Domain owner email verification requirements

Updated bulk email requirements by Google and Yahoo. I would imagine Microsoft won’t be far behind. Yahoogle will begin enforcing these requirements beginning in Feb. So only 26 days left to get this done or risk your emails being blocked/denied by Yahoo, AOL, and Google. I’ve color coded the screenshot to make it super easy to know what *you* are responsible for. ‣ RED: Set up your SPF and DKIM Records ‣ ORANGE: Install Google Postmaster Tools and monitor your spam rate. It should be kept under 0.1%. Spam complaints are calculated on a daily basis. If your complaint rate gets close to or over 0.3% - you’re at risk of burning your sending domain/email. ‣ BLUE: Use your own domain - you’ll no longer be able to send from email addresses like tyler@gmail(.)com from your ESP. This is because Google themselves are implementing their own DMARC policy and if you’re sending from a gmail(.)com email address, that will fail Google’s DMARC and none of your emails will be delivered. ‣ PINK: Set up a DMARC policy. Here’s a copy/paste example DMARC Record for you ----- Record Type: TXT Name: _dmarc Value: v=DMARC1; p=none; rua=mailto:email+dmarc@yourdomain(.)com; sp=none; adkim=r; aspf=r ----- ***update that RUA tag to *your* email. I recommend putting the “+dmarc” to make these reports easy to filter since dmarc reports are generated daily. So my email tyler@hypermediamarketing(.)net would look like this tyler+dmarc@hypermediamarketing(.)net. Then in gmail I would create a filter for any emails to the email address “tyler+dmarc@hypermediamarketing(.)net” to go into a dmarc folder. Or there are DMARC monitoring services you can have those reports sent too. Which I would also recommend so you're actively monitoring your DMARC reports. ----- Last, this is something that needs to be done for every software you're using for emailing. If you're using Google Workspace for 1:1 emails - ensure all authentication measures have been set up. If you're using ActiveCampaign, HubSpot, Keap, MailChimp, etc - SPF and DKIM records need to be set up for those *as well as* Google Workspace. If you're using a help desk - SPF and DKIM records need to be set up. Hit me up with questions if you have them! #emailmarketing #emailmarketingtips

🚨𝗢𝘂𝘁𝗹𝗼𝗼𝗸 𝗠𝗲𝘀𝘀𝗮𝗴𝗲𝘀 𝘄𝗶𝗹𝗹 𝗯𝗲 𝗿𝗲𝗷𝗲𝗰𝘁𝗲𝗱 𝗼𝘂𝘁𝗿𝗶𝗴𝗵𝘁 from 𝗠𝗮𝘆 𝟱, 𝟮𝟬𝟮𝟱🚨 ✅ 𝗠𝗮𝗻𝗱𝗮𝘁𝗼𝗿𝘆 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗦𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝘀: 𝗦𝗣𝗙 (𝗦𝗲𝗻𝗱𝗲𝗿 𝗣𝗼𝗹𝗶𝗰𝘆 𝗙𝗿𝗮𝗺𝗲work): Must pass. Your domain's DNS must list all authorized IPs/hosts that can send email. 𝗗𝗞𝗜𝗠 (𝗗𝗼𝗺𝗮𝗶𝗻𝗞𝗲𝘆𝘀 𝗜𝗱𝗲𝗻𝘁𝗶𝗳𝗶𝗲𝗱 𝗠𝗮𝗶𝗹): Must pass. Ensures the email hasn’t been tampered with and confirms authenticity. 𝗗𝗠𝗔𝗥𝗖 (𝗗𝗼𝗺𝗮𝗶𝗻-𝗯𝗮𝘀𝗲𝗱 𝗠𝗲𝘀𝘀𝗮𝗴𝗲 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻, 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴 & 𝗖𝗼𝗻𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲): Must be published with at least p=none. Must align with either SPF or DKIM (ideally both). Helps prevent spoofing and phishing using your domain. ⚠️ 𝗪𝗵𝗮𝘁 𝗛𝗮𝗽𝗽𝗲𝗻𝘀 𝗜𝗳 𝗬𝗼𝘂'𝗿𝗲 𝗡𝗼𝘁 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝘁? 𝗦𝘁𝗮𝗿𝘁𝗶𝗻𝗴 𝗠𝗮𝘆 𝟱, 𝟮𝟬𝟮𝟱: Non-compliant messages will be rejected outright. 𝗥𝗲𝗷𝗲𝗰𝘁𝗶𝗼𝗻 𝗺𝗲𝘀𝘀𝗮𝗴𝗲:  550 5.7.15 Access denied, sending domain [YourDomain] does not meet the required authentication level. 🧼 𝗔𝗱𝗱𝗶𝘁𝗶𝗼𝗻𝗮𝗹 𝗘𝗺𝗮𝗶𝗹 𝗛𝘆𝗴𝗶𝗲𝗻𝗲 𝗕𝗲𝘀𝘁 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲𝘀: Use a valid "From"/"Reply-To" address that can receive mail. Include a clear, functional unsubscribe link in bulk/marketing emails. Keep your lists clean: regularly remove bounced, invalid, or inactive addresses. Avoid misleading headers or deceptive subject lines. Follow consent and privacy rules (e.g., opt-ins). 🔧 If You Use a Third-Party ESP (like Sendgrid, Mailchimp, Salesforce, etc.) You still need to publish SPF/DKIM/DMARC in your own DNS for your domain. Coordinate with your ESP to get the proper DNS records and DKIM selectors. 📌 𝗡𝗲𝘅𝘁 𝗦𝘁𝗲𝗽𝘀 𝗳𝗼𝗿 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 Audit your DNS for SPF, DKIM, and DMARC. Flatten SPF if you exceed 10 DNS lookups. Gradually enforce DMARC: p=none → p=quarantine → p=reject (recommended final state). Internet Service Providers (ISPs) are stepping up — tightening standards, enforcing authentication, and demanding cleaner, more responsible email practices. Gone are the days of sloppy sending and shady headers. It’s not just about deliverability anymore; it’s about digital credibility. Would you like help auditing your current email infra? Ask me.

