3 New Rules That Could Push Your Marketing Emails Straight to Spam

Digital Marketing

It’s no secret that Google and Yahoo are changing the rules for email marketers. Both companies are on a mission to protect users from bulk spam and unwanted email. Deliverability best practices are no longer nice-to-haves. To ensure your messages reach your audience, you must follow these new authentication requirements.

None of these changes are drastic. Google and Yahoo are simply enforcing policies that industry professionals have long considered non-negotiable best practices.

— Clay Patterson, Lightburn Director of Marketing 


One more noteworthy aspect of these changes is that they were designed to close any loopholes attackers and scammers may exploit. The requirement for domain-level authentication via email authentication protocols like SPF, DKIM and DMARC means that messages sent from an unauthenticated email address will never reach their desired recipient. This will result in fewer phishing attempts and other forms of fraudulent messages.

These changes will impact everyone, especially bulk senders and companies that send more than 5000 emails daily.  

The big three changes, effective February 2024, include:

  1. Authenticate your email addresses and domains
  2. Maintain a spam complaint rate under 0.3%
  3. Allow users to unsubscribe with just one click

Other technically focused changes include:

  • RFC 5322 compliance
  • PTR records
  • rDNS setup
  • Valid reverse DNS records
  • TKS connection

Luckily, many email platforms already properly maintain the technical side of your email marketing programs.

How to adjust your email strategy for 2024

You should no longer be using a shared domain or “friendly” headers. Single-click unsubscribes are now a priority. If you haven’t already, you need to ditch the passive aggressive strategies you’ve been using to try to stop recipients from ‘unsubscribing all’ in one go.

These requirements are good for your customers, good for your deliverability score, and chances are you’re already doing most of it.  

Just in case, our pals at Klaviyo put together a 'Checklist' for their partners to help them get ready for Google and Yahoo’s new sender requirements.

Reminder: This information is not legal advice. Consult with your legal counsel to make sure that you comply with applicable laws in connection with your digital marketing activities.


Remove Gmail from your friendly “from” address

  • This applies to all senders, not just bulk senders. 
  • Don’t use Gmail or Yahoo email addresses in your friendly "from" address. If you are using @gmail.com or @yahoo in the “from” address of your emails, switch the "from" address over to a website domain you own.
  • In order to meet this requirement, you need an email address that includes your own site domain name. If you are a brand that is just starting out, you may not yet own your own domain. It’s worth investing in one before February 1, 2024. You can purchase your own domain from any domain registrar.
  • You will need your own website domain to complete the rest of the steps in this checklist.

Set up a branded sending domain

  • Branded sending domains (also known as dedicated sending domains) give you better control over your sender reputation. They also improve your branding in the "from" address in the inbox by removing the sent “via klaviyomail.com” disclaimer. Branded sending domains are a great deliverability best practice and are a requirement for bulk senders who regularly email Google and Yahoo recipients starting in February.
  • Just note that once your branded sending domain is enabled, you may need to gently warm your sending infrastructure for the next 2 – 4 weeks. 
  • Need help? Follow our guide on setting up a branded sending domain.

Set up a DMARC policy on your root domain

  • Configure your DMARC policy
  • ‍DMARC authentication is a protocol policy that servers use to make sure emails are coming from a legitimate sender. Brands use DMARC policies to protect the domain in their sender email address from unauthorized use by bad actors. 
  • DMARC authentication is set up in your DNS provider (like GoDaddy or Cloudflare). If you do not already have a DMARC policy in place, configure a DMARC policy* on your root domain that contains the following:
    • v=DMARC1
    • p=none
  • Recommended but not required: set an rua tag with a valid email address to receive DMARC reports. For example, "rua=mailto:dmarc-reports@mybrand.com"
  • If you already have a DMARC policy in place, you do not need to make any changes to your p tag value. Just make sure you have an rua tag set up with a valid email address included in your policy. You also only need to configure DMARC on your root domain, you do not need to add an additionalpolicy to your subdomain used for sending. 

* Note that Klaviyo does not set up DMARC policies on behalf of its customers.

About DMARC reports

  • DMARC reports allow you to monitor the email messages sent using your domain, which can help protect you against spoofing and phishing. The RUA tag tells inbox providers which email address to send DMARC status reports to.
  • While you don’t need to actively monitor this inbox right away, it is a best practice to have a dedicated email inbox where you collect DMARC reports so your security or compliance team can easily review them when necessary. 
  • Currently, it is not a requirement from Gmail or Yahoo that senders must have a rua tag in their DMARC policy. But, setting this up now will help future-proof your policy since inbox providers will continue to tighten sender requirements over time. 

These third-party tools that can help you build, update and manage your DMARC policy:

Pro Tips: DMARC tools are often not a free service offering. There are plenty of tools out there to choose from. Be sure to consult your ESP regarding SPF and SKIM. Data/insights can also take 24-72 hours to flow back into DMARC analytics after sending an email campaign.

Align your “From” address with your branded domain

  • Your friendly “from” address (sometimes referred to by Google as your friendly “from” header) is what your subscribers see in their inbox as your brand’s email address.
  • The friendly "from" address is labeled "Sender email address" in Klaviyo
  • In order to be DMARC compliant, the domain in your friendly “from” address must align with the root domain in your branded sending domain. 
  • So, if your branded sending domain is called send.kvyodc.com, the root domain would be kvyodc.com. Therefore, using hello@kvyodc.com as your “from” address would be in alignment with the root domain.
  • Find your branded sending domain under your Klaviyo account settings
  • Avoid using your sending subdomain in your “from” address because you cannot configure an inbox for responses on this subdomain. In this example, you would avoid sending emails from info@send.kvyodc.com. Other subdomains that are not being used for sending are totally fineto use as your “from” address, like hello@notifications.kvyodc.com.
  • Be sure to double-check all friendly “from” addresses for alignment in your flow emails and campaigns.
  • To reiterate, if you are a bulk sender, you cannot use a shared sending domain and must have a branded sending domain enabled by February 2024.

Make it super easy to unsubscribe

  • One of the new sender requirements is that every email must include a one-click unsubscribe link. The good news? Klaviyo can take care of this for is customer. To help every user meet this new requirement, Klaviyo can automatically add a one-click unsubscribe link to the header of every email.
  • In this case, the term “header” refers to metadata within an email that contains information about the sender and message authentication. Klaviyo will be adding one-click list-unsubscribe functionality to this code on every message. One-click unsubscribe displays differently across email clients but see the example from Gmail below for a visual of what this could look like to a recipient.
  • So your only action item? Audit all of your campaign templates and flow emails before February to ensure that you have an unsubscribe link somewhere in the body of your email (the footer is usually the most common). This unsubscribe link doesn’t have to be one-click, but it has to be clear and easily accessible.

Keep Spam complaints low

  • This one is another requirement that goes for everybody, and has really always been a best practice for marketers. Low spam complaints are a keyway to show inbox providers that you are a legitimate sender who follows deliverability best practices. 
  • Visit the deliverability hub in Klaviyo to view your deliverability metrics or try Google Postmaster Tools to monitor how your sending strategy aligns with Google's requirements.

Email & SMS marketing strategies are a vital component of most modern businesses' strategies. It allows companies to communicate with target audiences in ways that are engaging, timely and cost-effective. Take the time to build your community. These timely messages turn trust into revenue if they properly serve your customers.  

For more information about rebuilding or optimizing your email and SMS channels, please reach out to one of our digital marketing pros.