5 min.
New rules for Gmail and Yahoo: What marketers must do to comply
1L’art de la gestion de projet2Un projet à succès commence par une bonne gouvernance3Cascade, agilité, demandes de changement?

New rules for Gmail and Yahoo: What marketers must do to comply

Email marketing

To strengthen email security and promote the adoption of best practices in email marketing, new rules were jointly announced at the end of 2023 by Gmail and Yahoo, to be applied as of February 2024 to all organizations sending over 5,000 emails to Gmail or Yahoo addresses. 

In this article, we’ll explain why Google and Yahoo have established these new transformative rules for mass emailing, what the new requirements are and how to comply.


The main requirements involve:

- Email authentication

- A quick and simple process for unsubscribing to emails

- A minimum spam rate of 0.3% (as measured by Google Postmaster)


Why are Gmail and Yahoo updating their rules?

Emailing is one of the rare marketing channels that have few standards and little universal support for foundational principles. Whether we’re talking about HTML and CSS, dark mode management, spam filtering or sorting important emails from promotions, most inboxes apply their own rules.

This can sometimes make the lives of consumers and marketers more complicated. On the one hand, marketers need to continuously manage the optimization of their systems and audiences based on inbox rules that are not very transparent. On the other hand, consumers are tired of irrelevant messages and fearful that their data will be misused.

However, in recent years there has been greater market concentration in email clients (Gmail and Apple now hold almost 90% market share), which paves the way for standardization. The joint announcement from Google and Yahoo is therefore a strong signal directed at marketers to encourage them to adopt best practices that are focused on customers and that respect their privacy. This marks a shift in email marketing by defining established rules and specifying who has to comply with them, or otherwise risk not having their precious emails delivered to customers.

What are Gmail and Yahoo’s new rules for email marketing?

Complete email authentication 

To guarantee the delivery of email, Gmail and Yahoo how require complete authentication of senders’ IP addresses and domains. This authentication is performed through the use of SPF, DKIM and DMARC protocols.

The DMARC protocol must be configured with at least one p=none policy, which indicates to inbox providers to deliver the email even if it fails SPF and DKIM verifications.

CONSEIL _ Les nouvelles règles de Gmail et Yahoo à partir de février 2024 - 4-2

What is email authentication and why is it important?

Many companies have not yet authenticated their sending domains. At Adviso, we also frequently see clients without DMARC setups.

Email authentication is a verification method used by incoming mail servers to determine whether a sender is legitimate. It proves that an electronic message has not been spoofed and facilitates the blocking of all fraudulent messages. This authentication is essential for any company that wants to use email effectively.

Ignoring email authentication could prove to be an expensive mistake, leading to lost conversions as well as tainting the reputation of the brand and affecting its email delivery rate. 

A fast and easy process for unsubscribing to emails 

Une autre exigence est l'intégration d'en-têtes de désinscription dans les emails, permettant aux Another requirement is the integration of unsubscribe headers in emails, which will allow recipients to easily unsubscribe in a single click. This feature aims to reduce the number of spam complaints by offering a simple, clear alternative to the “Mark as spam” button.

At this time, it is not clear whether Google and Yahoo will take action against emails that do not include this feature.

CONSEIL _ Les nouvelles règles de Gmail et Yahoo à partir de février 2024 - 3-1

Emails must continue to include a clear, visible link at the bottom of the page to allow recipients to unsubscribe and comply with local anti-spam regulations (CAN-SPAM and C-28 in Canada).

Fast processing of email unsubscribe requests

Companies must also process unsubscribe requests within a two-day period. This will help maintain the good reputation of the sender as well as respect the preferences of users.

From a legal perspective, CAN-SPAM legislation allows up to ten working days to process unsubscribes, but there is nothing preventing inbox providers from apply stricter timelines. In addition, the intention of CAN-SPAM has always been for senders to process unsubscribes as quickly as possible, which is undeniably what consumers expect.

The ten-day window stipulated in CAN-SPAM legislation recognizes that some decentralized organizations (such as insurance companies with many independent brokers) may need more time to transmit unsubscribe requests across their extensive organizations. Google and Yahoo are therefore pre-empting the regulations and promoting better data management for email subscriptions.

