Gmail and Yahoo's latest updates are reshaping the landscape of email marketing, turning best practices into must-follow rules for email senders, especially those who send emails in bulk. But don't fret - this change is a win-win for both consumers and brands. And if you're teamed up with Klaviyo, you're already several steps ahead. We're here to demystify these new sender requirements and show you how to sail through your BFCM campaigns and beyond smoothly.

When Should You Implement The New Sender Requirements?

The new sender requirements will become mandatory in Q1 of 2024, so there's no immediate rush. Our recommendation is to continue business as usual through the BFCM season. Push all your promos and contents as planned and implement the new sender requirements from early December.

Why are Google and Yahoo Mandating this now?

These new email requirements represent a collaborative effort to enhance email security and user experience across the board. They underscore the need for industry-wide cooperation to ensure a safe, secure, and user-friendly email environment. 


While both Google and Yahoo's system defences can block 99.9% of spam, phishing and malware, they recognise the complexities of these threats are ever-evolving. These new requirements are twofold in action, educating brands on securing their digital assets and further protecting them and end uses through a collaborative initiative


At its core, the initiative addresses a critical gap that recognises many bulk senders have inadequately secured their systems, leaving them vulnerable to exploitation by malicious actors. By enforcing stricter sender validation and robust email authentication standards, the aim is to reliably verify sender identities, significantly reducing the influx of malicious and spam emails. But these measures go beyond just filtering harmful content; they're also about improving the overall quality of emails, decluttering inboxes, and enhancing the user experience

What Exactly Are The New Sender Requirements?

Come February 2024, all email senders will need to check three boxes:

  1. Authenticate your emails' origins.
  2. Say no to spammy, unwanted emails.
  3. Make unsubscribing a breeze for your audience.


These rules apply to all senders, but additional specific requirements will be in place for bulk senders. A bulk sender is anyone dispatching over 5,000 emails daily, including transactional ones. It's important to note that many businesses might be closer to this threshold than they think.


We've outlined a simplified list of necessary actions to ensure you're meeting these new sender requirements. While it may seem complicated at first glance, with all the acronyms, standards and frameworks listed, Klaviyo has already taken care of several new user requirements. 

Maintain Low Spam Rates (All Senders)

The new requirement mandates senders to keep their spam rates below 0.3%. While low spam rates have always been a best practice, requiring this low threshold gives brands the tools and guidelines to maintain a quality sender reputation, ultimately boosting brand trust and image.


Google provides Postmaster Tools to analyse email performance, helping to route your messages to the right place within Gmail. Access to this data and diagnostics allows senders to learn from Gmail delivery errors, spam reports and feedback loops. 

DMARC (Domain-based Message Authentication, Reporting, and Conformance) Authentication For Your Sending Domain (Applicable To All Senders)

DMARC is a protocol designed to enhance the security of your email communications. It ensures that emails are authentically from your domain and remain unaltered during transmission. Adopting DMARC is more than just complying with new sender requirements; it's a wise move to protect your email interactions.

To set up DMARC for your domain, you'll need to work with your Domain Name System (DNS) provider. This step is crucial and should be included in your strategy. To achieve DMARC compliance, it's necessary to link a dedicated sending domain to your account. This domain should correspond to the root domain used in your email's 'friendly-from' address.

Don't Impersonate "From:" Headers (All Senders)

Essentially, this means your emails can't look like they are coming directory from the Email Service Provider (ESPs) address if they aren't. In line with DMARC, this requirement helps to identify and prevent email spoofing, stopping senders from disguising their identity.


This shouldn't be a problem if you're an established brand with your email domain. Still, those just starting and using an @gmail.com or @yahoo.com email address should consider establishing a branded domain before the new sender requirements come into play. Impersonating ESPs in your emails' 'From:' header might get them flagged or blocked under this policy, affecting email delivery success.

Set Up SPF and DKIM Authentication (All Senders)

This requirement enhances the security and deliverability of your emails. Its focus is on authentication for your domain. Here's a simplified breakdown:


Sender Policy Framework (SPF) Authentication: This involves creating a record in your domain's DNS settings that lists which mail servers are authorised to send emails on behalf of your domain (ie, Klaviyo). It helps prevent spammers from using your domain to send unauthorised emails.


