Gmail and Yahoo's New Sender Requirements
What Marketing Cloud and Pardot customers need to know What Marketing Cloud and Pardot customers need to know

Asterisk
Insights

Starting in February 2024, both Google and Yahoo have implemented new requirements for marketers that send emails to personal Gmail and Yahoo accounts. There are additional requirements for those that send bulk emails to the same audience.

Don't get caught unprepared! Keep reading to find out what Marketing Cloud and Marketing Cloud Account Engagement (will be referred to as Pardot to avoid confusion) users need to be compliant, and ensure your emails don't get sent to spam.

Speak with someone today

1

What are the new Gmail and Yahoo Sending Requirements?

All senders need to:
  1. Implement SPF or DKIM
  2. Keep spam rates below 0.3%
Bulk senders need to:
  1. Implement SPF AND DKIM
  2. Keep spam rates below 0.3%
  3. Set up a DMARC policy
  4. Implement DMARC alignment
  5. Adhere to one-click unsubscribes
By using Pardot or Marketing Cloud, the following requirements are already satisfied:
  1. Ensure that sending domains have valid forward and reverse DNS records
  2. Use a TLS connection for sending email
  3. Format messages according to the RFC 5322 standard
  4. Don’t impersonate Gmail From: headers
  5. Add ARC headers

2

Who qualifies as "All Sender" or "Bulk Sender"?

All senders: You send any email at any time at all to personal Gmail and Yahoo accounts. Bulk senders: You send at least 5,000 emails to personal Gmail accounts or a significant volume of email per Yahoo.

3

What counts as a personal account?

Personal email accounts are regular emails that individuals can register for, as opposed to work accounts or school accounts. For Gmail, these email addresses end in @gmail or @googlemail, and for yahoo, they end in @yahoo. Emails addresses belonging to organizations that use Google Workspace or Yahoo Business as their work/school email provider do not count. For example, @salytics.com emails do not count, despite us using Google Workspace as our email provider.

Everyone should adhere to the 'Bulk Sender' requirements

Regardless of how many emails you send to personal Gmail and Yahoo accounts, everyone should comply with the bulk sender requirements. These requirements are best practice, and will lead to improved deliverability and sender reputation. It's no surprise that Google stated that many senders already met these requirements before being introduced! While it may take some collabortion between IT and marketing departments, you'll find that the bulk sender requirements aren't that much more difficult to implement that the all sender requirements. Best practices are always evolving and it’s better to stay ahead of the curve rather than playing catch-up. The vague definition for bulk sending by Yahoo is all the more reason to follow these requirements now rather than worry about it in the future. Your email deliverability will thank you.

Asterisk
Requirements Deep Dive

SPF and DKIM

Requirement
Applies To
Enforcement Timeline
Implement SPF or DKIM
All senders
Feb 2024 (soft deadline)
April 2024 (hard deadline)
Implement SPF AND DKIM
Bulk senders
Feb 2024 (soft deadline)
April 2024 (hard deadline)
SPF and DKIM are email authentication protocols. SPF specifies which IPs allowed to send email for your domain and DKIM helps detect if your emails have been altered an during delivery. Without them, your emails are likely to be marked as spam by receiving mail servers.
Pardot
Since Pardot mail is sent from Marketing Cloud email servers, Pardot handles configuring SPF for you.

DKIM must be configured for every email sending domain. Your IT team will need to configure DNS entries from Pardot. Learn about implementing DKIM in Pardot.
Marketing Cloud
SPF and DKIM requires getting a Sender Authentication Package from Marketing Cloud. If you allow Marketing Cloud to purchase a domain on your behalf, or you delegate a domain to Marketing Cloud, they will set up SPF for you. If you opt to self-host your DNS, your IT team will have to set up SPF and DKIM. Learn about Sender Authentication Package in Marketing Cloud.

In order for DKIM to authenticate, you must send emails from the same domain as your SAP domain. For example, if your SAP domain is @mail.salytics.com, the from address for emails can be hello@mail.salytics.com, but not hello@salytics.com. From address verification is not the same as DKIM. If you want to send emails from a domain that is not your SAP domain, you must purchase a private domain from Marketing Cloud. Learn more about Private Domains.

