tldr; (aka Executive Summary):
If you send more than 5,000 emails per day to gmail.com addresses, you must have a “DMARC” policy in place.
Please reach out if you need help.
As a digital marketer, you’re well aware of the constant changes within our field and profession—the changes are what keep things interesting, right? 😂
On the topic of “changes”, we wanted to discuss the new requirements that “bulk” email senders must meet in February 2024 for email to be delivered as expected.
When you send emails from your domain, many recipient email servers perform “checks” to ensure that 3rd parties are not “spoofing” your email domain. This protects email recipients from scams, phishing, and malware attacks.
Two of the most important checks are known as “SPF” and “DKIM”.
SPF “tells the internet” exactly which IP addresses are authorized to send emails on behalf of your domain. DKIM protects against “spoofing” or faking the from and reply to addresses in outbound emails.
As a Net-Results customer, you’re already setup with these two important email authentication mechanisms: SPF & DKIM.
Good thing too, because both SPF & DKIM are now required by Google. 😉
A New Requirement: Having a “DMARC” Policy
Google is now requiring an additional policy be put in place. It’s called “DMARC“.
In plain english, a DMARC “policy” “is a means for your company to “tells the internet” what your company’s policy is for dealing with emails sent to your domain if those emails fail both the SPF & DKIM email “authentication” checks.
A DMARC policy is pretty simple. If an inbound email fails both SPF & DKIM checks, you can choose to:
- Accept the email anyway
- Reject the email entirely
- Quarantine the email (generally: put it in the spam folder)
DMARC is not involved in the sending of emails, so Google’s decision to require it (for sending emails) is somewhat curious.
Email senders that do not meet these requirements by February 2024 will see temporary errors occurring on a small percentage of their non-compliant mail to Google and Yahoo recipients.
Starting in April 2024, a small percentage of emails will be rejected and that percentage will gradually increase from there.
There is an additional requirement for senders to implement one-click unsubscribe; however, that will not be enforced until June 2024 (and we’re already handling that on our end, so no worries there!)
Net-Results Has Your Back.
If you or your team needs help getting a DMARC policy in place (you may already have one), please reach out to your Customer Success Manager (just send an email to support!) and we’ll gladly help you out! 🙂
Q & A
1. Set up DKIM & SPF email authentication for your domain
What is DKIM and SPF?
DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) are two forms of email authentication.
“Do I need to do anything here?”
Nope! As a Net-Results user and customer, both DKIM & SPF were set up during the onboarding process, so you’re all set.
2. Ensure sending domains or IPs have valid forward & reverse records (also known as PTR records)
What does this mean?
Reverse DNS allows mailbox providers to verify the email sender when they do a reverse DNS lookup upon receiving the email you send.
“Anything my team needs to do here?”
Don’t lift a finger—as a valued customer, this has already been handled for you!
3. Keep spam rates below 0.3%
This one’s pretty self-explanatory, but please remember your spam rate is made visible via The Pulse when you log in to Goldilocks by Net-Results (includes the last 30 days).
If you have any questions or concerns about your spam rate exceeding the 30% threshold, be sure to check out this SendGrid article for tips on how to reduce your complaint rate.
4. Set up DMARC email authentication for your sending domain
“What the heck’s DMARC?”
Great question! DMARC (Domain-based Message Authentication, Reporting, & Conformance) is a standard that builds on DKIM & SPF. DMARC communicates a policy to mailbox providers letting them know what they should do when they receive an email that fails a DKIM, SPF, or SPF & DKIM check.
“How do I set up DMARC email authentication?”
Unlike the other changes, this is the one step where you will need to complete a few easy tasks to ensure DMARC email authentication is set up.
You must have a DMARC policy in your DNS. Though a monitor-mode policy of p=none will suffice for Google and Yahoo, this is only the first stage of taking full advantage of the security control.
To ensure DMARC is set up, we suggest:
First, check if you have a DMARC record with the MX ToolBox, DMARC Record Check Tool.
If you do not have a DMARC record in place, MX Toolbox also offers step by step instructions to guide you.
As we mentioned before, if you require assistance, please do not hesitate to reach out to your dedicated CSM or email us at email@example.com.
We are here for you no matter what. And though these changes may look scary at a glance, we have done the hard work for you already so you can get back to doing what you do best—marketing (and being awesome)!
To your success,
The Net-Results Team