Understanding the 2024 Google and Yahoo spam filter updates: A guide for businesses

Don’t let the latest Google and Yahoo spam filter updates catch your business off guard. Dive into our detailed guide to understand and adapt to these essential changes for seamless and compliant email communication.

The digital communication realm is dynamic, with frequent updates that aim to enhance security and user experience. 

Google and Yahoo’s latest announcement regarding spam filter updates, effective from February 2024, is a significant development for businesses that rely on email marketing and communication. Let’s break down what these changes entail and how they can impact your business operations.

Jump to:

• What are the latest spam email filter updates?
• Who is affected by these spam updates?
• What to do if you’re a HoneyBook member
• How should business owners authenticate their email addresses?
• One-click unsubscription: simplifying the opt-out process
• Spam rate threshold: keeping your emails wanted
• How do these updates differ from other spam policies?
• What are the risks of not complying with these spam filters?
• Proactive tips to stay ahead
• Improving your client communication

What are the latest email spam filter updates?

According to Google and Yahoo, both companies will be implementing stricter requirements for any businesses or entities that send commercial emails, in an effort to reduce email spam. 

Though these updates will specifically affect those who send at least 5,000 emails in a day (across all email tools), both have already been blocking senders with lower volumes who have high spam complaints or missing domain records. 

Therefore, we recommend all independent businesses consider these changes, regardless of the email volumes you currently send. 

The 2024 email spam updates will require senders to: 

• Authenticate their email address
• Enable easy unsubscription
• Ensure emails are wanted

Who is affected by these spam updates?

If you send more than 5,000 emails per day…

Ensure your email address is authenticated properly through DKIM, SPF, and DMARC, along with the additional requirements of:

• Enabling easy unsubscription
• Ensuring emails are wanted and your spam rates are below 0.1%

If you send less than 5,000 emails per day…

You should still ensure that your email is authenticated through DKIM and SPF. Though DMARC is more relevant for users who are sending more than 5,000 emails per day, we still recommend setting it up for your email domain. At times, your domain can be identified as a bulk sender even if you aren’t.  

Though the updated requirements don’t apply directly to you, you should still ensure you’re following email best practices in order to fully prevent your emails from going to spam or being spoofed. That means still ensuring you have an unsubscribe option for marketing emails and that your email spam rate is below 0.1%.

What to do if you’re a HoneyBook member

If you have your email integrated into HoneyBook and you have a custom domain (your email address is something like [email protected], versus a generic email like [email protected]), take the following steps: 

1. Start by verifying your email authentication through our DKIM and SPF domain tester. If the authentication fails, it’s crucial to follow the steps in the domain tester to update these, as your emails are likely to go to spam otherwise. After setting up your DKIM and SPF, you can also check your DMARC settings to make sure it’s set properly as well. 

2. Make sure you implement an unsubscribe option on all marketing emails. Offering unsubscription is one of the ways you can maintain a high sender reputation and keep yourself below the spam rate threshold. In general, verify that whoever is getting your emails is actually interested in getting them. In addition to unsubscribe, avoid sending cold emails to people who aren’t expecting an email from you. 

To offer unsubscribe through HoneyBook, we’re rolling out a new feature so you can easily do so. In the next few days, you’ll be able to quickly mark an email as a marketing message and add an unsubscribe link at the bottom and header of your email. Your clients can click the link to land on an unsubscribe page that’s unique to your brand. Once clients are unsubscribed, you’ll see that noted in your client and project workspaces as well as your contacts list. 

Keep in mind that the unsubscribe link is only required on marketing emails, so clients who unsubscribe from those will still receive your project-related emails, such as two-factor authentication, reminders, and one-on-one communications. 

If you have an integrated email in HoneyBook but use a generic email address like [email protected], we advise you to create a custom domain and start sending your business emails using that email address. In general, this may produce better email deliverability than using a generic email address. 

1. How should business owners authenticate their email addresses?

Email authentication is not just a technical term; it’s your business’s passport in the digital world. It’s what tells your customers, “It’s safe to open this email.” 

With the new updates, Google and Yahoo are making it mandatory for bulk senders to authenticate their emails using standards like SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance). All in all, Email authentication is a set of protocols that helps protect email senders and recipients from spam, phishing, and other types of email-borne abuses.

Consider what the protocol is like if you want to access your safety deposit box at a bank. The teller would ask for your ID or your keys to ensure it was you before providing access. Similarly, email authentication acts as a security system, ensuring your emails are actually coming from you and can be sent to your recipients’ inboxes instead of the spam folder.

Without email authentication, you can’t guarantee that your email will be delivered successfully, just like how you wouldn’t be able to access a safety deposit box without proper verification. 

Here’s a breakdown of how SPF, DKIM, and DMARC work individually and together.

SPF (Sender Policy Framework)

Think of SPF like a VIP list for your party (your email domain). It tells email servers which guests (mail servers) are allowed to send emails from your domain.

How to set up SPF:

1. Create an SPF record: This is a line of text that you’ll add to your domain’s DNS settings. You can create one using an SPF record generator online or with the help of your hosting provider.

2. Add the SPF record to your DNS: Once you have your SPF record, you’ll need to add it to your DNS settings. This is usually done through your domain registrar or hosting company’s website.

3. Sending and receiving emails: When you send an email, the receiving server checks your domain’s SPF record to make sure the email is coming from a server on your VIP list. If it is, great! If not, it might mark the email as spam.

DKIM (DomainKeys Identified Mail)

DKIM is like putting a unique stamp on all your letters. It helps prove that the email came from you and wasn’t changed along the way.

How to set up DKIM:

1. Generate DKIM keys: You can use a DKIM key generator tool or get assistance from your email service provider to create a public/private key pair.

