Countdown to Compliance: Meeting Gmail & Yahoo’s New Requirements for Email Delivery


Estimated read time: 7 minutes

Emily is an account manager at Affinity who specialises in writing and social media, with a keen interest in how companies can leverage good content to power their brands.

Gmail & Yahoo are introducing new sender requirements effective from February 2024, leaving businesses at higher risk of ending up in their customers’ spam boxes unless they comply. 

Whilst the changes seem intimidating, these are a set of guidelines that providers have been encouraging senders to adhere to for some time. 

The new requirements help to guarantee that both genuine emails end up in the right place, and their users are protected from spam and other potentially harmful emails. 

So keep reading, as we’re going to break it down step by step to explain the changes. 

Will the new changes affect my business?

If your business is sending any sort of emails, then this will affect you. It affects all platforms such as Klayvio, Omnisend, Hubspot, Mailchimp, and both standard and bulk senders.

Even if you don’t send out bulk marketing campaigns to 5k+ contacts, chances are you still send out transactional emails such as order confirmations and invoices which adds to the tally.

It also includes personal accounts ending in or 

The good news is that most of these email clients are already taking action to help their users stay compliant: many have added 1-click unsubscribe buttons in headers and offer easy ways to track spam rates, but you will still need to check against the new guidelines. 

So, what exactly are the changes?

The new rules apply to two different groups, standard senders and bulk senders. If you’re not sure where you sit within the two groups or need additional technical information, Google has released details about these guidelines in full.

Guidelines for standard senders:
  1. Keep your spam rates low.

If you’re using decent email marketing software such as Mailchimp or Kalviyo, chances are you’ll already have tools such as spam ratings and auto alerts at your fingertips. Keeping low spam rates should already be a priority as bad scam scores can quickly affect the deliverability of all your emails. 

The new guidelines state that you’ll need to keep your spam rates under 0.30%, and to do this we advise using postmaster tools and aiming instead for the Google-recommended target of below 0.10%.

  1. Don’t impersonate Gmail ‘From:’ headers.

Let’s say, for example, you’re just starting out with your business and don’t have your own domain yet. Your email address will likely end in @gmail or @yahoo, so you may be tempted to change the ‘from’ header to look like it came from a business domain.

Google has said they will now be enforcing a DMARC enforcement quarantine policy, so if you don’t follow this rule, chances are your emails will end up in spam or may not be sent at all. 

We advise sorting out your own business domain as soon as possible, and luckily this is a quick and easy, inexpensive fix that will only benefit your business in the long run. 

  1. Set up SPF or DKIM email authentication for your domain.

This level of authentication may be a little more complex, although it’s worth noting it does depend on your existing email platform, as some have been more proactive than others. 

We like this guide from which lays out services and tools provided by popular providers, and MailChimp provides detailed instructions for its users to aid in getting authentication set up. 

If you’re not sure where to start, you can contact your email software provider, domain registrar or web hosting provider as chances are they’ll have straightforward tools and advice to help get you started. 

If you use an IT company to support your business, they will also be a useful point of contact when it comes to navigating this change. 

  1. Read through additional changes to ensure compliance

There are a few other considerations to check, many of which are existing best practices which are likely already in place via your email software or web hosting provider, but you’ll still need to check. These include:

  • Make sure that sending domains and IP addresses have PTR records, aka valid forward and reverse DNS records. The Google guidelines have more information on this further down in their published document. 
  • Use a TLS connection when transmitting emails, Google has provided more information on this step here.
  • Format messages according to Internet message format standards 5321 and 5322
  • Make sure your ‘from’ headers match your domain name.
  • Don’t hide any information using HTML or CSS.
  • Use ARC if you regularly forward emails to indicate that the message was forwarded.

Whilst these points are a bit technical, they can help when it comes to asking service providers questions, so be sure to take a look at the guidelines in full from both Gmail and Yahoo

Guidelines for bulk senders:
  1. ‘Bulk’ senders must wave goodbye to shared domains

If you’re a ‘bulk sender’ (sending 5k emails or more a month) you can no longer use a shared domain. So, what’s a shared domain?

A shared domain is simply an address which is shared, for example: those using MailChimp might have an email that when sent, still comes from @mailchimp. Whereas those using a branded domain would appear in the inbox from @yourbusinessname. 

You’ve probably seen these emails before, when looking at sender info it may display as ‘sent on behalf of’ or ‘sent via MailChimp’. So from February 2024, if you want your emails to land in the inbox of those using Gmail or Yahoo, you’ll have to set up a branded domain. 

  1. Set up a DMARC policy on your root domain

What is a DMARC policy? According to Klaviyo, ‘‍DMARC authentication is a protocol policy that servers use to make sure emails are coming from a legitimate sender. Brands use DMARC policies to protect the domain in their sender email address from unauthorized use by bad actors.’

Much like GDPR policies, your email service provider cannot set these up for you on your behalf, although Mailchimp has a handy tool to help its users through.

  1. Make it easier to unsubscribe 

You’re going to have to provide at least one way that users can opt out in one step. 

If you don’t provide an easy way to unsubscribe, chances are users receiving unwanted emails will report you as spam. Not only should you be making it as simple as possible for people to unsubscribe, but Affinity’s team recommends giving users options so that you can recapture subscribers instead of losing them altogether. 

You should already be doing this – if you have no unsubscribe button, not only is it a negative, frustration-inducing user experience that can harm your company’s reputation, it’s far more likely you’ll be reported as a spammy sender.

And do you know what happens to spammy senders? They end up on the naughty step, which affects their deliverability overall and can even lead to blacklisting, eek. So if you’ve not sorted out your unsubscribe flow yet, now is the time to do so. 

  1. Align your ‘from’ header with your domain.

We already talked about the importance of trying to hide your ‘from’ domain in headers, and the extra step that needs to be taken is matching this header with your domain. 

This ensures that the email domain aligns with the domain in the ‘From’ header address. Email marketing software provider Mailerlite has posted an excellent blog on domain alignment which goes into greater detail.

Whilst these guidelines may seem overly complex, there are plenty of systems in place that can already help to support best practices, and following these rules will help to improve the deliverability and success of your campaigns overall. 

At Affinity, we’re email marketing experts, partnered with Klaviyo, Mailchimp & Brevo, so if you’re looking to improve your strategy and boost results, get in touch with our team today. 

Countdown to Compliance: Meeting Gmail & Yahoo’s New Requirements for Email Delivery

Related News