Updates to Gmail, Yahoo Sender Requirements 2024

Following their original announcements for bulk email senders, both Gmail and Yahoo have come up with some updates. These updates, made public in the last week of December, are mostly in the form of clarifications. They impose no fresh conditions, thankfully, but they do provide an insight into how these tech giants are committed to making email a better, safer space.

We have studied the updates and compared them with the original guidelines. Below is the summary.

Who is a bulk sender for Gmail and Yahoo

The earlier Gmail guidelines merely said that anyone sending at least 5,000 emails per day is a bulk sender.

That short definition, while clear, led to a few questions. For instance, what if you send 5,000 emails in one day and then barely send 10 to 20 emails for a long, long time?

The update has answered this, and also tightened the numbers. Here’s the official definition:

A bulk sender is any email sender that sends close to 5,000 messages or more to personal Gmail accounts within a 24-hour period.

Notice the wording says close to 5,000 messages or more. But wait, there’s some additional information.

When we calculate the 5,000-message limit, we count all messages sent from the same primary domain.

That’s fair. A fair system shouldn’t allow spammers or bad actors to duck by using different subdomains (e.g. sending 3,000 emails from marketing.somedummysite.com and 2,000 from offers.somedummysite.com).

We believe the below is the most important clarification.

Senders who meet the above criteria at least once are permanently considered bulk senders.

This means that once the system labels your domain as a bulk sender, that label sticks for the entire life of the domain. No matter whether you sent 5,000 emails today and didn’t send any for the next two years – you’re still a bulk sender.

And Yahoo adds this:

… we will use all of the information available (content, IP, etc.) to review sender compliance.

That is another reminder that getting away by using different domains won’t work.

While the Yahoo FAQ doesn’t mention a number (i.e. 5,000 emails), we are assuming they would use more or less the same numbers.

Bulk sender explained in short

The system calculates your sending volume on the basis of your primary domain. That means marketing.somedummysite.com and offers.somedummysite.com will count as the same entity, since they share the same domain (i.e. somedummysite.com).
The platforms will use multiple sources of information to determine who is the sender, whether two domains are actually the same, and so on.
If you send 5,000 emails even once, the system will consider a bulk sender.
Once the system labels you a bulk sender, you’re a bulk sender forever.
Yahoo clearly states they will include spoofed emails when calculating sender thresholds.

What are the deadlines to meet the new Gmail and Yahoo sender requirements?

The original notification had set February 2024 as the deadline.

What was not clear is what happens if you aren’t fully compliant by 01 February 2024. Would you be banned from sending emails from 02 February 2024?

The update to Gmail and Yahoo bulk sender guidelines has answered this.

First things first: no, you won’t face a blanket ban from 02 February 2024 if you aren’t compliant by 01 February 2024. But yes, things will start getting difficult.

This is how the guidelines will be implemented for non-compliant senders. First, if a sender isn’t compliant, they will receive an error message for a small percentage of their non-compliant emails. That is done to give them a chance to make amends.

If they still don’t make any improvements by April 2024, a small percentage of their emails will be rejected. Gradually, this percentage will continue to rise if the senders still don’t take the necessary steps.

Finally, the bulk senders will have till June 2024 to toe the line. We are assuming that after June 2024, bulk senders will have to stricter actions, including blacklisting.

Gmail, Yahoo timeline for enforcement of sender guidelines

Your first deadline is 01 February 2024. If you aren’t compliant by then, you will begin seeing error messages.
If you aren’t compliant by April 2024, a small percentage of your non-compliant emails will be rejected. This percentage will continue to increase if you do not take adequate steps.
After this, you have till June 2024 for compliance. Which means that stricter action would follow.

The below infographic depicts the full timeline.

Mitigation for non-compliant bulk senders

The latest updates to Gmail and Yahoo sender guidelines are clear on one thing: they mean business.

Gmail and Yahoo have listed out all the email sender guidelines, including thresholds, definitions, and deadlines. Now it’s upto the sender to make sure they meet the requirements and turn compliant.