Maintenance of a low complaint/spam rate

Gmail formerly recommended avoiding spam rates above 0.1%, and the new rule to be applied by Gmail and Yahoo as of February 2024 specifies that senders must maintain a spam rate of 0.3% or less.

This new requirement is unprecedented in the marketplace—this is basically the first time that providers of inboxes are specifically defining a spam threshold that they do not want to be exceeded.

For the moment, however, neither Gmail nor Yahoo have specified whether they will calculate spam rates on a weekly or monthly basis, and we can remain confident that an occasional increase will not on its own trigger blocking or sorting as spam.

How should you comply with Gmail and Yahoo’s new rules to maintain your email marketing performance?

Gmail and Yahoo’s new rules will come into effect starting in February 2024. To operationalize these new requirements, companies will need to rely on their email management teams and work with their IT teams to change system configurations.

Sender verification and email authentication update

Companies must ensure that their emailing system is already configured with SPF, DKIM and DMARC protocols. If this is not the case, it’s crucial to establish or change the DMARC policy for greater protection against spoofing and spam.

To fully benefit from DMARC, companies must establish this protocol on all sending domains, then monitor and analyze the reports (there are simple solutions available for quickly analyzing the results and receiving alerts) so that they can quickly intervene in case of a major incident, such as a phishing attack or authentication failure for a legitimate source.

In addition to these authentications, we recommend setting up BIMI, an emerging email authentication spec which, in addition to strengthening security, enables the use of logos controlled by the brand in compatible email clients, thereby strengthening the brand’s visibility in inboxes.

Integration of unsubscribe headers

It’s important to check whether your email service provider (ESP) activates unsubscribe headers and whether unsubscribe links are visible and accessible in emails.

This requirement does not include transactional emails, since these do not include unsubscribe links or specific unsubscribe headers, but you should, however, ensure your transactional emails and marketing emails are easily distinguished from each other.

Optimization of unsubscribe process

Marketers must review their processes to ensure they can fulfill unsubscribe requests within two days, in accordance with the new rules.

From a technical point of view, most companies shouldn’t have any major issues complying with this rule, since most platforms automatically delete addresses that have unsubscribed from their mailing lists. However, if management of your subscriber list is decentralized, you should ensure that unsubscribes are propagated throughout your emailing systems in fewer than two days.

Monitoring and reduction of spam complaints

To maintain a spam rate under 0.3%, brands must improve their spam monitoring and analysis, especially during periods of heavy activity, such as on Black Friday and during the holidays. 

Special attention must be paid to audience segments and acquisition sources to identify and address potential issues. This rule also represents an opportunity for brands to ensure that their entire emailing program is well aligned with their promises to subscribers when they sign up (the exchange value offered when subscribing).

To reduce spam rates, several tactics have already proven valuable:

  • Use explicit consent (a checkbox selected to receive emails) as a basic rule for targeting

  • The subscription validation process (double opt-in)

  • Personalization and segmentation to allow to you strengthen the relevance of emails to recipients

  • Campaign targeting that excludes subscribers who have opted out

  • Emailing schedules based on subscriber engagement

  • Preference pages and centres

The Google and Yahoo update: An opportunity to refocus emailing strategy on customer value

The expansion of our digital lives in recent years has necessitated deep legal and technological transformations in digital marketing. Consumer expectations in terms of customer experience and privacy have increased, making the management of marketing growth ever more complex.

Despite this change, best practices in emailing remain relevant. For a successful email strategy, companies must focus on the quality of emails sent, instead of the quantity, while precisely targeting and segmenting their campaigns, personalizing their content and offers, and favouring mailing rules based on stages of the customer journey. By effectively applying these principles, brands can maximize positive engagement, reduce negative engagement, and increase the loyalty of their valued subscribers.

In his 1999 book Permission Marketing, Seth Godin was already emphasizing the importance of taking a value-centric approach to customers and respecting their privacy:

“Either you’re a spammer or you’re not.

Either you’re regularly skirting the edges, trading lists, hustling people, writing link bait subject lines, evading policies and skulking around, or, you’re being clear and open and delivering messages that are anticipated, personal and relevant. 

The test is easy: If you didn’t send out your emails tomorrow, would people contact you to find out what happened?”

Sources :