Comply with Google's strict anti-spam policy with Reloadify

Comply with Google's strict anti-spam policy with Reloadify

NewsRecommendOctober 24, 2023

Google is tightening its rules as of February 2024 to combat phishing and spoofing. This has implications for your email marketing. What these consequences are, and how Reloadify helps you with this, you can read in this article.

 

Google and Yahoo's new rules

Google is tightening its anti-spam policy considerably. The new rules go into effect Feb. 1, 2024, and this has major implications for your e-mail marketing. Google manages Gmail, one of the most used email clients in the world. To give you an idea: in 2021, 75% of emails worldwide will be opened in Gmail*. Reason enough to familiarize yourself with the stricter anti-spam rules.

*source: Findstack

So what are the new, strict rules? Google states that any party sending more than 5,000 emails in a single day must meet certain requirements. These requirements were created to allow the sender to prove that he is actually the one who sent the email. Spam and phishing are dealt with this way, and this protection makes the inbox a lot safer.

Every large sender (meaning any sender who sends more than 5,000 emails per day on average) must:

  • Mail from a validated domain.
  • Provide the ability to unsubscribe. Unsubscribing should take only one click, and the unsubscription should be processed within two days.
  • Prevent the email list from being bombarded with unwanted emails.

Mailing from a validated domain

One of Google's ways to combat phishing and spam is to have the sender's domain name validated. By validating your domain name, you make it clear from which e-mail server and through which IP addresses you send commercial e-mails. This information allows an e-mail client to verify that every e-mail sent from your domain actually comes from you. Validating your domain name can be done by adding TXT records to your DNS records. There are two different types of TXT records you can use for this purpose: SPF and DKIM.

💡 Google requires only one of the two records (either an SPF or DKIM). Are you using Reloadify? Then you add the DKIM by default when you validate your domain name. An SPF record is in that case not required.

Add SPF record

SPF stands for Sender Policy Framework. With an SPF record you set up that e-mails sent on behalf of your domain name are always sent through certain IP addresses. Using this information, e-mail clients can check whether the incoming e-mail is genuine, or whether your domain name has been used for spam or phishing.

An SPF is a DNS TXT file and looks like this:

v=spf1 ip4=20.126.11.92 ip4=20.93.163.194 include:voorbeeld.email -all

The following explanation accompanies the above code:

  • v= With this value you determine the SPF version. Since only one version exists, you can enter "SPF1" here.
  • ip4= With this value you enter the IP address which is used to send your emails. Do you use multiple IP addresses? Then you have to fill them all in, in separate values. In the example above, you can see that two IP addresses are being used.
  • include: This value tells which parties are authorized to send emails on behalf of the domain.
  • -all This last value tells the receiving server that all email addresses not listed in the SPF record are not authorized to mail on behalf of your domain.

❗️ Please note that you may only create one SPF record for a domain. Does your e-mail communication run through multiple servers, or are there multiple parties authorized to mail on behalf of your domain? Then make sure all this information is in this one SPF record.

💡 Tip: You can check if your domain already has an SPF record by checking your domain. This can be done for example with the Mxtoolbox.

Add DKIM record

DKIM is the abbreviation for DomainKeys Identified Mail. A DKIM record ensures (just like an SPF) that e-mail clients can check whether the e-mail was actually sent on behalf of your domain name. An important difference is that DKIM also checks whether the content of the e-mail has changed after the mail has been sent. Is this the case? Then the e-mail is stopped to protect the recipient's inbox. This is because there is a good chance that the e-mail has been used for phishing.

A DKIM record is also a DNS TXT file. Below you can see what a DKIM record looks like at Reloadify. Note that for privacy reasons, these are not complete DKIM records.

DKIM records example

Adding DMARC

Google mandates a combination of an SPF or DKIM with a DMARC. A DMARC (Domain-based Message Authentication, Reporting & Conformance) ensures that emails that do not pass the check of a DKIM or SPF end up in spam.

💡 A combination of DKIM (or SPF) plus DMARC is mandatory. You still need to manually add DMARC yourself on your domain host.