If you are a bulk sender, you may reach out to the tech support of either of the tech giants, but before you do, make sure you are compliant in all ways possible.

February 2024 onwards, Gmail will not help with any mitigation to senders for delivery issues if they aren’t compliant.

How do you know you’re compliant to Gmail and Yahoo sender guidelines

Gmail has a clear answer to that.

Its FAQ says: “Bulk senders should use Postmaster Tools to check that their email practices are following our Email sender guidelines. To learn more, visit our Email sender requirements & Postmaster Tools FAQ.”

Gmail Postmaster Tools can tell you

SPF and DKIM authentication: Shows you the authentication for only those domains that you use to send emails from. Domains / Subdomains not used for emails will not be displayed.
DMARC authentication: A third-party tool for DMARC authentication is accepted, with minimum enforcement set to none (p = none) and pct = 0.
Message format: Rejection errors codes, if any, will be displayed.
DNS records: Feel free to use a third-party record tool.
Encryption: The Encryption dashboard will show, in percentage, inbound and outbound TLS.
User-reported spam rate: Learn about the spam rate from the Postmaster Spam Rate dashboard.
Unsubscribe issues: Use Feedback Loop (FBL) to spot campaigns that have an unusually higher Unsubscribe rate.

Yahoo summarizes how they will be enforcing these standards:

Two of the major standards are:

Having appropriate email authentication, and
Maintaining low complaint rates

In addition to this, bulk senders will have to follow requirements like the ones given below:

One-click unsubscribe before June 2024 (preferably RFC-8058)
SPF and DKIM authentication
Publishing DMARC policy

Unsubscribe requests must be honored within 2 days, failing which it would become an instance of non-compliance.

What about one-click unsubscribe

Yes, your subscribers should be able to unsubscribe from your bulk marketing and promotional emails with just one-click. That means you can’t use delay tactics to frustrate your subscribers in order to make them change their minds for unsubscribing.

Delay tactics include asking detailed questions, enticing them to stay back, offering some attraction to change their minds… Basically, don’t put any steps between the user clicking the Unsubscribe link and the email address actually being dropped from the mailing list.

Notes:

This requirement doesn’t apply to transactional emails. Transactional emails are messages towards a transaction, like purchase, change of password, editing of profile, and so on.
It’s important to note that best practices require that you do not add promotional content in a transactional email. For instance, do not add “Products you might be interested in” inside a Password Reset email.

What all emails do these guidelines apply to

This is a major clarification.

As we mentioned in our first article on these guidelines, it wasn’t clear what all the guidelines impacted. The original announcement said this applies to you if you send to Gmail addresses and workspace domains.

The new Gmail update says that the guidelines are applicable only to domains gmail.com and googlemail.com.

Put differently, it means that commercial Google’s Workspace hosted domains are not covered by these guidelines.

At least not right now.

Sending domains

Some of you might be currently using Gmail or Yahoo domain for sending emails, (e.g. coolcooking99[at]yahoo[dot][com]. This will have to change.

With the new requirements, you want to start using your own domain e.g. (coolcooking99[dot][com]). If you don’t already have a domain, it’s time to acquire one and start using it. That way, your next campaigns would be sent from an email like superchef@coolcooking99[dot][com].

However, a majority of businesses that we know send email campaigns are already using their domain to send and receive emails. For them, this particular requirement doesn’t mean any extra work. If you are one of them too, then you’ve covered at least that one base.

What about reverse DNS records and TLS

Gmail requires that reverse DNS records should be identical to the forward DNS lookup. However, Yahoo elaborates that not only the records should match, but the naming itself should be meaningful.

What does ‘meaningful’ mean? It means that the records and naming should somehow connect to or reflect your domain in an obvious manner. Senders trying to hide behind dubious naming practices will have to now do some corrections.

As for the TLS, it’s required that you use it for encryption.

It is obvious that this is done to prevent bad actors from phishing or other malpractices.