New Email Standards

Keeping up with Feb 1st Changes in Email Deliverability
What you need to know and do by the end of this month.

As we approach the end of January, are you prepared for the changes happening in the email marketing realm, courtesy of the giants Google and Yahoo? These email overlords have a set of new deliverability standards that you MUST adhere to as of February 1st, or risk being silenced. If you’re using or delivering to Gmail, Google Workspace, Yahoo, Yahoo Business Email, or AOL, you’re on the list. Google and Yahoo command a whopping 2 billion active users collectively, and thirty percent of the world’s daily email traffic flows through Gmail. So pretty much everyone’s invited to this party, and not attending could land you in spam folders, so pay attention.

But worry not, you have WGM nerds in your corner. We have broken down the requirements for you to forward to your internal tech chick/dude. (Or if you are lacking one, we can handle it for you.) Read on for the 411.

The new guidelines:

1. Email marketers MUST authenticate their email send domains (through DNS) using the following three mechanisms:
  • SPF: No, not sunscreen.  SPF is “Send Policy Framework” and it is considered the de facto standard for email authentication. SPF records are text (TXT) records that you add to your sender domains DNS (Domain Name Service) to tell receiving email servers that the emails coming from your domain were authorized by you (whether from your business email server or through a 3rd party marketing service like Mailchimp or by your ecommerce provider such as WineDirect, Shopify or Commerce7). One SPF record can contain all the records for all the 3rd party services one might use for emailing customers.
  • DKIM: DKIM stands for “DomainKeys Identified Mail”. DomainKeys Identified Mail is an email authentication method designed to detect forged sender addresses in email. Just like in SPF, the goal here is that receiving email servers can use DKIM records to determine that an email claiming it has come from a specific domain was indeed authorized by the domain owner. You must have unique DKIM records for each email service you use (email marketing or ecommerce for example). Like SPF, DKIM records are managed in your sender domains DNS.
  • DMARC: DMARC, or “Domain-based Message Authentication, Reporting and Conformance” is an open authentication protocol that provides domain-level protection for emails. DMARC’s main purpose is to protect against email spoofing (sending email messages with a fake sender address) that is used in phishing. DMARC records like SPF records are TXT records managed in your sender domains DNS.

Authentication using one of these processes is best practices anyway, so chances are you might already do this. You’ll notice all three require access to your DNS (your Domaine Name Service) which is the tool that holds your domain (website URL) and email accounts (e.g. wineglassmarketing.com). This is probably someone like GoDaddy or Network Solutions. If you don’t know who owns manages domain…now is time to get curious. You should know and have the password in control at the highest levels.

The good news is if you are using email marketing services like Mailchimp or Klaviyo, chances are you have already setup both SPF and DKIM DNS records. Setting up these DNS records are part of these company’s sender domain authentication process.

Most ecommerce services ask you to setup SPF records and, in theory, transactional emails should be immune to spam requirements, but we think it is important that those of you with large club runs should also try to get these ecommerce providers to set you up with DKIM DNS records. For instance, WineDirect, has a team at the email dmarc@winedirect.com who can provide you DKIM records specifically for WineDirect in your sender domain DNS.

Unfortunately, neither the email marketing services, or eCommerce providers will not help you setup a DMARC record.

But we will!

Another fun fact: These new requirements specify that your DKIM domain has to match the domain in the “From address” of the email as well. They will check this with a reverse lookup. The “From” address is the address that you set up in your send for instance Service@wineglassmarketing.com, and the domain is the part after the “@” symbol, so in this case “wineglassmarketing.com”.

If you don’t own your own domain OR cannot update the DNS records for the domain you use, there are work arounds so you can still send emails, but they’re not pretty and can confuse your customers. Best to address this now.

2. Unsubscribing from email marketing lists has to be easy.

This means that emails must contain one click unsubscribe links in all commercial emails and all unsubscribes requests have to be processed within 2 business days.

The key here is the single click, which means when a recipient clicks this link, they are immediately unsubscribed from your email list without any additional steps or confirmations. (So, no “reply with a request”, or filling out forms.)

The one click unsubscribe has been a condition of the CAN-SPAM Act since 2003 and is required by the FTC for mass emails. But unsubscribes being processed within 2 business days is new. It’s unclear how they’re going to monitor this, but it’s best to not risk being blacklisted. If you use a sender like Mailchimp or Kavio, you’re in luck because they unsubscribe automatically and won’t let you resend to unsubscribed addresses. If you’re using two databases, like WineDirect for your club and Mailchimp for marketing emails, you will need to synchronize unsubscribes from both channels before every email (so upload WineDirect unsubscribes into MailChimp and vice versa.) Again, this was always best practice but now you should be diligent about it.

3. Senders must keep spam complaint rates under .3%.

The complaint rate in email marketing refers to the percentage of email recipients who mark an email as spam or junk. It’s calculated by dividing the number of complaints by the total number of emails delivered, then multiplying by 100 to get a percentage. Regardless of industry, the average spam complaint rate to aim for is 0.1% or 1 in 1,000 emails sent.

In general, recipients tend to label a message as spam based on a handful of criteria, including:

  • Recognition of the brand as one they’ve subscribed to hear from.
  • Ease or difficulty of unsubscribing from the messages.
  • Perceived relevance or irrelevance of the content, subject line, or both.

For many email marketers, this might be the most confusing of the new guidelines. How are you supposed to know your overall complaint rates – especially if you’re using multiple senders? This seems overly complicated, but it can be tracked at the domain level. The easiest way to do this is to register your sender domain with Google’s Postmaster Tools which will monitor your email performance. Setting up Google’s Postmaster Tools requires verifying your domain with Google via a TXT DNS record. Once your domain is verified, Google will start collecting data. It may take some time though to receive your report as it depends on how frequently you send emails. Google Postmaster Tools are free and offer reports on Spam Rates, IP and Domain Reputation, Feedback Loop, and Authentication and Delivery Errors.

As Long As You’re Doing This…can we recommend a BIMI Martini?

There is a new email standard called BIMI that we recommend for our clients. Where SPF, DKIM and DMARC are focused on back-end authentication, the BIMI (Brand Indicators for Message Identification) standard is all about customer-facing branding of your emails. How it works: If a given message passes authentication, the mailbox provider queries the sender domain’s DNS for a corresponding BIMI record. If a BIMI record is present, the mailbox provider can use the brand (logo) with the display of that message in the inbox.

Having a BIMI record setup will help make your emails standout in your customers inbox, thus hopefully resulting in higher open rates and engagement.

If you have any questions about setting up SPF, DKIM, DMARC and BIMI records (that’s a lot of alphabet soup!), please don’t hesitate to reach out to us.  We have a special package to help you with auditing your domain and setting up a BIMI record for your sender domain.

Kids, Don’t Try This at Home

With most clients we work with, DNS updates are handled either by a 3rd party IT company, a marketing agency like us, or by an internal resource who knows what they’re doing. We highly recommend you reach out to a professional to handle setting up these kinds of records. Understanding the interplay of SPF, DKIM and DMARC records is important before any DNS work is done. We suggest you start by working with your marketing agency or IT company by asking them to do a domain audit for you. You should expect them to spend anywhere from 3-5 to five hours configuring and testing your domain but it’s worth it. Because if you snooze on this, your emails might just end up in the dreaded abyss of spam folders, and nobody wants that kind of rejection.

Stay savvy and spam-free!


Leave a comment

You must be logged in to post a comment.