A DMARC is also a DNS TXT file and looks like this:

'v=DMARC1; p=quarantine; pct=100; rua=mailto:info@yourdomain.com'

The following explanation accompanies the above code:

  • v= With this value you determine the DMARC version. Since only one version exists, you can enter "DMARC1" here.
  • p= This value tells the receiving server what to do with the fraudulent e-mail. You have several options:
    • "None". If you enter this, nothing will happen to the e-mail. We recommend starting with this value. This will allow you to collect enough data without your emails being immediately rejected or flagged as spam. On average, one week of data collection is sufficient. After this, you can tighten the value if necessary.
    • "Quarantine". With this setting, the suspicious e-mail is immediately forwarded to the spam inbox.
    • "Reject". This is the most hardcore setting. It ensures that any email that pretends to be your domain name but does not meet the requirements will be blocked.
  • pct= You specify the percentage of emails you want to check with this value. Tip: enter 100 here to check all emails for spam.
  • rua= With this last value you enter the e-mail address where you want to receive the reports. This report is sent daily and shows all current developments.

Always safe emailing with Reloadify

You can easily add a DKIM record when you first start using Reloadify. We have these records ready for you by default as CNAMES. It is only up to you to add them to your domain host.

Provide the ability to unsubscribe

In addition to a validated domain name, Google mandates the ability for recipients to easily unsubscribe from your e-mail communications. As Google puts it, "It should be one click." So don't send recipients who want to unsubscribe to a separate form where they have to confirm the unsubscription. Also, don't require recipients to opt out separately for each type of e-mail communication (under the heading of "preferences"). Letting them indicate preferences is allowed, but add a separate link to your email for that purpose.

With Reloadify, you have the option of adding an unsubscribe link that allows a recipient to unsubscribe directly. This way the recipient can unsubscribe with one click, there is no reference to a separate form and the unsubscription is processed immediately. You comply with Google's strict rule this way. That's not the only way we help you. In fact, we check every email for the presence of an unsubscribe link. Is it missing? Then the email cannot be sent. Seems strict, but that's how we protect your sending reputation.

💡 Tip: Design a personalized unsubscribe page. For example, give the unsubscribe a playful twist and leave the recipient with a positive feeling.

Example unsubscribe page

Maximum spam rate

Google's last requirement has to do with your sending reputation. Your spam rate must be low (no more than 0.3%!) for you to meet this rule. Do you have too high a spam rate? Then Google will put you in quarantine and you won't be able to reach your Gmail inbox for some time. Note: Google is not only looking at Gmail's numbers here, but at numbers from all email clients.

An e-mail can be marked as spam in two ways: by the e-mail client or by the recipient himself. You can avoid the latter by only sending emails that are relevant to your recipients. But how do you prevent your e-mails from being marked as spam by Gmail or Outlook, for example? Seven tips:

  1. Always mail from a validated domain name
  2. Don't use too many punctuation marks, capital letters and emoticons in your subject line. Also be careful of clickbait subject lines such as "Open soon!" or "Valid today only!".
  3. Include a pre-header.
  4. Don't send multiple emails on the same day to the same recipients.
  5. Are you adding images to the email? Then include an alt text (also known as "alternative text") with each image. This text shows when the image is not automatically downloaded.
  6. Use a tool that scores your e-mail based on spam risk, such as mail-tester.
  7. Clean up your email list. Remove profiles that have been bounced multiple times and consider whether you want to email recipients who haven't opened several emails in a row.

In Reloadify, cleaning up your email list is easy. Exclude bounces, deactivate inactive profiles and keep only a loyal list. An added benefit: your subscription costs go down, too. 😉 We help you keep your database clean by automatically deactivating profiles when three emails in a row are bounced, as well as when the email address is incorrect.

The implications for your email marketing

The stricter rules of Google and Yahoo have important consequences for your e-mail marketing. But, if you take the above steps, you will comply with these regulations and your domain name will be well protected. Need help adding SPF, DKIM or DMARC records? Or questions about keeping your spam rate low? Contact us and we will answer all your questions.

NewsRecommendOctober 24, 2023
background Swoosh

Stay in touch. Subscribe to our newsletter