Email marketers, it's time to mark your calendars. On February 1st, 2024, Google and Yahoo will require bulk senders to authenticate their emails, make unsubscribing easy, and stay under a spam rate limit. Let's walk through the new standards: ✅ Email Authentication: Senders need DMARC, SPF, and DKIM verification. 🚫 Easy Unsubscription: One-click unsubscribe with a two-day honor period. 🙅 Low User-Reported Spam: Under 0.3% spam rate threshold. These new requirements are a good thing! Less spam in inboxes means your legitimate emails are more likely to be seen. Authenticated emails are also essential for security reasons, making phishing attempts easier to squash. Emails also look more reputable and on-brand from your organization's domain than your technology provider's. (The same guidance applies to URLs.) For nonprofits, these rules take effect after the EOY fundraising season. That said, February 1st will be here before you know it. Here are some steps to take: EMAIL AUTHENTICATION There are two ways to verify if you have DMARC, SPF, and DKIM records in place. 1. Find an email from your organization sent to your personal Gmail address. Click the three dots and select "Show Original." Each record should be marked as "PASS." 2. Use a web tool such as EasyDMARC's domain scanner. Enter each domain you use to send bulk emails, and it will show you whether DMARC, SPF, and DKIM records are in place. If you don't have all three in place, check with your tech provider for a how-to guide. EASY UNSUBSCRIPTION To meet the new "one-click" unsubscribe requirements, emails must include a List-Unsubscribe header. Email services use this to add unsubscribe links directly to their interfaces, so readers don't need to dig through the fine print to find the link. Look for an underlined "Unsubscribe" link in Gmail next to the email sender. In Yahoo's interface, click the three dots next to the spam button and look for an "Unsubscribe" option. Most modern email platforms have this covered, but contact yours if it is not in place. Honoring unsubscribes within two days means ensuring you have your email tool(s) set up correctly to exempt opt-outs. This should be instant, but watch out if you send from multiple platforms. When someone asks to unsubscribe from one tool, make sure their choice is respected in all the others. This is all the more reason to integrate your tech stack and have a centralized system for collecting consent, sending emails, and managing opt-outs. LOW USER-REPORTED SPAM With the right tools, the 0.3% threshold is easy to manage. First off, enable Google's Postmaster Tools to see where you stand. Secondly, make sure you only send to engaged contacts. This will reduce your spam rate and increase your engagement rates. Email deliverability doesn't need to be a mysterious process! Familiarize yourself with the terminology, get your house in order, and commit to better email practices.