Beginning in February 2024, Gmail and Yahoo will begin enforcing stricter requirements for bulk senders. These measures are aimed at reducing spam and other malicious emails. ControlShift organizations may need to make updates to follow the new requirements.
Who is affected?
The new requirements are targeted at "bulk senders." Google defines bulk senders as organizations that send more than 5,000 messages to Gmail addresses in one day. Most ControlShift organizations will be considered bulk senders, and we'd recommend that smaller organizations also take these steps.
What are the new requirements?
Google has listed the full requirements in their help center. ControlShift has rolled out updates to meet some of these requirements without any additional action needed by organizations. For ControlShift customers, there are three requirements organizations may need to take action to meet:
|Add SPF and DKIM records for your email sending domain
|Follow our deliverability wizard (org admin homepage > Settings > Deliverability). This will require updating DNS records.
|Add a DMARC policy for your email sending domain
|Information about adding a DMARC policy can be found in Google's help center. This will require updating DNS records.
|Keep spam rates below 0.30%†
|Follow our deliverability guide. Third-party tools like Google's Postmaster tools can help you to monitor this rate.
† While Google sets the spam limit to .3%, they recommend keeping spam rates below 0.10% to avoid ever reaching a spam rate of .30% or higher.
For most of our organizations, SPF and DKIM are already in place. You can confirm that your organization's SPF and DKIM are configured correctly by going to the org admin homepage > Settings > Deliverability. Correctly configured SPF and DKIM will look like: If your organization has not configured SPF and DKIM, you'll see a prompt to configure deliverability instead.
Setting up spam percentage monitoring and ensuring that your organization has a DMARC policy will be the highest priority for most organizations.
What is DMARC?
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It's a policy that tells email providers what they should do if an email is sent without the correct SPF and DKIM records. This can prevent bad actors from sending emails posing as your organization. However, if DMARC, SPF, and DKIM records are not set up correctly it can prevent legitimate emails from your organization being delivered to supporters.
How do I set up DMARC?
Setting up a DMARC policy requires updates in your DNS manager, so we recommend that it be done by someone with technical expertise.
Please note: Your DMARC policy will affect all emails sent from your email domain, not just emails from the ControlShift platform.
When setting up a DMARC policy there are three options: none, quarantine, and reject. For the purposes of the upcoming changes, Gmail and Yahoo will require that you have a DMARC policy in place, but they don't require a specific approach. Your DMARC policy can be sent to none.
For more information about how to set up a DMARC policy, including the required syntax, please see Google's help center documentation.
If you have questions, send us a support request.