How will Google and Yahoo's new email authentication policies affect senders using shared domains and ESP authentication?
Summary
What email marketers say10Marketer opinions
Email marketer from SparkPost Blog indicates senders using shared domains or ESP authentication might face increased scrutiny. Aligning SPF and DKIM records to match the sending domain becomes critical for maintaining deliverability.
Email marketer from SMTP2Go Blog discusses that senders on shared IP addresses might experience deliverability issues if other users on the same IP are not following authentication best practices. Proper authentication is crucial to avoid being flagged as spam.
Email marketer from Mailjet Blog suggests ESPs will be adapting their platforms to guide users in proper email authentication setup. Users might see more prompts and alerts regarding SPF, DKIM, and DMARC configurations.
Email marketer from Reddit r/emailmarketing suggests that those on shared hosting must ensure their ESP is compliant. If the ESP doesn't adhere to the new standards, finding a new provider is crucial.
Email marketer from Litmus Blog shares that understanding and implementing DMARC is more important than ever, with a recommendation to start with a 'p=none' policy to monitor email flows before moving to stricter policies.
Email marketer from Sendinblue Blog explains that senders with poor sender reputations will likely see a negative impact. Good sending practices, including authentication and engagement, are essential for positive deliverability outcomes.
Marketer from Email Geeks clarifies that for high-volume senders (>5k), shared, unaligned DKIM is not preferred. Platforms like Klaviyo allow brands to set up dedicated DKIM.
Email marketer from Email Deliverability Forum recommends that smaller businesses using shared domains should ensure their DKIM and DMARC records are correctly set up. Proper monitoring of email deliverability is also key to catching any issues early.
Email marketer from EmailVendorSelection says that ESPs that handle email authentication on behalf of their clients, or that have 'from' addresses will have to change their configuration. Senders will also need to check DMARC, SPF and DKIM.
Expert from Email Geeks expects more enforcement moving forward. (some) ESPs will do their part, but Senders must be more responsible and educate themselves on best practices, authentication and so on.
What the experts say13Expert opinions
Expert from Email Geeks advises using your main organizational domain or a subdomain in your From header. Aligned SPF or DKIM, ideally both, are crucial. Aligned SPF means your return path is a subdomain of your organizational domain, while aligned DKIM means using your organizational domain in the d= of one of the DKIM signatures.
Expert from Email Geeks confirms that it will still be allowed for mailers to sign up on an ESP, verify their domain and send using the ESPs authenticated domain without needing to place any records in their DNS.
Expert from Email Geeks shares that the industry is moving, slowly but implacably. Those who disagree will be ground underfoot.
Expert from Email Geeks explains that if senders want to use their own domain in the From: while relying on ESP domain authentication they shouldn’t plan long term on having their mail delivered to the inbox.
Expert from Email Geeks indicates a key challenge will be preventing users from using @gmail.com addresses in the From header.
Expert from Word to the Wise explains that it will become easier for major mailbox providers to identify and block malicious and unwanted email, improving inbox experiences for consumers. Senders that don’t follow the rules will likely face increased blocking and spam placement.
Expert from Email Geeks says that if they're sending more than 5000 messages with ESP authentication it will have delivery issues, but if they're sending a couple hundred, they should be fine.
Expert from Email Geeks states that mail with zero authentication (no SPF, no DKIM) will be rejected. For volumes >~5000, alignment between SPF or DKIM domains is needed, prohibiting freemail domains.
Expert from Email Geeks shares that ESPs dealing with smaller customers are aware of required changes and are implementing infrastructure to handle them.
Expert from Email Geeks explains that you should own a domain and use it to DKIM sign your messages. You can use multiple DKIM signatures, but one should be with your domain.
Expert from Spam Resource explains that The 2024 email authentication requirements will have ESPs require any bulk mailer to authenticate using DMARC. If using a shared domain, this means the sender must use the ESP's domain. If using a dedicated domain, then DMARC must be properly configured on the domain.
Expert from Email Geeks shares that if you’re only sending a few hundred emails a week, and you get no complaints from any of your recipients you’ll likely be fine indefinitely if you don’t change anything. You start getting complaints? You start up a new mailstream? You move IPs? Eh, maybe less so.
Expert from Email Geeks explains that large mailbox providers prioritize customer satisfaction and won't abruptly penalize senders. However, sympathy for those neglecting basic authentication will decrease.
What the documentation says5Technical articles
Documentation from Google Workspace Updates states that to help prevent spam, fraud, and abuse, Google requires senders to authenticate their email. They must set up SPF or DKIM email authentication for their domain and ensure that sending domains or IPs have valid forward and reverse DNS records (PTR records).
Documentation from RFC 4871 defines DKIM as providing a method for verifying the source and integrity of email messages. This standard ensures that the email hasn't been altered during transit and comes from a legitimate sender.
Documentation from Microsoft responds that they're implementing similar requirements and are updating their sender guidelines to require proper authentication. Senders can check their reputation with Microsoft through the Sender Support portal.
Documentation from DMARC.org shares that Implementing DMARC allows domain owners to tell receiving mail servers what to do with messages that fail authentication checks, preventing spoofing and phishing attacks.
Documentation from Yahoo Mail Blog says that senders should authenticate their email using SPF, DKIM, and DMARC, maintain a low spam complaint rate (below 0.1%), and make it easy for recipients to unsubscribe from their emails.