2. Add the public key to your DNS: The public key goes into your DNS settings just like the SPF record.

3. Configure your email to use DKIM: Your outgoing emails will now include a digital signature – a bit like signing your letters. When the email arrives, the recipient’s server uses the public key to check the signature and confirm that the email is legitimate.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

DMARC is the boss that takes the rules from SPF and DKIM and decides what to do if the rules aren’t followed. It’s like setting house rules for what happens if someone crashes the party.

How to set up DMARC:

1. Create a DMARC policy: This is another text record for your DNS. You can create it using a DMARC policy generator or with help from your email service provider.

2. Add the DMARC record to your DNS: Place this record in your DNS settings like you did with SPF and DKIM.

3. Emails are checked and reported: When you send an email, if it passes the SPF and DKIM checks, it’s all good. If it fails, the DMARC policy tells the receiving server what to do (like send it to spam) and sends a report back to you. You can use a DMARC checker to make sure you’re properly authenticated. 

How SPF, DKIM, and DMARC work together

SPF, DKIM, and DMARC are your email’s bouncers. They work together to make sure your email is from who it says it’s from (not an imposter), hasn’t been tampered with (no one’s messing with your message), and that everyone follows the rules (so your email doesn’t end up in the spam folder).

By setting up these three systems, you’re putting a strong security system in place for your emails. It’s a bit like locking your car and setting the alarm; it keeps your emails safe and makes sure they get where they’re meant to go.

2. One-click unsubscription: simplifying the opt-out process

The journey to unsubscribe from an email list can sometimes feel like an unwanted adventure. The latest updates from Google and Yahoo aim to streamline this process by enforcing a one-click unsubscribe feature. However, it’s important to distinguish between the types of one-click unsubscribe mechanisms available.

For emails sent through Email Service Providers (ESPs), the updates require the inclusion of a one-click unsubscribe button directly in the email header, which is visible and accessible from the email service provider’s interface (like Gmail or Yahoo Mail). This button allows users to opt out from further communications before even opening the email, making the process as seamless as possible.

Here’s an example: You receive a promotional email in your Gmail inbox. At the top of the email, alongside the sender’s name and subject, you’ll see an “Unsubscribe” button. Clicking this button will instantly remove you from the sender’s mailing list, and no further action is required.

However, if you’re sending emails (even through a tool that does it for you, like the HoneyBook email integration) directly from your personal or business inbox without an ESP, this type of header-based one-click unsubscribe may not be feasible. In such cases, it’s still essential to include a clear and simple unsubscribe link at the bottom of your emails. While it may not be as instant as the header button, it should lead the recipient directly to an unsubscribe confirmation without any additional steps or navigation.

This distinction is crucial for businesses to understand, as it affects how they set up their email campaigns. By ensuring that the unsubscribe process is as user-friendly as possible, businesses not only comply with the new regulations but also demonstrate respect for their recipients’ inbox preferences, thereby maintaining trust and a positive sender reputation.

3. Spam rate threshold: keeping your emails wanted

Bulk senders are like the big department stores of the email world– they send out large volumes of email, whether it’s newsletters, promotional content, or transactional messages like order confirmations and shipping updates. You may be considered a bulk sender if you use email systems like HoneyBook or Mailchimp to manage and send your emails. 

However, there’s a catch. If one of these senders starts sending emails that are often marked as spam and have low engagement, it will affect the reputation of the sender no matter what system they are using. 

Think of the spam rate threshold as a limit to how many unwanted emails you’re allowed to make in the email world. Email services like Google and Yahoo are now being stricter on this. If too many of your emails are marked as spam, it’s like having the police called for a noise complaint – your future emails might go straight to spam folders without notifying the sender or you could be blocked from sending any more emails at all.

Keep these steps in mind to minimize your spam rate threshold. We recommend following these if you send any commercial emails, but especially if your business is sending thousands of emails across all tools that use your sender domain-based email.

• Monitor feedback: Keep track of how many people are marking your emails as spam. You can do so directly through your email feedback loop, or if you use Google, you can also use Google Postmaster.
• Be relevant: Make sure your emails are interesting and relevant to the people receiving them.
• Stay updated: Regularly clean your list to remove uninterested or unengaged subscribers. Some inbox service providers do not share who has reported your emails as spam, thus they can not automatically be removed from your list (E.G.: Gmail / G Suite); it’s up to you to maintain a clean list of subscribers. 
• Follow the rules: Adhere to email marketing best practices to avoid being marked as spam to begin with.

How do these updates differ from other spam policies?

In the past, Google and Yahoo recommended best practices for email sending but didn’t strictly enforce them. The 2024 updates shift from a recommendation to a requirement, indicating a stronger stance on email security and spam prevention.

What are the risks of not complying with these spam filters?

Ignoring these updates is not an option unless you’re willing to risk your emails being blocked or relegated to the spam folder. This could lead to a significant drop in engagement rates, tarnish your sender reputation, and ultimately impact your business’s bottom line.

Proactive tips to stay ahead

To stay compliant, businesses should take the following steps:

Improving your client communication 

The upcoming Google and Yahoo spam filter updates are a call to action for businesses to refine their email practices. By embracing these changes, you can ensure that your emails continue to be a valuable touchpoint with your audience. 

Though Google and Yahoo are the first to announce these updates, other email providers will likely have the same requirements soon. We recommend thinking about these updates as ongoing best practices that you should implement regardless of your current email usage. Ultimately, these guidelines have always existed, but the difference is that users can experience greater penalties now. 

Remember, these updates are not just about avoiding penalties; they’re about fostering a trustworthy and respectful digital ecosystem for businesses and consumers alike.