Gmail Deliverability Update 2024 A Complete Guide for Senders (SPF, DKIM, DMARC & More!)

Gmail Deliverability Update 2024: A Complete Guide for Senders (SPF, DKIM, DMARC & More!)

Heads up, email senders! February 2024 brings big changes to your inbox game. Gmail, the email king with 1.5 billion users, is cracking down on spam and boosting user experience with stricter delivery rules. This isn't a maybe, it's the Gmail Deliverability Update 2024, and here's your guide to survive it.

Gmail has announced this change back in October 2023 in this product update, but like everything else in like, we procrastinate and do things at the last minute. All they want is that you need to authenticate your emails, enable an easy unsubscribe button and ensure that you're sending emails that people want to receive.

In case if you are confused, these updates mainly concerns if you do send out marketing emails in bulk using email marketing platforms. But it is a good idea to set up these necessary records for better email deliverability even if you are not a bulk email sender.

So let's get to it without wasting time.

What's Changing?

  • Authentication Checkpoint: Gmail now requires email ID checks like SPF, DKIM, DMARC and BIMI for high-volume senders (5,000+ emails daily). These are like passports for your emails, proving you're not a sneaky spammer.
  • Unsubscribe Escape Hatch: One-click unsubscribe becomes the law. Users deserve an easy way out of unwanted emails, and Gmail's making it happen. No more click-through mazes!
  • Spam Trapdoor: Get ready for stricter spam rate limits. Cross them, and your emails might vanish into the dreaded spam folder or even get blocked. Yikes!

Why the update?

Let's be honest, spam is the email Grinch, stealing time and messing with our inboxes. At times we might send it ourselves, but we don't like receiving it, do we?

So This update aims to:

  • Protect Users: Gmail wants a cleaner, safer haven for its users, keeping spam and phishing scams at bay.
  • Boost Engagement: Less spam means more love for emails people actually want to see. Happy users, happy Gmail!
  • Fair Play Field: Legitimate senders who follow the rules rise to the top, while spammers face steeper mountains to climb.

So this update is in fact good, if you are the good guy! If you're sending value emails, or emails that people want to read, this update is actually good for you.

How to Stay in the Game?

If you send any amount of emails, here's your survival kit:

  • Authentication Gear Up: Set up SPF, DKIM, DMARC and BIMI for your sending domain. 
  • Unsubscribe Button: Offer a clear, one-click unsubscribe button in every email. Usually this part should be taken care by the email marketing platform you are using.
  • Spam Rate Tracker: Use Gmail Postmaster Tools to keep an eye on your spam rate and stay below the limit. It's your early warning system!
  • List Clean Up: Regularly remove inactive or invalid addresses from your email list. Quality over quantity!
  • Pro Help: If the tech talk confuses you, consider hiring an email marketing expert, just saying 😉

How to easily test if you are complying or not

Testing for SPF and DKIM records

The bare minimum you need to have for a good deliverability is spf and dkim records.

So go ahead and send yourself a marketing email from your email marketing software. Add yourself to a simple campaign and send it to yourself. Or check one of you older emails you've received from your a previous campaign.

Then click on the small arrow under the sender name to open up the detailed view.

You would see your domain specific email address. In my case [email protected]. If you have proper spf and dkim setup, you will see mailed by and signed by your sending domain.

SPF is the record behind "Mailed by" section
DKIM is the record behind "Signed by" section

If you are missing any one of them, you need to check your Domain Name settings and add those records.

If you are using an email platform to send out these emails, and you haven't set these records, most probably you will see 'signed' and 'mailed by' their own sub-domain.

This worked (still works) great depending on the shared domain reputation of these platforms. But now Gmail wants you to have your own domain reputation for sending out marketing emails. That is why you need to have these mails 'mailed and signed' by your domain.

Testing for DMARC record

Now if you go and click on the three dots on the far right corner of your email, you will find a tab saying "Show original". Once you click on that, the original message will open up on the new tab.

Once you find the original message, look for your DMARC alignment. If you can see DMARC results, it means that you have a DMARC record in your DNS.

