This article contains instructions that can only be performed by the administrator of the domain used by the Bevy site. This means that you need to have the appropriate permissions and credentials to access and modify the domain settings. If you are not the administrator, you will not be able to follow the steps in the article. Please contact your domain provider or administrator if you need assistance.
Overview
In a new effort to further protect their users’ inboxes, both Gmail and Yahoo! introduced a new set of requirements senders must meet by February 2024 in order for mail to be delivered as expected to their subscribers. These changes are being made in a continuing effort to protect their users against fraudulent messages, such as scams and phishing attempts, and will prevent any emails sent from unauthenticated email addresses from reaching the recipient’s inbox.
Does this impact me?
Gmail and Yahoo’s new requirements primarily target large bulk senders who send more than 5,000 emails a day (includes emails you send through Bevy or other platforms using the same domain). If you’re a smaller sender, you’re less likely to be impacted by the changes—but that doesn’t mean you can ignore them. What’s required for large senders today will likely become a requirement for all senders in the future.
What happens if I send emails that don't meet these requirements?
“If senders don’t meet these requirements, messages might be rejected or delivered to recipients’ spam folders,” per Google.
When will these changes take place?
Per Google, the following will occur
- Feb 1, 2024 — Senders will start getting warnings for non-compliance.
- Apr 1, 2024 — A subset of emails will start being rejected for non-compliance.
- Jun 1, 2024 — All emails will be rejected for non-compliance.
What are the requirements?
Properly authenticating your emails has always been a best practice, but not all senders are using the tools available to protect their emails. And that’s a major problem: If senders don’t properly authenticate their emails, they’re making it incredibly easy for bad actors to impersonate domains and to send phishing emails—and that will damage your sending reputation.
To ensure that emails continue to reach their inboxes, they must adhere to key guidelines for email verification and anti-spam measures.
Bevy has you covered for most of the requirements, but there are a few important ones (see highlighted below) we will need our customers to implement to ensure all requirements are met. Here’s the breakdown:
Requirement | Owner |
Set up SPF and DKIM email authentication for your domain | Bevy owns and is compliant |
Ensure that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records | Bevy owns and is compliant |
Use a TLS connection for transmitting email | Owned by SendGrid, Bevy email provider, and is compliant |
Format messages according to the Internet Message Format standard (RFC 5322) | Bevy owns and is compliant |
Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body | Bevy owns and is compliant |
Don’t impersonate Gmail From: headers | Bevy own. See details here |
Authenticating emails using DMARC | Customers own. See details here |
Maintain a spam complaint rate under 0.3% using Google’s Postmaster Tools | Customers own. See details here |
To learn more about each of these requirements, please visit Google and Yahoo’s email sender requirements and guidelines documentation.
What is DMARC, and how do I set it up?
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a standard that prevents spammers from using your domain to send email without your permission — also known as spoofing. Spammers can forge the “From” address on messages, so the spam appears to come from a user in your domain. A good example of this is PayPal spoofing, where a spammer sends a fraudulent email to you pretending to be PayPal to obtain your account information. DMARC ensures these fraudulent emails get blocked before you even see them in your inbox.
How do I know if my domain has a DMARC record?
Please contact your IT administrator, or you can utilize online tools like https://mxtoolbox.com/dmarc.aspx to verify.
How do I set up DMARC record?
Please contact your Domain owners or refer to SendGrid’s How to implement DMARC documentation for detailed guidance.
Maintain a spam complaint rate under 0.3% using Google’s Postmaster Tools
Gmail will require senders to keep the spam complaint rate reported in Google’s Postmaster Tools below 0.3%. If a larger share of your recipients mark your emails as spam, your sender reputation will decrease—and you’ll have a harder time reaching the inbox.
To keep an eye on your spam report data from Gmail users, you’ll have to register your domain with a dedicated service, Google’s Postmaster Tools. Registering your domain is free, only takes a minute, and once you’re set up and Google has collected some email data, you can see aggregated spam report information in your Postmaster account.
If you notice you are exceeding the 0.3% threshold, take a look at these tips to reduce your complaint rate.
Don’t impersonate Gmail From: headers
What does it mean? Gmail will begin to utilize a DMARC policy of ‘quarantine.’. If you attempt to impersonate a Gmail From: header, that will likely impact your email delivery.
What should I do? While there is nothing Bevy customers need to do within the Bevy platform, please note that to protect your email sender reputation, Bevy has proactively restricted your from “From: sender email address” to your verified domain. This is the error message the IU will present when you try to use a different domain: