Yahoo and Gmail New Email Requirements- How Do the New Protocols Affect Your Firm?

Written By Kristin Steele

Yahoo and Gmail have recently implemented enhanced email standards that prioritize user safety. They aim to guarantee that emails reaching users are both legitimate and secure. 

You might be curious about the implications for how financial services companies carry out email marketing for their clients. The reassuring news is that if you are already diligent in your email marketing practices, these changes shouldn't disrupt your approach. 

In the forthcoming paragraphs, we will detail the new guidelines set by Yahoo and Gmail, which are set to take effect on February 1, 2024

Requirements applicable to all senders

Email Authentication: Sender Policy Framework (SPF) or DomainKeys Identified Mail (DKIM) mail authentication is required.

  • SPF serves as an essential email authentication protocol designed to combat email spoofing—a prevalent tactic in phishing attacks and email spam. As a fundamental component of email cybersecurity, SPF empowers the receiving mail server to verify if incoming emails originate from an IP address authorized by the domain's administrator. 

  • On the other hand, DKIM operates as a protocol enabling an organization to claim responsibility for message transmission by signing it in a manner that mailbox providers can authenticate. DKIM record verification relies on cryptographic authentication, adding an extra layer of security to email communications.

Important Note:  If your emails get marked as spam up to a staggering amount of 0.3%, you are at risk of your messages being blocked from Yahoo or Gmail.  

Requirements applicable to firms sending over 5,000 emails per day  

Establishing a Domain-based Message Authentication, Reporting, and Conformance (DMARC) Policy: As stated above, SPF and DKIM email authentication must be done to authenticate your company’s domain while also establishing a DMARC policy for your sending domain. While it's acknowledged that configuring a DMARC policy is a more intricate process compared to SPF and DKIM, there are tools available, such as Valimail and others, designed to simplify the creation of DMARC records and aid senders in achieving compliance. If you're investing time in creating the required records for compliance, securing your sending domain from abuse by taking this additional step should be a manageable endeavor. It's worth noting that for features like BIMI and other inbox experiences, domain owners must have DMARC at enforcement.  

One Click Unsubscribes: Simplify the unsubscribe process for subscribed messages by incorporating a one-click unsubscribe (list unsubscribe) feature. Ensure a prominently visible unsubscribe link within the message body. Opting for a one-click list unsubscribe is a strategic move to prevent recipients from marking your email as spam. Remember, a spam report impacts your entire mail stream, while a one-click unsubscribe only affects an individual recipient. 

Google and Yahoo! are championing a heightened emphasis on security within the marketing industry. We recognize that any alteration to a channel with over fifty years of history, especially one that epitomizes the most widespread form of digital communication, will inevitably introduce friction and discomfort. 

The good news is that if you're currently following all the proper email procedures, the way you send out emails should not be affected. Stay aware and make these changes by February 1, 2024, to ensure the safety of your email sends.

Kristin Steele
Previous

Maximizing Marketing Impact for Alternative Investment Firms With External Expertise  
Next

Six Steps Every Successful Marketing Campaign Must Have