In an attempt to address the avalanche of emails from spammers trying to exploit insecure bulk email servers, Google and Yahoo announced last fall that new authentication requirements would take effect this February. Domain owners are now required to implement Domain-based Message Authentication, Reporting & Conformance (DMARC) policies or risk having their email messages blocked by their platforms.
While this currently only applies to bulk senders (those who send more than 5,000 emails per day), my guess it may soon be extended to even smaller batches. Both Google and Yahoo are getting aggressive about preventing email spoofing and limiting the proliferation of phishing emails. For some folks, the technical aspects of the new DMARC requirements may seem daunting. Luckily, you don’t have to have a networking engineer to understand what needs to be done.
What are DMARC policies?
DMARC policies are TXT records saved to a domain’s DNS settings. While they only take a few minutes to install, you might need the help of a web developer or someone who really understands DNS zone records to make sure they’re configured correctly. DMARC is built on accompanying protocols of SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).
OK, hit me with the technical stuff. I can take it.
To install these records, you’ll need access to the admin panel associated with where your DNS records for your domain are hosted. This may be in the same panel where your domain is registered, in the website hosting provider’s admin panel, or at a third-party CDN (like Cloudflare) or Firewall provider (like Sucuri). You’ll also likely need access to the admin panel where your domain’s email is being hosted. This could range from Google Workspace to Microsoft 365 to any number of other email hosting providers. Your web developer can help identify where your DNS records and email are being hosted.
Your web developer will also need to know which tools (E.g., ActiveCampaign, MailChimp, Constant Contact) you are using to send bulk emails, as there will be special identifiers for these services that will need to be incorporated into the SPF record.
Once the appropriate records have been installed, there are several online tools (such as MX Toolbox) where you can enter your domain name and determine whether DMARC, DKIM, and SPF records are correctly configured.
There’s always more…
There are two additional requirements that Google and Yahoo have imposed that you’ll need to abide by:
- Easy One-click Unsubscription. Quite simply, if someone doesn’t want to continue to receive your bulk emails, that person should be able to unsubscribe in one click. Most enterprise-level email marketing platforms include this feature. You’ll want to make sure it’s active.
- Stay Under the 0.3% Spam Rate Threshold (Google recommends using Google Postmaster tools for running a spam rate check)
OK, what if I don’t do any of this stuff?
If you send more than 5,000 emails on any given day of the month, you’ll want to be sure to meet these requirements or risk having a massive number of your emails get blocked. Gmail by Google is by far the most popular email hosting provider, with more than 1.8 billion users worldwide. By some estimates, a whopping 36.5% of email opens happen through a Gmail/Google-hosted email. Yahoo Mail is used by more than 225 million people worldwide. Together, they represent a huge percentage of the email hosting market.
What if I need help with this?
If you need additional help with meeting these requirements, feel free to reach out to us at Saltworks Digital. Click here to send us a message.