If you see DMARC as 'PASS', everything is great at your end.
If you don't see DMARC, you need to add DMARC records.
If DMARC is not 'PASS', then you have to look into your SPF and DKIM because, alignment of those two results into DMARC PASS

Alternative Way to check

Go to your Domain name registrar or whichever platform you are using to manage your domain and check the records. Ideally you should see spf, dkim and dmarc values. Though you need to know what you're looking for.

What to do next to stay compliant

#Step 1: Setup Sending Domain Authentication

Questions to ask

  • Have you found mailed by and signed by under your own domain?
  • Were you able to find DMARC value in original message?
  • Did you get PASS for all three records?

If you answered "Yes" to all these three questions, your email marketing setup is great. You can go ahead and check out the next section. If not, please continue reading.

If Mailed by doesn't look right : Add/Modify SPF Record

If your Mailed by record is showing the email marketing companies domain, or you don't have it at all, you need to get onto your domain name settings and add your spf record. You will have to get in touch with your email marketing platform to get the correct SPF values.

Check out this site for How to setup SPF record for your email marketing platform

Note: Make sure you have only one SPF record configured for your domain, and you are adding IP and include mechanisms for third-party email services and applications into the same SPF record. If you publish multiple SPF records in your DNS, SPF will be invalidated.

If Signed by doesn't look right : Add/Modify DKIM Record

DKIM gives emails a signature header that is added to the email and secured with a public/private key pair. This is how DKIM signs your email so that email receivers can verify that the email actually came from the domain it says it does and hasn’t been tampered with.

Contact your ESP/ Email Marketing platform to get your DKIM key value pair and add it to your DNS.

Unlike SPF, you can have any number of DKIM records for your domain.

If no DMARC record : Add DMARC Record

DMARC, or Domain-based Message Authentication Reporting and Conformance, is a technical tool that verifies emails by combining SPF and DKIM methods. It's free to use and helps prevent email fraud like phishing. 

Having a DMARC record in place will help give you the best overall security by protecting your brand from impostors and keeping your domain reputation high.

The from-domain must match either the SPF or DKIM record in order to have full DMARC alignment.

If I have to go in-dept with DMARC policy and how it works, I could write another blog post. If you want a quick solution, just copy and paste this into your DNS manager after changing it with your actual email

v=DMARC1; p=none; rua=mailto:youremailhere;

Use TXT record with name _dmarc

Note: You can give a dedicated monitoring email address for 'rua'

DMARC Explained (for the nerds)

v=DMARC1;

v shows the DMARC Version

Default value: DMARC1
This denotes the DMARC protocol version. This must always be set as "DMARC1". If missing or incorrect, the entire DMARC record is ignored. Pretty straightforward parameter.

p=none;

p for Policy

This policy simply checks if your emails are PASSing for SPF and DKIM and collects the data and send an aggregate report at the end of the day, to the email you have specified in the record.

Failing for SPF or DKIM means, some fraudsters using your email identity to send out emails from other sources. At times this doesn't need to be a fraudster.

We ourself can send out such emails. For example, if you are using your free gmail account to send out bulk marketing emails using platforms like Mailchimp, you're in fact sending your email as "Gmail".

(This is exactly what Gmail doesn't want, by the way. So if you're using free gmail or yahoo accounts to send out bulk marketing emails, you won't be able to do that in the coming months. )

So in such cases, you can tell DMARC policy to quarantine or completely reject such emails by specifying the policy or the "p"

P = NONE
Monitors your email traffic. No further actions are taken.

P = QUARANTINE
Sends unauthorized emails to the spam folder.

P = REJECT
The final policy and the ultimate goal of implementing DMARC. This policy ensures that unauthorized email doesn’t get delivered at all.

So you can start with P=None. If you want a stricter rule after looking at the data sent to you by dmarc over time, you can start set stricter rules and reject such possible fraudulent emails from reaching inbox.

rua=mailto:youremailhere;

This pecifies where to send XML feedback reports and you should replace the bit after mailto with your own email and it should look something like this mailto:[email protected]

Every day you will get a few strange looking emails with the report with the result of the policy you set up. This is the simplest DMARC alignment policy you can set up. If you are feeling adventurous, feel free to check out the dmarc official site here and you can use this tool to set up more advanced dmarc policies here.

