As you may have heard, Google and Yahoo have updated their sender guidelines to reflect the changing digital world that we live in. What were once best practices are now becoming requirements. These changes take effect February 1. The good news is that a lot of these requirements are already handled by or are standards of Critical Impact. Let's take a look at the upcoming changes.
Things You (May) Need to Do
SPF and DKIM Authentication
What's Happening: Previously, DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) were suggested as best practice. These policies essentially provided a digital signature for your message content that confirmed that your messages are coming from who they say they are coming from. Updated standards make this a requirement. In response to this requirement, the "Administrator" security group in CI has been updated to include access to the Sender Authentication tool.
What You Need to Do: Ensure any domain you are sending from in Critical Impact has been through the sender authentication process. You can find steps to use the Sender Authentication tool here.
What's Happening: DMARC (Domain-based Message Authentication, Reporting & Conformance) was another suggested standard that has now become required by Google and Yahoo. DMARC explains to recipient mail servers what do when a message fails an SPF or DKIM check.
What You Need to Do: This is also handled by our sender authentication tool, mentioned above. The tool does require three components: v, p, and rua values, so make sure your DMARC record contains all three. You can read more about DMARC here.
Spam Rates in Postmaster Tools below 0.3%
What's Happening: This isn't a change for Critical Impact, Google, or for the email marketing industry. The absolute maximum spam threshold for best practices is 0.3%. The suggested value for a successful email marketing campaign would be to keep spam rates below 0.1%.
What You Need to Do: Critical Impact makes sure you have access to the spam complaint information right at your fingertips. Continue to monitor spam complaints through the email tracking report or, if you would like information specific to Google, you can set up Google Postmaster Tools.
Don't Impersonate Gmail From Addresses
What's Happening: Gmail will begin to utilize a DMARC policy of ‘quarantine.’ If you attempt to impersonate a Gmail from address, which will likely impact your email delivery.
What You Need to Do: It has never been suggested to send from an ISP's domain in Critical Impact. This practice continues.
Things We've Already Done
What's Happening: One-click unsubscribe (list unsubscribe) provides another method for subscribers to stop receiving your messages. This will automatically add an "unsubscribe" button next to the From Address in your message. If you don't see this immediately, don't worry: your messages need to have some interaction with this specific header active before it will display.
What You Need to Do: Although this unsubscribe button is now available, it is still required to include an unsubscribe button in your message content. You can also capture an increased level of engagement by allowing your subscribers to decide what content they want to engage with through a profile center.
It is also suggested to use opt-in lists.
Format Messages According to Internet Message Format Standard (RFC 5322)
What's Happening: This internet standard was put in place to provide a format for how messages should be created, including a heard, body, and attachments.
What You Need to Do: Critical Impact handles the formatting of your message content with our Drag and Drop editor. We also handle creating the headers (not to be confused with the <head> tag) of your message.
Include ARC headers to outgoing email
What's Happening: Authenticated Received Chain) ARC is an email authentication system designed to allow recipients in a forwarding chain to authenticate at each step along the way.
What You Need to Do: Forwarding mail is not suggested as it will generally alter the HTML of the message. If you want someone else to see the message content, it's always best to suggest they sign up for the list themselves. If you do forward messages, however, we have already enabled the ARC header for all messages.
Use a TLS Connection for Transmitting Email
What's Happening: Google and Yahoo require all emails to be sent with a specific security protocol known for encryption and data privacy known as Transport Layer Security (TLS).
What You Need to Do: Sit back and relax. We've been doing this and will continue to do this.