On Feb 1, 2024, Google and Yahoo enforced a few changes for bulk senders. Google defines a “bulk sender” as someone who sends 5,000 emails or more in a day, and Yahoo considers it as anyone that sends non-transactional emails. These policies are aimed to enhance email security and improve deliverability and are no longer optional. They mostly impact non-transactional email sending, but some are required for both marketing and transactional sending. For those who are bulk senders, a couple of quick changes will ensure you continue to have good deliverability. Skip to the Bulk Senders section to learn more.

Actions to take for everyone

1. Set up SPF and DKIM email authentication for your domain

DKIM The DKIM record confirms that your OneSignal email-sending domain is authorized to send mail on your behalf. Authenticate your emails by setting up a DKIM record in your domain’s DNS settings. This sets the domain name SPF Ensure your domain has a SPF record that lists the mail servers permitted to send email on behalf of your domain.

2. Keep your spam rates low

Spam rates must be 0.3% or lower to prevent your emails from being rejected or sent to spam. Follow our guide on How to Improve Email Deliverability.

3. Align your “From:” header with your domain

For those sending either transactional or marketing emails, ensure that the domain in the sender’s ‘From’ header is aligned with the SPF or DKIM domain. This is a requirement for emails to pass DMARC alignment checks. If you have a dedicated sending domain (e.g. email.onesignal.com), use an email address with the root domain (e.g. example@onesignal.com) for the “From” address.
Don’t impersonate Gmail “From:” headersIf you have a custom domain, be sure to use it in your “From:” address. If you use gmail.com or googlemail.com in your “From:” address, your emails will go to the spam folder.

Actions to take for bulk senders

1. Set up DMARC authentication for your sending domain

Email Authentication with DKIM, SPF, and DMARC are critical for verifying the authenticity of the emails sent from your domain. Authenticating emails using DKIM, SPF, and DMARC is now a requirement for bulk senders to protect against impersonation and phishing. If you’ve gone through DNS authentication for your email domain, then you’ll likely have already set these up. We strongly recommend that you log into your domain registrar and double-check. If you use OneSignal email, you can consult our documentation for more guidance. DMARC Implement DMARC by setting up a DMARC record in your DNS settings. This step comes after SPF and DKIM are in place. If you have not already implemented a DMARC policy, configure it on your root domain to contain: v=DMARC1; p=none;

2. Make unsubscribing easy and clear

Including a one-click unsubscribe link in both the header and the body of the email is now a requirement for bulk email senders sending non-transactional emails. This makes it easier for recipients to opt out of unwanted emails. The only required action here is to ensure you have a one-click unsubscribe link in the body of your message and that it is clearly visible. (Inbox providers automatically display the one-click unsubscribe option in the header.) Be sure to also support list-unsubscribe functionality and process all unsubscribe requests within two days.

3. Keep spam complaints low

All senders must stay below a clear spam rate threshold of 0.3%. Keeping spam rates low is critical for your domain reputation and deliverability, especially if you are a bulk sender.