email marketing agency
Work With Me

Grappling With Google's New Bulk Sender Guidelines

google-bulk-sender-guidelines

On October 3rd 2023 Google announced new guidelines for bulk senders. These guidelines apply to senders who send more than 5,000 messages to gmail addresses each day. 

So every ecommerce brand with a decent-sized email list is included. These guidelines protect gmail users from spam, phishing attacks and fraudulent activity.

Brands who don’t follow these rules could damage their reputation online. Yikes! No worries though, since you’re part of the EPIC fam, I got your back. Keep reading to learn how to prepare for Google’s new email sender guidelines.

By February 2024 Gmail will require all bulk senders to:





Authenticate Emails

google-bulk-sender-guidelines

What do DKIM, SPF, and DMARC have in common? Other than being a mouthful to say, these three protocols protect email inboxes. Without them, fraudulent attackers can impersonate your ecomm brand and message your subscribers.

This can cause a domino effect that hurts your business in the long run. Let’s breakdown each protocol so you know what they mean. 



What is DKIM?

DKIM stands for DomainKeys Identified Mail. It’s a protocol that signs email messages in a way mailbox providers can verify. In a nutshell DKIM protects your business and customers from targeted email attacks. The DKIM protocol breaks down into three steps:

  1. The sender (that’s you) identifies what fields they want to include in their DKIM record signature. These fields include: the “from” address, the body of the email, your subject line and many others. These fields must stay the same in transit to pass DKIM authentication. 
  2. After you’ve selected the fields, your email platform creates a numerical hash of the text fields. This hash gets included in the DKIM signature. Once the hash string is created it’s encrypted with a private key only you can access. 
  3. The last step in the process involves the email gateway or consumer mailbox provider. They must confirm the DKIM signature by finding the public key that matches the private key. After that the DKIM signature is decrypted back to it’s original hash string. The receiver compares its hash of the fields in the signature with the decrypted hash string. Once everything matches up the DKIM signature is confirmed. 

 

Still with me? 

Think about it this way, A DKIM signature creates a private key that needs to match the “lock” (public key) on your subscriber’s mailbox. As long as the key matches what you sent, it unlocks your subscribers inbox and allows them to receive the email. 

Pretty cool right? Not only does a DKIM signature protect your customers, but it also protects you. By preventing attackers from impersonating you, the DKIM signature helps secure your emails. But it takes more than DKIM to fully secure your emails, that’s where SPF comes in.



What is SPF?

And no I’m not talking about sunscreen. Bad dad jokes aside, SPF is actually a pretty epic protocol to use in your email marketing. It stands for ‘Sender Policy Framework’.

SPF prevents email spoofing and phishing attacks. SPF is a crucial part of email cybersecurity. Without it attackers can pretend to represent your organization or domain.

SPF ensures the emails that appear to be from your domain were actually sent by you. SPF works along with your DNS (Domain Name Server) to make sure no one impersonates your brand via email. SPF even improves your email’s deliverability and your organization’s reputation.

SPF works along with DKIM and DMARC to secure the emails you send. The benefits don’t stop there though. SPF also:

  • Prevents email spoofing
  • Enhances email deliverability
  • Improves domain reputation
  • Helps fight phishing attacks
  • Protects your organization by securing compliance
  • Keeps your emails out of the spam folder

 

It gets better… Within the sending policy framework an SPF record is created. An SPF record is a type of DNS record. It prevents fraudulent mail servers from sending emails using your domain.

Having an SPF record is essential to authenticate your emails. It allows administrators to block phishing emails from reaching your subscribers inbox.

Think about the trust you’d lose if someone impersonated your ecommerce brand. All the hard work you did acquiring and then nurturing your customers could go down the drain.

And if messages that appear to be from your domain get marked as spam, your brand reputation could be ruined. Many of the larger email systems come standard with SPF detection.

You can take it a step further by adding a record to your DNS servers. This ensures your emails make it to your subscribers’ inboxes. 

Let’s break this down more:

Think of an SPF record as your well connected friend who can get into any club in the city. The bouncer at the door is your subscriber’s receiving server. He checks the identifiers on your friend’s ID (typically IP addresses and domain names).

He wants to make sure your friend is who he says he is. Once everything checks out, he throws open the velvet rope to the club and your email is delivered.

If you use a third-party provider like Klaviyo to send your emails you’ll have to include it in your SPF record. This crucial step ensures your subscriber’s email server doesn’t mark it as spam. By this point I’m sure you love SPF as much as I do, but wait there’s more! *Ron Popeil voice*

SPF and DKIM work to protect your brand and your subscribers but DMARC rounds everything out. 



What is DMARC?

DMARC stands for Domain-based Message Authentication Reporting and Conformance. It determines what happens to an email message that cannot be verified.

You set DMARC rules to determine what happens to messages that don’t pass SPF and DKIM validation. DMARC triggers three distinct actions for failed DKIM validation: 

  • Quarantine

This action holds emails in a safe place away from your subscriber’s mailbox. The server administrator reviews the emails for security. This can help expose phishing campaigns. If the emails in quarantine get added by mistake it could mean there’s a problem with your SPF or DKIM settings. 

  • Reject 

The reject action prevents DKIM failed messages from entering your subscriber’s inbox. This is the most common setting with public servers like Gmail. Google drops millions of messages that fail DKIM and SPF validation. This setting prevents its users from phishing attacks, spam, and other fraudulent activities. 

  • None

Nothing happens when you select the “none” setting. The message continues on to your subscriber’s inbox. Ecommerce businesses will use this setting for security administrators who investigate suspicious messages. 

In simple words, a DKIM record protects your subscribers from malicious content. An SPF record detects fraudulent emails and protects your subscriber’s inbox. And DMARC determines what happens to messages that fail DKIM or SPF validation. You should use all three tools together to protect your ecomm brand.



Make Subscribes and Unsubscribes Easy As Pie

google-bulk-sender-guidelines

The next Gmail guideline for bulk senders is an easy subscribe and unsubscribe process. Odds are you already do this.

This is a crucial step to keeping your email list engaged and healthy. And if you don’t currently practice this in your email marketing the good news is, it’s super simple to get set up.

To make your email list easy to subscribe to:

  • Tell new subscribers what to expect from your email list on the opt-in form.
  • Use a double opt-in form for more qualified leads.
  • Email subscribers a few times a year to make sure they want to stay subscribed to your email list.
  • Regularly remove subscribers who don’t open or engage with your emails from your email list.

 

AND… That’s it! I told you it’d be easy. The hidden benefit of following these rules is they will keep your list healthy. A healthy email list is key to having EPIC results with your ecomm brand’s email marketing. Now, on to unsubscribes…

Google has made it clear that the unsubscription process must be as easy as possible. And you should be happy about this one too. Why? Subscribers who don’t want to be on your email list anymore are only costing you money and driving down your KPIs.

They could even mark your email as spam. Too many spam complaints hurt deliverability and even damage your brand’s reputation. So, an easy unsubscribe process ensures you only have subscribers who want to hear from you.

Include a one-click unsubscribe in every email you send. You can place this link anywhere in your email but most brands choose to place it at the very bottom of the message. An easy subscribe/unsubscribe process is key to a healthy email list. 

Another part of the new sender guidlines is keeping a low spam threshhold.



How to Keep Your Spam Rate Low

google-bulk-sender-guidelines

A low spam rate is essential to keeping your email deliverbility high. The good news is keeping a low spam rate threshold isn’t hard to do.

In fact, most brands already work to keep spam rates low. To keep your ecomm brand’s emails out of the spam folder you should only send relevant messages to your subscribers.

No duh right? Like I said most ecommerce brands already do this one but that doesn’t mean you can’t do a better job of it. Relevant content leads to more email opens, reads and clicks.

Segment your email list to ensure the best content goes to the right subscriber at the perfect time. This is especially important if you sell to more than one customer avatar.

For example, check out this form from hims.com:

google-bulk-sender-guidelines

This form highlights different customers’ pain points. After a new subscriber chooses an option, it’s easy to place them into the right segment. This makes it way easier to keep your list engaged and even helps you come up with content ideas to send to your list.

What about brands that send emails from different IP addresses? Will they be in violation of google’s new terms? Not at all. As long as they set everything up the right way.

For example, let’s say you have two IP addresses. You use one to send account notifications and the other for promotions. You can easily keep them separated by using the same ‘from’ email address:

Promotional emails: deals@epicemailcopy.com

Account notifications: alert@epicemailcopy.com

And so on. The emails you send from each IP address should be specific to that category. So avoid sending promotions from your account notification IP address and vice versa.

Following these rules helps you stay compliant with google’s new guidelines. It also helps customers know what to expect from your emails. Consistency is crucial to happy subscribers who engage with your brand.

Having an email list filled with high quality leads is every brand’s goal, right? Well one simple way to qualify new leads is your opt-in form. A clear opt-in form tells the viewer what joining your email list will mean.

Avoid opt-in forms that automatically subscribe users with a default check. Some countries and regions restrict the use of these types of forms. A better process is using a double opt-in form.

The double opt-in helps deter low quality leads. By asking your subscriber to work a little harder to join you’re making sure they actually want in on your list. 

Following these tips can help you keep your emails out of the spam folder and in your subscriber’s inbox.

*A special note*

Are you new to email marketing for your ecommerce brand? Follow these tips to get started and keep your list healthy:



Increase sending volume slowly

If you suddenly received several emails from a company you don’t remember what would you do? Most people would unsubscribe from the list quickly or even mark the message as spam.

When you’re starting out, dip your toe into the waters by only emailing your list weekly. You can start by sending emails to engaged users or buyers who recently signed up for your list. Add subscribers later to keep deliverability and engagement high.



Check server responses regularly

Keeping a close eye on how servers view your emails is key, especially when you’re new to email marketing. Watch your spam rate and domain’s reputation to catch problems early on.

You can track all this with Postmaster tools. Follow the link at the end of this blog post to learn how to use it. 

If you use an ESP like Klaviyo for your email marketing you’ll need to take one extra step. Make sure your ESP allows you to configure your settings in line with the rules mentioned above.

Don’t wait! February will be here before you know it. Set yourself up for success in 2024 by making these changes now. 

If you need help with your email marketing, you’re in the right place. Many ecomm brand owners and decision makers don’t have the time to do this themselves. Others fear making a mistake that could potentially cost them customers.

If this sounds like you then it may be best to let someone else do all the heavy lifting for you. Want a more profitable email list? I help ecommerce brands get EPIC results with email by:

  • Keeping your brand’s reputation high 
  • Solving deliverability issues
  • Keeping subscribers engaged

 

Will your brand be next? Click this link to learn more about how I can help your ecommerce brand grow.



References

  1. Google. (2023). Email sender guidelines. Retrieved from support.google.com
  2. Proofpoint. (2022). What is DKIM? Retrieved from proofpoint.com
  3. Proofpoint. What is sender policy framework (SPF)? Retrieved from proofpoint.com

 

To monitor your domain’s reputation use this link to learn how to set-up postmaster tools for your ecommerce brand.



 

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Policy