Google and Yahoo spam updates

Transforming email best practices into mandatory requirements—that’s what Google and Yahoo are trying to normalise starting 1st February 2024. Since the announcement in October 2023, there has been a buzz surrounding the Google and Yahoo spam updates, set to significantly impact domains sending over 5,000 messages to personal email accounts within 24 hours.

In Google’s case, emails sent to Google Workspace will be exempt—at least for now—from these limitations. However, this exemption for Workspace users might not last, so it’s wise not to bank on it.

So, why are Google and Yahoo doubling down on email senders?

Authentication. It’s something that’s always been a best practice, but senders don’t always use the tools and resources that are available to protect their emails. This is problematic because senders who don’t authenticate their emails are making it easier for unauthorised parties to send phishing emails and impersonate you or your business, which can damage your reputation.

Luckily for you, Google and Yahoo are already focusing their efforts on protecting their users from unwanted emails and spam, but the job becomes tougher if senders don’t safeguard their systems and leave the virtual door wide open for exploitation. This has led Google and Yahoo to decide that authentication and deliverability best practices are no longer optional, but mandatory requirements. 

If you want to make sure that these updates don’t negatively affect you and that your emails are still making it into the inboxes of your recipients, you’ll have to ensure compliance with the new requirements—there simply isn’t an alternative.

When will these updates kick in?

There’s some good news for those out there breaking a sweat. While the updates are slated to take effect from 1st February 2024, it won’t be impacting everyone at the same time and enforcements will be made in phases for those who send emails in bulk. There is no word yet on when this will start for non-bulk senders but get ready now so that you’re not making a mad dash to update your strategies when the updates are announced.

Here’s the breakdown of enforcement phases:

February 2024: Major penalties won’t come into effect immediately, instead, bulk email senders will see errors on a small percentage of emails that don’t meet the proper requirements

April 2024: Google will actively start rejecting a predetermined number of emails that don’t comply with their new requirements. The percentage of rejected emails is set to be increased over time.

June 2024: Bulk senders need to implement a one-click unsubscribe option.

So what are the new requirements? Here’s the scoop!

Latest Google and Yahoo spam updates and what you need to do to stay compliant

Making sure that your Google and Yahoo emails are making it to inboxes in 2024 should top your New Year’s Resolution list. If you want to keep your email marketing game on point, you need to make sure that you’ve got these mandatory requirements covered from top to bottom.

The changes, as mentioned earlier, will focus on three key areas: email authentication, easy unsubscribes, and spam complaints.

Email authentication

Google and Yahoo’s first update revolves around domain architecture. It mandates the use of DKIM, SPF, and DMARC to authenticate emails, confirming their legitimacy.

  • SPF & DKIM to verify email legitimacy: The reason why this is important is because it proves that the domain your ‘from’ address is yours and that a sender has permission to send the email on your behalf
  • DMARC guides on what to do with emails that aren’t legitimate: To pass DMARC, messages must go through DKIM and/or SPF authentication. DMARC instructs the receiving email server on what to do if an email fails SPF or DKIM but appears to be from your domain—indicating possible spoofing.

Once the updates are implemented, both Google and Yahoo will require DKIM, SPF, and DMARC in place for bulk email senders.

Easy unsubscribes

If you’re sending bulk emails, it should be easy for the recipient to unsubscribe. To enforce this, Google will be requiring one-click unsubscribes added directly in the email header instead of at the bottom of the email. That’s not all. Any unsubscriptions need to be honoured within 48 hours.

The goal here is that by making it easier to unsubscribe, users won’t be quick to hit the ‘spam’ button, making sure that legitimate email senders aren’t getting redirected to spam folders.

Spam complaints

Google and Yahoo are cracking down on spam using complex algorithms. Senders with an average spam complaint rate of 0.3% or higher will face deliverability issues. Ideally, you should keep your average spam level at 0.1% or lower to make sure that your emails are getting to your members’ inboxes.

If you’re thinking of reducing your spam complaints, here are a few steps you need to follow:

  • Make it easy to unsubscribe (the new header policy should take care of this)
  • Inform recipients to unsubscribe without marking the email as spam
  • Monitor undelivered emails and remove the recipients from your mailing list
  • Promptly respond to members who want to be removed from mailing lists
  • Think about what you’re sending and how often to make sure you’re not ‘spamming’ recipients

What happens if you don’t comply with Google and Yahoo spam updates?

If you were under the impression that you can ignore these updates and perhaps Google and Yahoo will conveniently forget that you exist, well, think again. Failure to comply with Google’s and Yahoo’s spam updates can lead to your bulk emails being blocked, delayed, or directed to spam—bad news for your marketing strategy.

From best practices to mandatory requirements—stay compliant and thrive

If you think that these Google and Yahoo spam updates are inconvenient and stressful, keep in mind that they are put in place to limit spam and make it more difficult to spoof your domain. 

Even though the updates will be gradually implemented it’s important to start now and take a thorough look at your policies, systems, and procedures to make sure that you’re compliant regardless of how well you’ve followed the best practices before these updates are rolled out because this isn’t just another generic update that you can forget about.