DomainKeys Identified Mail (DKIM) Authentication: this adds a digital signature to your emails, verifying that the email has not been altered during transit and confirms its origin. Think of it as a seal of authenticity for your emails.

The great news for Klaviyo users is that these technical setups are already integrated into Klaviyo's solution, meaning they are already automatically taken care of. You don't need to delve into the complexities of configuring these authentication protocols yourself. Klaviyo's built-in support for SPF and DKIM ensures your emails are authenticated, secure, and more likely to reach your audience's inboxes without extra effort.

Validate DNS Records (All Senders)

This requirement focuses on PTR (Pointer) records, a type of DNS (Domain Name System) record. It is essential for verifying the relationship between a sending IP address and its associated hostname. 


One of the primary uses of PTR records is in verifying email servers. When an email is sent, the receiving server can perform a reverse DNS lookup to check the PTR record of the sending server's IP address. If the domain name in the PTR record matches the domain name sending the email, it helps verify the sender's legitimacy. Many anti-spam systems also use PTR records as part of their filtering criteria. Emails sent from IP addresses without valid PTR records are more likely to be marked as spam or rejected, as the absence of a PTR record can be a sign of a poorly configured server or a potential source of spam.


For brands using Klaviyo, complying with this requirement is straightforward, as the platform automatically ensures that both forward and reverse DNS records are correctly configured for your sending domain and IP. This means that when you send emails through the platform, you're not only adhering to these new standards set by major ESPs but also enhancing your email's chance of reaching your audience's inbox.

Format messages according to the Internet Message Format standard (All Senders)

This requirement mandates that all senders format messages according to the Internet Message Format standard, as outlined in RFC 5322. In brief, this standard ensures that emails are compatible, professional, and less likely to be flagged as spam. The standard defines the proper format for various components of an email, including headers, character encoding, and line lengths.


Klaviyo's platform already incorporates standards into all emails sent through its system, meaning that when you create and send emails using the platform, your emails are automatically formatted to meet these mandated guidelines. By leveraging Klaviyo for your email campaigns, you automatically align with the latest email format requirements, ensuring your messages are delivered effectively and received positively by your audience. 

Support One-Click Unsubscribe (Bulk Senders)


For bulk senders, particularly those dealing with marketing, promotional, or newsletter emails, it's essential to facilitate a seamless unsubscribe process. This requirement entails providing two methods for unsubscribing in every email sent to subscribers:


  1. One-Step Unsubscribe Method: Your subscriber emails must include an easy, one-step method for recipients to unsubscribe, meaning as soon as your recipient clicks on the link, they are instantly unsubscribed. This could be a direct link or a simple button in the email body.
  2. Unsubscribe Link in your message body: In addition to the one-step unsubscribe link, there must be a visible unsubscribe link in your email copy. While this doesn't need to be a one-click process, meaning you can still send recipients to a landing page first, its presence is required.


Implementing these unsubscribe options not only meets the latest requirements but is already a common best practice, improving the overall experience for your recipients and potentially boosting engagement rates. 


Klaviyo, understanding the importance of this aspect, supports a one-click unsubscribe as part of its email marketing solution. This integration by Klaviyo simplifies the process for brands, ensuring compliance and enhancing the efficiency of email marketing campaigns.


The Nitty-Gritty: Staying Compliant Made Simple

  • Keep Your Spam Score Low: Stay under the 0.3% radar for spam rates. It's not just good manners; it's about cementing your brand's trustworthiness.
  • DMARC: Your Email Shield: This tech wizardry ensures your emails are genuinely yours and tamper-proof. Partner with your DNS provider; if you're leveraging Klaviyo, you're already ahead of the curve.
  • Authentic "From" Headers: Keep it real and avoid email identity crises. This is especially crucial for new brands still finding their digital footing.
  • SPF and DKIM: Your Email Armor: Fortify your domain's security and email integrity. Again, if you're using Klaviyo, this is already sorted for you.
  • DNS Record Validation: It's all about confirming your email's legitimacy, and yes, Klaviyo has you covered here, too.
  • Formatting Matters: Align with the Internet Message Format standard for professional, spam-resistant emails. Klaviyo's on it!


If you're navigating the Klaviyo landscape and need assistance, the Rebel team is here to guide you. Reach out for expert support tailored to your needs.