Changes at Gmail and Yahoo starting from February 1st, 2024

Major changes will take place starting February 2024 regarding the sending of emails to recipients with email addresses hosted by Gmail  or Yahoo (AOL) that require changes to your sending domain. Indeed, these email providers have published new guidelines to be respected in order to reduce the volume of spam sent to their users. It's very important to comply with these new requirements to ensure that your emails continue to arrive at their destination and to optimize your chances to land in the inbox.

Audiences targeted by the changes

Before we get started, here's who the new Gmail and Yahoo guidelines are for.

Email recipients targeted by these new guidelines

These new guidelines apply when you send emails to contacts who have: 

  • Personal accounts ending in @gmail.com or @googlemail.com
  • Yahoo and AOL email accounts.

Email senders targeted by these new guidelines

Some of the new measures from Gmail and Yahoo particularly concern bulk senders. Gmail specifically defines them as senders who send more than 5,000 messages per day. However, others apply to any sender sending emails to these internet service providers.

In any case, Cyberimpact recommends that all its clients follow these new guidelines, regardless of their sending volume. These requirements adhere to the best email practices and reflect current standards for email delivery. They will help optimize your deliverability rate, strengthen user trust in your brand, avoid delivery issues, and could keep your emails out of the "spam" folder.

It's important to understand that these guidelines affect all email senders internationally. These requirements are not specific to the use of the Cyberimpact platform.

Key guidelines to follow before February 1st, 2024

Among Gmail and Yahoo's recommendations, four stand out:

View the complete list of guidelines for message senders:

How to prepare for February 2024

In this section:

How Cyberimpact helps you comply

Good news! The majority of the requirements requested by Gmail and Yahoo are already in place at Cyberimpact. For example:

  • All emails sent via our application automatically include a "list-unsubscribe" header, displaying an unsubscribe link at the top of the message for supporting email clients. Our team is currently working to ensure that this link complies with Gmail's newest requirements. There's nothing for you to do.
  • A mechanism to report abuse is prominently featured in the footer of all emails to quickly detect any misuse of Cyberimpact. Also, we do not tolerate spamming through our service.
  • We subscribe to feedback loops from major email clients (e.g., Yahoo, Outlook.com...) and automatically process bounces.
  • Our platform provides you with all the necessary tools to comply with various laws, such as the Canadian Anti-Spam Legislation (CASL) and Law 25 (Quebec).
  • We also ensure that our clients adhere to the best possible email practices and that the structure of our emails complies with recommended standards.

While we are actively working on various solutions to assist and facilitate these changes, some requirements are unfortunately beyond our control. Here's what you need to do by February 2024.

Actions to take before February 2024
 

As of January 23, 2024 (for free accounts) and January 30, 2024 (for all our customers), to continue sending your mailings from your own sender address, your sending domain must:

  • have been authenticated with a DMARC protocol AND
  • have a custom DKIM signature to your account.

To learn how to setup your sending domain, follow steps 1 to 4 below or follow our quick guide.

If you have not completed these changes in time, your mailings will be sent from a temporary sender address to avoid any delivery problems. This address we'll provide you will be generated from your original sender address (e.g., if your email address is info@mycompany.com, your sending address will be: info.mycompany.com@email.cyberimpact.com (or .net). This is to ensure that your email is correctly authenticated, and that it is not rejected by Gmail or Yahoo.

To ensure you have the proper authentication in your Cyberimpact emails and to be ready for the new requirements from Gmail and Yahoo, here's what you need to do:

  1. Use your own domain to send your emails
  2. Configure DMARC authentication for your sending domain
  3. Create a CNAME in your DNS records
  4. Contact our team to activate custom DKIM signature in your emails
  5. Maintain a low spam rate

 

  1. Use your own domain to send your emails


    Gmail follows suit with Yahoo and now changes their policy regarding the use of @gmail.com and @googlemail.com addresses outside their service. To prevent email spoofing, they will change their DMARC policy action from "none" to "quarantine”. This means that starting from February 2024, all emails sent from a @gmail.com or @googlemail.com sender address that fail DMARC verification risk being automatically marked as spam or, worse, blocked entirely.

    What is DMARC?
    DMARC is an email protocol that allows domain owners to specify how emails that fail authentication tests should be handled. For DMARC authentication to pass, the email must be correctly authenticated with SPF or a DKIM signature, and the domain in the "From:" field (visible header) must match the one of the SPF authentication or DKIM signature. Learn more >

    What you need to know is that it's not possible to send emails from a Gmail or Yahoo address via our application, or a similar service, that passes DMARC verification. Using a professional domain that you own and control the DNS (Domain Name System) is the only way to meet the new requirements of these email providers.

    Moreover, using a free email address (such as Hotmail, Gmail and Yahoo) as a sender address comes with several risks and disadvantages. It is also a practice that is poorly perceived, both by recipients and spam filters, and is frequently used by spammers.

    In contrast, using a professional domain will give you several advantages, such as strengthening the trust of your recipients, giving you a more professional look and more control over the customization of your emails. It could also reduce the risk of your emails being marked as spam and help improve your deliverability rate.

    Choosing your email domain
    It's best to use the same domain as your website (e.g., pizza.com) or a subdomain of it (e.g., newsletter.sauceapizza.com). If you don't have a domain name, you'll need to get one as soon as possible.

    Setting up your new sender address
    Before using a new address to send your emails, it's a good idea to take a few precautions to ease the transition. For example, warn your recipients before making any changes (for example, by adding a banner at the top of your emails) and invite them to add your new address to their safe senders list in advance. If you're using a new domain name, it's a good idea to warm it up (i.e. start using it gradually). 
    Learn how to add a new sender address in your account >
  2. Configure DMARC authentication for your sending domain


    Before February 2024, Gmail requests the implementation of SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) authentication on the domain you use for your mailings (the domain in the visible "From:" field of your emails) in order to protect their users against spoofing.