Note: Like I mentioned above, every day you will get a bunch of emails with xml feedback. You wouldn't understand much from a glance. So if you don't want them to your inbox daily, give any dedicated monitoring email address for all the domains you own.

#Step 2: Create One click unsubscribe link

Now that we have all the necessary domain authentication records, lets start look into the actual email itself.

Gmail and everyone who hates spam wants an easy way to unsubscribe from the junk that they receive all day everyday. So we need to have an easy unsubscribe link.

Like I mentioned earlier, this part will be taken care by most Email Marketing Platforms. Especially with this new update, most platforms will start adding this option to their email meta data.

Platforms like Klaviyo warns and reminds users before sending out a marketing campaign to include an unsubscribe link and automatically adds one if you don't include one.

But by any chance if you don't have it, you should find the merge data to include an unsubscribe url into your email and make it available at the footer (or even in the header).

Giving easy access to unsubscribe link sounds a bit painful considering the time, effort and money that went behind creating the email list you now have. But it is actually a good thing. Especially when you consider the next point : Spam complaint rate.

We don't want to send emails to those who don't want to receive it. These are the people who are going to complaint about you and make your future emails go to spam for those who want to receive as well!

So here are the benefits of helping people to unsubscribe

  • Helps to keep your list clean
  • Reduces spam complaints
  • Increases your engagement percentage
  • Reduces your cost if you are paying based on number of contacts

#Step 3: Keep your spam rate in check

Gmail says Keep spam rates reported in Postmaster Tools below 0.10% and avoid ever reaching a spam rate of 0.30% or higher. Now that is 3 in 1000 emails you send out!

So the best thing to do is send only good email and that too only to those who want to receive it.

Now let's look at how we can keep track of this using Postmaster tool.

Step 1 : Go to Postmaster tool
Step 2 : Add your domain
Step 3 : Verify your domain
Step 4 : Track your spam rates!

Bonus Steps and tips :

  • If you are sending massive amount emails (Especially more than 5000 a day) consider getting a dedicated IP to send out emails.
  • If you have a dedicated IP, follow Google best practices such as setting up PTR records, reverse DNS records etc
  • If you have a shared IP, use Postmaster Tools to monitor the reputation of the shared IP address.
  • Make sure you have double Opt in enabled to ensure you're sending emails to engaged users.
  • Send them "Want to unsubscribe?" emails and give them option
  • Ask directly or indirectly to engage with your email
  • Format your message according to best practices. Don't hide content using css etc
  • Make Links easy to spot and user should know what happens if they click the link
  • Don't use misleading subject lines
  • Warm up your domain by increasing the sending volume gradually

Super Bonus Step: Add BIMI Record

A BIMI Record is a type of DNS Record used to display a company's logo inside an email inbox if the email is trustworthy. Brand Indicator Message Identification (BIMI) Records are an industry-wide effort to use brand logos as indicators to help email recipients recognize and avoid fraudulent messages. This standard has already been rolled out by inboxes such as Gmail, Yahoo!, Apple Mail, and several others.

Step 1. Create your logo in SVG format.
Use online svg convertors to do this

Step 2. Create your BIMI record
Upload your SVG logo online and get the URL. Your BIMI record is a line of text that includes the URL of your brand logo Scalable Vector Graphics (SVG) file.

Step 3. Add BIMI TXT record to your DNS
Type : TXT
Host : default._bimi.yourdomain.com
Value: v=BIMI1;l=svglogourl.svg;

Summary

If you send marketing emails in bulk to your contacts, to get better email deliverability, especially to free gmail inboxes, follow the steps

  • Set up SPF, DKIM and DMARC records and authenticate your sending domain
  • Make sure your sending from email domain and your sending domain are aligned
  • Send relevant email to those who wants to receive emails from you
  • Make it easy to unsubscribe with one click unsubscribe button for those who don't want to receive emails from you
  • Track your Spam score using Postmaster tool and keep it less than 3 per 1000 emails

Read More:
Gmail Announcement
Gmail's Email Sending Guidelines
BIMI record

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram