User's GuideGetting StartedNew Sender Guidelines for Gmail and Yahoo

New Sender Guidelines for Gmail and Yahoo

Gmail and Yahoo have announced that as of February 2024, they're placing some new requirements on bulk email sent to addresses on their system. There's been a lot of noise about this, so we thought we'd let you know how it affects your accounts on iPost and what you need to do.

What are the new email sender requirements?

  1. Set up SPF and DKIM email authentication for your sending domain.
  2. Set up a DMARC policy for your sending domain.
  3. Domain in the sender's From header must be aligned with either the SPF domain or the DKIM domain.
  4. Use a TLS connection for transmitting email.
  5. Ensure sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records.
  6. Keep spam complaint rate under 0.3%.
  7. Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body.

What steps do I need to take?

For all of our clients, iPost covers the following requirements:

  • Mail must be sent using TLS.
  • One-click unsubscribe must be available in every message (via the List-Unsubscribe header).
  • Include an unsubscribe link in the body of every message (transactional email excluded).

For the remaining items, your send configuration will determine what steps need to be taken in order to authenticate your emails. Follow the steps listed below, based on how your subdomain is delegated to iPost.

Clients with NS delegated subdomains

iPost already covers the majority of the requirements:

  • SPF authentication is required.
  • DKIM authentication is required.
  • Sending domains must have forward and reverse DNS entries (PTR records).
  • Sending domains must have a DMARC record including an rua notification address.
  • Mail must be sent using TLS.
  • One-click unsubscribe must be available in every message (via the List-Unsubscribe header).
  • Include an unsubscribe link in the body of every message (transactional email excluded).
Clients with CNAME subdomains

This usage is more complicated. iPost covers:

For the rest, you must make sure the records are set up, valid, and maintained in the DNS:

  • SPF authentication is required. iPost can provide you with this record.
  • DKIM authentication is required. You must publish a DKIM public key using a DNS name provided by iPost. iPost can provide you with this record.
  • Sending domains must have forward and reverse DNS entries (PTR records).
  • Sending domains must have a DMARC record including an rua notification address.

These SPF and DKIM records will need to be updated at your DNS hosting provider. DMARC and PTR records may already be in place, but to be safe, you should confirm before February.

If you want all this to be easier, contact iPost about switching to the NS delegated method.

Domain Alignment

There is one requirement that's not under iPost's control:

  • The domain of the From address must be aligned with the sending domain of either the SPF or DKIM record, and preferably both.

"Aligned" is their way of saying the email address used for sending should be the same domain or a subdomain of the one you've delegated to iPost.

For example, if your authenticated sending domain for iPost is email.domain.com then:

[email protected] is aligned for both SPF or DKIM
[email protected] is aligned for DKIM only
[email protected] is aligned for SPF only
[email protected] is NOT aligned
[email protected] is NOT aligned

The iPost UI will warn you when you configure a send with domains that are not aligned.

What to do if one or more of yours currently don't align? There are two options:

  • Change the From address so it aligns with the sending domain.
  • Change the sending domain so the From address aligns with it.