Spam Rates

Requirement
Applies To
Enforcement Timeline
Keep spam rate below 0.3%
All senders
Feb 2024 (soft deadline)
April 2024 (hard deadline)
Keep spam rate below 0.3%
Bulk senders
Feb 2024 (soft deadline)
April 2024 (hard deadline)
Your spam rate is the percentage of user-reported spam compared to total volume of delivered email. This tracks how often recievers of your email specifically mark your email as spam, which takes more effort than simply unsubscribing. It is tracked as the domain level and it therefore not impacted by being on a shared IP.
Pardot
You can track your Google spam rate using Postmaster Tools. It will require the assitance of your IT team to verify domain ownership. Once verified, you can use Postmaster's spam rate dashboard to track your user-reported spam rate. Learn more about Postmaster Tools.

You can track your Yahoo spam rate using their Complaint Feedback Loop (CFL). When you sign up for CFL, you provide a report email. When a Yahoo user marks your email as spam, you get an abuse report sent to this email. Using the number of reports you get and volume of emails sent to Yahoo addresses over a period of 30 days, you can calculate your spam rate. Learn more about Yahoo's CFL.
Marketing Cloud
You can track your Google spam rate using Postmaster Tools. It will require the assitance of your IT team to verify domain ownership. Once verified, you can use Postmaster's spam rate dashboard to track your user-reported spam rate. Learn more about Postmaster Tools.

When you acquire a Sender Authentication Package, Marketing Cloud registers you for Yahoo's Complaint Feedback Loop (CFL) automatically. As such, you get report on Yahoo spam rates within Marketing Cloud. Learn more about spam complaint reports in Marketing Cloud.

DMARC

Requirement
Applies To
Enforcement Timeline
Set up a DMARC policy and implement DMARC alignment
Bulk senders
June 2024 (hard deadline)
DMARC is an email authentication protocol. It builds upon SPF and DKIM by enforcing alignment between the “from address” domain and SPF or DKIM domains. DMARC alignment can either be relaxed or strict:
  • SPF alignment:The mail from domain is a subdomain of the from domain (relaxed alignment) or an exact match of the from domain (strict alignment)
  • DKIM alignment: The DKIM signature domain is a subdomain of the from domain (relaxed alignment) or an exact match of the from domain (strict alignment)
Pardot
To implment DMARC, you must first implement DKIM. Since Pardot mail is sent from Marketing Cloud email servers, SPF will never align.

Your IT deparment must also define a DMARC policy on your sending domain. According to Google, your DMARC enforcement policy can none. Learn more about setting up a DMARC policy.
Marketing Cloud
If your Sender Authentication Package was purchased by or delegated to Marketing Cloud, a basic DMARC policy record is automatically applied to your domain. For DKIM alignment, you must send emails from your SAP domain. If you send from multiple domains, support can enable multi-bounce domain for SPF alignment. Learn more about DMARC compliance in Marketing Cloud.

One-click Unsubscribe

Requirement
Applies To
Enforcement Timeline
Marketing messages must support one-click unsubscribe
Bulk senders
June 2024 (hard deadline)
One-click unsubscribe is supported with the List-Unsubscribe-Post and List-Unsubscribe headers. Complying with this requirement does not mean you need to add a one-click unsubscribe link your your emails. Your current unsubscribe link, or link to a preference center is sufficuent as long at it is clearly visible.

Email providers use these unsubscribe headers to dynamically display an unsubscribe link in your emails.
Pardot
The List-Unsubscribe-Post and List-Unsubscribe headers are automatically added to every email sent from Pardot, so no action is necessary. Learn more about these headers in Pardot.
Marketing Cloud
Marketing Cloud adds the List-Unsubscribe-Post and List-Unsubscribe headers to commercial emails only. Transactional emails do not include these requirements. Since compliance is only required for marketing messages, this is acceptable. However, you must be very dilligent that no marketing emails are sent as transactional. Password reset and booking confirmation are examples of transactional emails. Also, don't mix content by adding promotional material into transactional emails. Learn more about these headers in Marketing Cloud.
Asterisk
Conclusion

These requirements are illustrate Google and Yahoo’s commitment to combat spam and ensure their users get only the emails they want. By complying, you join in the fight against spam while enjoying improved deliverability.

If you need any help at all with configuring Pardot or Marketing Cloud to meet these requirements, reach out and one of our experts will get back to you.

Speak with someone today