2024 Email Regulations: Yahoo & Gmail Changes You Need to Know About

2024 Email Regulations: Yahoo & Gmail Changes You Need to Know About

Starting February 2024, a few things that used to be email best practices will now be email requirements, thanks to changing email regulations from Google and Yahoo.

When this news was announced in October 2023, many of our colleagues and client-partners (not to mention a few strangers we met at a kid’s birthday party) immediately panicked. 

“All the email rules are changing! What should we do?!” 

The Email Performance Checklist below gives you a clear answer to that question, in addition to clarifying the following:

What is an ESP and does every brand need one?

ESP is shorthand for Email Service Provider. This tool provides the email infrastructure needed to send and manage email marketing campaigns and customer/client communications. 

Context and nuance are critical components of the most effective growth marketing strategies, but when it comes to ESPs, we see zero shades of gray on this topic: 

EVERY brand needs an ESP because every brand should be actively engaging its audience via email.

Go to Multichannel Marketing blog post

Multichannel Marketing: What It Is & Its Advantages

Find out what multichannel marketing is and the advantages it offers brands who are seeking growth.

2024 email regulations apply to ALL email senders, not just bulk senders

Starting in February 2024, Google has a new set of email compliance regulations for all senders, and some extras for bulk senders — those who send 5,000 or more emails to Google accounts per day. Yahoo and other email providers are following suit.

How does Google define “bulk sender”?

Anyone who sends more than 5,000 emails to Google accounts in one day.

Brands who don’t prioritize email compliance with these new regulations will be penalized in one of two ways:

  • Emails will go into your recipients’ spam folders, where they’ll remain unnoticed, OR…
  • Emails won’t be sent at all. Goodbye, email deliverability rates.

What are the new email regulations from Gmail and Yahoo?

1. Authentication

  • Bulk senders: Set up email authentications, using standard protocols such as SPF and DKIM.
  • Bulk senders: Set up a DMARC or join a shared one with your ESP
  • All senders: Align your “From” field – no more impersonations allowed
  • All senders: Maintain IMF formatting in all emails

2. Spam Threshold

  • All senders: Keep spam rates under 0.3%.

Note: Many ESPs (like Klaviyo) are automatically taking care of some of these requirements, like:

  • Setting up the SPF and DKIM email authentication
  • Ensuring that the sending domain and IP have valid forward and reverse DNS records
  • Automatic unsubscribe links at the top of emails
  • Formatting emails according to IMF standards.

3. Unsubscribes

  • All senders: Provide two Unsubscribe options in each email
Requirements for all email senders vs. bulk email senders only

What is DMARC?

DMARC stands for “Domain-based Message Authentication, Reporting, and Conformance.” The goal of this email authentication protocol is to prevent email spoofing and phishing attacks. 

To fully understand DMARC and how it works, you first need to understand the role of two other email authentication technologies, both of which are implicated in the 2024 Yahoo and Gmail changes:

  • SPF (Sender Policy Framework)
  • DKIM (DomainKeys Identified Mail).

SPF (Sender Policy Framework) allows a domain owner to authorize specific mail servers to send emails on behalf of that domain. When that email is received, the recipient’s mail server can check the SPF record of the sender’s domain to verify that the sending server is authorized to send emails on behalf of that domain. Authentication #1.

DKIM (DomainKeys Identified Mail) gives the sender the option to attach a digital signature to all emails. The signature assures the recipient’s mail server that the email wasn’t altered during transit. Authentication #2.

DMARC offers Authentication #3, by providing a policy framework and reporting mechanism that allows the domain owner to:

  • Publish a policy specifying how any recipient’s email server should handle emails that fail SPF or DKIM checks. 
  • Request and receive feedback reports from any recipient’s server, which makes it easier for domain owners to identify and mitigate unauthorized email usage.
  • Enhance the trustworthiness of their emails and reduce the likelihood of successful email-based attacks.

Only bulk email senders need a DMARC. 

Some brands are simply not big enough to warrant their own DMARC, or they’re just starting their email program and need time to warm their account. 

Most brands can continue to rely on a shared DMARC owned by their ESP. Many of our email marketing client-partners have chosen Klaviyo as their ESP for this purpose. 

Email Performance Checklist. 7 email rules that haven’t changed.

Email Performance Checklist

☐ 1. If you don’t have an ESP, get one. Immediately.

Select your ESP based on what best integrates with the systems you already use and rely on most. For example, if you’re an eCommerce brand relying on Shopify, Klaviyo is a great option.

☐ 2. Use one ESP – not one for marketing and another for sales.

Growth marketers talk a lot about user journey – for good reason. Keeping the user in ONE journey makes it easier to:

  1. Know what they’ve already seen
  2. Move them to the next touchpoint with the most relevance for them, which might mean moving them backwards, forwards, or even sideways in the funnel
  3. Optimize marketing content as you share it.

One cohesive user journey with maximum flexibility and personalization requires aligning your entire company around a single ESP.

Go to Customer Journey Mapping blog post

How To Map Your Customer’s Journey

Explore our comprehensive guide on creating customer journey maps. Learn practical steps to understand and enhance your customer’s path.

☐ 3. If your size justifies your own DMARC, confirm it’s successfully connected to your website and marketing analytics dashboard.

Siloed marketing tools is one of the biggest performance problems we see, week after week. 

Once you’ve confirmed your DMARC is successfully integrated with all other tech, make sure to warm your account so that your emails are more likely to land in inboxes. Most ESPs offer helpful how-to warming guides, so check with your provider.

The True Costs of Insufficient Email Security

☐ 4. ALL email communications must include a one-click unsubscribe.

Subtly ‘trapping’ email subscribers might be tempting, because what’s the worst that can happen? They’ll delete it? Actually, it gets much worse. 

If the unsubscribe option is buried in the tiniest font in the back corner of an email, users will mark you as spam, which hurts your ratings far more significantly than if they unsubscribed.

If they don’t want to receive your emails, let them go.

☐ 5. Implement DKIM/SPF (or similar).

We covered this in detail above, so revisit those specifics. Summary: Avoid landing in spam and instead help yourself get into your subscriber’s inbox by authenticating yourself fully.

☐ 6. Get your DNS act together (and keep it that way).

DNS stands for Domain Name System or Domain Name Server. Your DNS connects domain names to web servers and requires an incredible amount of technical expertise. 

Of all the items on the list, this is the one you 100% need expert help with, assuming you don’t have this kind of technical expertise in house.

☐ 7. Regularly audit and clean all email lists.

Routine list cleanup is critical – for your sanity/ease of use, and to maintain your email list health and sender score. 

A small, clean list is far more profitable than a big list with only 20% cleanliness.

TL;DR on 2024 Yahoo and Gmail changes and email best practices

  • Starting in February 2024, all email senders must:
    • Maintain a spam rate of less than 0.3%
    • Maintain consistency in the “From” field – no more impersonating
    • Maintain IMF formatting standards.
  • In addition to the above, bulk senders (those who send over 5,000 emails per day) must adhere to the following Yahoo and Google email authentication expectations:
    • Set up SPF and DKIM authentications
    • Either create your own DMARC or leverage a shared one with your ESP
    • Provide at least two, highly visible unsubscribe options in every email.
  • EVERY brand needs an ESP (Email Service Provider) because every brand should be engaging prospects and customers via email.