In October 2023, Google and Yahoo announced new requirements anyone who uses email marketing. These changes impact customers of any email service provider—not just Mailchimp customers—and started to go into effect in February 2024. While these changes will require you to take a few new steps, enacting these measures can help improve your deliverability by building your credibility as an authenticated email sender.
These new requirements primarily impact a few groups of email senders:
- Large senders, or anyone who sends to more than 5,000 Gmail or Yahoo email addresses on any single day.
- Anyone who uses a Gmail email address as their “From” email address when sending emails through any email service provider, regardless of sending volume or the email domains of their recipients.
- Any company who has an email domain or "From" email address that includes their brand or company name.
You can read Google’s and Yahoo’s announcements for the full details, but here is a quick summary of the new requirements:
- Senders will need to have the right authentication for the email domain they’re sending from.
In particular, senders will need to have SPF, DMARC, and DKIM set up correctly. SPF is already set up on all of our sending IP domain names, so there’s nothing you’ll need to do to set that up. DMARC stands for Domain-based Message Authentication, Reporting & Conformance. It’s a way for you to show that emails sent from your domain are legitimate, and tell receiving inbox providers what to do with an email that isn’t legitimate. This protects both senders and recipients from activities like phishing, spamming, and spoofing. DMARC uses DomainKeys Identified Mail (DKIM)—a method of email authentication that helps identify that the email you sent is really from you—to evaluate the authenticity of email messages. When both DMARC and DKIM are set up correctly, someone can send an email via an email service provider—in your case, Mailchimp—and Gmail and Yahoo will see that your domain records have approved Mailchimp as a service that can send emails that display as coming from your domain. Gmail and Yahoo will then allow your emails to go to Gmail and Yahoo email addresses.
- Senders must include a one-click unsubscribe link in your email.
All bulk emails must have an unsubscribe method in place that allows recipients to unsubscribe in one click, as well as an unsubscribe link in the body of the email and header of the email. All bulk email senders are required to honor unsubscribe requests within two days. Luckily, all emails sent through Mailchimp do this automatically.
- Senders’ spam rates will need to fall below a certain threshold.
Google and Yahoo will begin enforcing a spam rate threshold that senders must stay under to ensure Gmail and Yahoo recipients aren’t being sent spam.
It is important to reiterate that these changes impact all email service providers, and not just Mailchimp. If you want to use an email service provider to send out newsletters and marketing automation, we strongly encourage you to use a custom domain and make sure it is properly authenticated.
What You Can Do
If you’re a customer who will need to make adjustments based on these new requirements, we’ll email you with specific guidance on how to navigate these changes based on your unique sender setup. If you want to set up everything yourself, here are the steps you’ll need to take:
Acquire or Set Up a Custom Domain
Starting in February of 2024, Gmail began using DMARC to protect their domain from unauthorized use. Gmail doesn’t allow for users to set up authentication for their individual address—this is because DMARC applies to the entire @gmail.com domain. When you send an email from any service other than Gmail itself using a @gmail.com domain, Gmail will tell recipient inboxes that Gmail didn’t send the email and therefore they should reject the email.
It is likely that more services could adopt the same requirements as Google and Yahoo in the future and impact email senders who are using other freemail domain services. For this reason, we strongly encourage you to set up a custom domain. You can learn more about what those are and why they’re important for your brand here.
We recommend that you find a domain through a registrar that is accredited with the Internet Corporation for Assigned Names and Numbers (ICANN) and provides email hosting, like Godaddy or Domain.com. View ICANN’s full list of accredited registrars here.
Once you have a custom domain, or if you already have a custom domain, you’ll need to set up DMARC and DKIM.
Set up DMARC
You can set up DMARC authentication for your sending domain in your DNS provider yourself, and you can take care of it at any time. Google has some specific guidelines to set your brand up for success.
Watch our video tutorial on domain authentication to learn more.
Set up DKIM
We’ve set up in-app guidance and instructions on the Domains page of your account. Additionally, this help resource includes a video tutorial that explains the process in detail: How to set up email domain authentication
Once you complete all of the steps outlined above, you’ll then meet the new authentication requirements for Google and Yahoo.
What We've Done to Help Customers Prepare
We’re dedicated to helping ensure our customers see as little disruption as possible from these changes. As we approach implementation of these new requirements, we’ve taken a few measures to help smooth the transition.
Updates to Domains Overview page
We've updated the Domains Overview page in Mailchimp accounts, which includes step-by-step guidance for what you need to do to authenticate your custom domain. In many cases, you’ll be able to fully authenticate your domain without leaving your Mailchimp account.
Overwriting sending domains for free email addresses
As we continue to encourage all users to authenticate and own their own domains, we've started overwriting sending domains for some Mailchimp customers who are sending from a free email address. Free email service providers, like Gmail or Hotmail, don’t allow Mailchimp customers to authenticate their sending domain since those customers do not own their domain, so to ensure that these users don't experience sending interruptions, we have started using a Mailchimp subdomain as the sending domain. For more information about why we do this—and why it's important to authenticate your domain if possible—check out our resource on the limits of free email.
Our partnership with Vailmail
We’ve established a partnership with Valimail for added peace of mind. Valimail helps ensure email compliance across all of your mailstreams, including marketing, payroll, invoicing, transactional, and more. Customers can sign up with Valimail to get free access to automated monitoring to help them meet and stay compliant with Google’s and Yahoo’s authentication requirements.
We’ll continue to monitor announcements from Google and Yahoo and make changes to our product that help our customers' emails continue to land in their contacts’ inboxes. We’ll communicate more information as it is available. In the meantime, please use one of our support options if you have any questions.
Updated: June 10, 2024