to handle unauthenticated emails sent from their domain.
DMARC alignment
Ensure that messages pass DMARC alignment, which checks whether the sending domain's authentication methods (SPF and DKIM) align with the domains used in the email headers. This is the Return-Path value within email headers.
SPF, DKIM, and DMARC are already mandatory in order to send email campaigns in Zoho Campaigns.
One-click unsubscribe
Google recommends implementing a convenient one-click unsubscription feature for users. This single-click process is aimed at allowing Gmail recipients to easily unsubscribe from emails sent by large senders. Additionally, Google recommends that senders promptly process unsubscription requests within a two-day timeframe.
Zoho Campaigns and Zoho Marketing Automation are already in compliance with this recommendation. In our system, we include a one-click unsubscribe link in the header of every email. Users can effortlessly click on the unsubscribe link located next to the sender's address to unsubscribe from the organization promptly.
Gmail address as from address
This pertains to cases when the sender's email address for emails sent from Zoho Campaigns is a Gmail address.
What is the change?
Gmail will begin using a DMARC quarantine enforcement policy. DMARC allows domain owners to specify policies that instruct receiving email servers on how to handle messages that fail DMARC authentication.
What is the Impact?
This implies that emails sent with "gmail.com" as the sender (or from) domain will be quarantined by the recipient servers.
To prevent delivery issues and potential IP reputation damage, emails with a sender domain of "gmail.com" will not be triggered from Zoho Marketing Automation after February 1.
Please be aware that this limitation is specific to when gmail.com and googlemail.com is the sender domain. If you have a custom domain, such as zylker.com, hosted on Google Mailbox, then it will not be impacted by the new sender email limitation.
What is the resolution?
To resolve this situation, we encourage users to use their authorized business domain address as sender address, not a gmail address. In case you don't own a domain, you can purchase one from Zoho domains.
If you have created any email campaign using the Gmail address as the sender address, you'll not be able to send campaigns.
Scheduled campaign will be moved to the draft state after Feb 1
Campaigns that are in Draft state cannot be sent until the sender address is changed to a business specific email address.
W.r.t Workflows, we will not stop any workflows. We recommend users edit and change the sender address in case if you have used gmail address.
What happens if you miss the deadline?
Your emails may not be delivered to Gmail and Yahoo accounts. This in turn will impact your business, your ability to communicate with customers, and potentially affect customer engagement. We, at Zoho Campaigns, are already aligned with the new guidelines to ensure a seamless experience for our users. If you have any questions or concerns regarding these changes, please reach out to our support team at support@zohomarketingautomation.com.