    What is DMARC policy ?

    DMARC is a protective mechanism that helps enhance security, protect against fraud, phishing attempts, and ensure the legitimacy of electronic messages. It also tells email providers how to handle messages that fail SPF or DKIM checks on the sending domain, i.e. what action to take. There are three possible options: "none" (meaning take no specific action if validation fails), "quarantine" (e.g. the email could be marked as spam), "reject" (e.g., to block the message). In its guidelines, Gmail specifies that the rule for applying your DMARC policy can be set to "none", so it doesn't have to be "quarantine" or "reject" to meet its requirements. Learn more about Gmail's recommendations >

    Another advantage of DMARC authentication is that it allows you, if you wish, to sign up for reports to monitor emails that have been or appear to have been sent from your domain. You'll be able to see which messages you've sent pass or fail the SPF, DKIM and DMARC authentication tests, which could help you detect and take action to protect your sending domain from unauthorized use (e.g. email spoofing).

    When an email is sent, the mail servers receiving it will check whether the sending domain (the domain name of the email address visible in the "From:" field) has a DMARC record. For DMARC authentication of this domain to pass, the email must be correctly authenticated with SPF or a valid DKIM signature, and the sending domain (again, the domain of the address visible in the "From:" field) must be the same as the one of the SPF authentication or DKIM signature, also known as SPF or DKIM alignment. If the DMARC check fails, the mail server should then perform the action specified in the domain's DMARC record. If it passes, the email can then continue on its way.

    In order for your mailings sent from our platform to pass DMARC verification, we'll need to authenticate your emails with a DKIM signature customized to your domain, thus enabling DKIM alignment. We'll explain how to do this in steps 3 and 4.

    Read our blog article "Why should you have DMARC, SPF and DKIM authentication?" >

     
    To set up DMARC authentication on your domain and/or make the changes below to enable a custom DKIM signature for your mailings, you must have access to the DNS of your domain. If you don't know how to access it or do these changes, ask your technical team or the provider in charge of your domain registration services (DNS). It's a common procedure and usually quite simple for them. If you have any questions about this, contact us.

    Learn how to setup DMARC authentication >
    Not sure if your domain name already has DMARC authentication in place? You can check with online tools like MXToolbox. Simply enter your domain name (e.g., pizza.com) and launch the search by clicking on DMARC Lookup. The tool will then tell you whether or not it has found a DMARC record on your domain.

    Example of the result when there is no DMARC authentication found:

    domain with no dmarc

    Example of the result when DMARC authentication is found:

    domain with DMARC

    If you're not sure of the result, contact our team for help.
  3. Create a CNAME in your DNS records


    All emails sent through our services already have Cyberimpact's SPF and DKIM authentication to ensure you get the best possible deliverability rate. Our authentication also allows you to benefit from the good sending reputation of our clientele.

    However, from February 2024 onwards, to continue sending emails from your own sender address, you will now need to use a custom DKIM signature for your domain to align the sender address domain (visible "From:" header) with your DKIM signature domain. (e.g., if your sender address is "hello@pizza.com", the domain of your signature will be "pizza.com").

    DKIM authentication processes

    Signing your emails with your own domain offers several advantages, such as reinforcing the trust of your recipients, customizing your sending domain to your brand (for example, removing the "via Cyberimpact" mention in Gmail), and is necessary to comply with the alignment of your DMARC policy when sending emails via our platform.

    To add a valid DKIM signature linked to your domain in your emails, you need to create a CNAME in your DNS records.

    To do this, create your CNAME using the following format: 

    cyberimpact._domainkey.xxxxxxx | CNAME | clients._domainkey.email.cyberimpact.com

    Notes: 
    - the "x" should be replaced with your domain name, e.g., cyberimpact._domainkey.pizza.com
    - if you don't know how to create your CNAME, simply copy and paste the instruction above and send it to your email domain administrator
     

    You must repeat this process for each different sending domain you use through our services.For example, if you use the domain names sauceapizza.com and sauceapizza.ca for your mailings, you must create two different CNAMEs, one in the DNS of each domain.

  4. Contact our team to activate custom DKIM signature in your emails

    Once the CNAME is in place, contact our team so we can activate the custom DKIM signature for your domain in your account.
  5. Maintain a low spam rate


    It is important to adhere to good email sending practices and laws in your region (such as CASL and Law 25) to minimize abuse reported from your mailings. If you are currently using Cyberimpact, you probably have very little to change in your habits.

    As a reminder, here is a list of some measures you can take:​​

    • To monitor your domain's reputation with your recipients at Gmail, you can sign up for Gmail's Postmaster Tools. Learn more >
    • Communicate only with contacts for whom you have consent and use our various tools to help you comply with CASL. Learn more >
    • Send relevant, quality, and personalized emails at an appropriate frequency. Learn more >
    • Use our profile update forms to allow your contacts to update their preferences. Learn more >
    • Segment your contacts to send better targeted communications. Learn more >
    • Build quality lists with our subscription forms. Learn more >
    • Monitor your statistics, bounce rate (incorrect addresses), and unsubscribe rate. Learn more > 

      If you have questions about the reported abuse rate for your mailings, feel free to contact our technical support.

Conclusion

We hope this article has helped you prepare for the upcoming changes in February 2024. We understand that this can raise some questions or concerns on your end. Feel free to reach out to our team. We are here to help you in this transition.
 

Voir aussi

Top