Google and Yahoo’s 2024 email changes: A guide for internal communicators

By Nicole Mastrodomenico, Axios HQ Solutions Engineering Manager

In February 2024, new email guidelines went into effect that will impact anyone sending messages to 5,000+ Gmail or 5,000+ Yahoo personal email addresses per day.

• For communicators reaching employees, you should be fine for now, but below is a list of considerations for your IT team. 
• For organizations reaching members, clients, or marketing lists, these changes are essential to continue reaching your audience.

The big picture: These guidelines exist to protect the reader and their sought-after inbox — making sure the messages that reach them are high-quality communications they asked for from people or organizations they trust. Google’s policies and Yahoo’s policies double down on three requirements. 

1. Authenticated senders: You need to have valid SPF and DKIM records, confirming you’re a legitimate sender, and a proper DMARC policy to protect the messages you send. 
2. Easy unsubscribe processes: Readers should have a one-click way to opt out of your emails.
3. Low spam rates: Send quality content to people who asked for it, and this shouldn’t be an issue. Tools like Google Postmaster can help you track spam rates so you stay below 0.10%

The good news is these are all standard best practices for any professional communicator. What’s changing is the severity of the consequences for not following them. Fall short of the new guidelines and your message may land in spam or not arrive to your readers at all.

Internal communications are less affected

For now, Google and Yahoo are focused on amping up protection for personal accounts — ending in things like @gmail.com or @googlemail.com. They are the most exposed and most at risk of receiving emails they didn’t want or don’t need.  

• Google Workspace will not enforce these changes on professional inboxes for now.

You keep saying “for now”: Yes. Google could eventually expand these guidelines. And “for now” there’s also a gap in the guidelines. Here’s an example:

• One of your clients or members works for ACME. They use Google Workspace, and they have an @acme.com email.
• They use their @acme.com email to sign up for an email or update from your organization. 
• You send newsletters to their @acme.com email. 
• Their email does not count toward your 5,000+ email threshold that would make you beholden to Google’s new email requirements. Their address is a work Gmail, not a personal Gmail.
  
  

The takeaway: Even organizations reaching clients and members have an extra built-in safety net if they can reach them on their business email addresses — for now. But as protections get stronger for all types of recipients, that could change. Following best practices now will set you up for success later. 

How senders can follow new email guidelines

The responsibility is on each organization, individually, to be a better sender — staying reader-first, with high integrity, for when, how, and with what you reach your readers. The email communication tools your teams choose to use can also help ensure you stay in line with evolving guidelines.  

Four things to do ASAP:

1. Ensure you’ve authenticated your domain. You can read Google’s best practices, but both it and Yahoo now require stronger authentication — “with SPF, DKIM, and DMARC for your domain.” Essentially, you need to confirm and protect your domain, which protects against spam and phishing.

• What you can do: Talk to your IT team to review and confirm this has happened.
• If you’re an Axios HQ customer: Emails from Axios HQ send from Mailgun. We’ve reviewed our configurations to ensure we’re compliant. Our sending domain authenticates with SPF, DKIM, and DMARC in place, and we have valid forward and reverse PTR records. We format using RFC standards, and HQ senders can’t impersonate @gmail or @googlemail addresses.

2. If you send externally, add an unsubscribe link. Every email should have an easy way for readers to opt out if they choose to. 

• What you can do: Most email sending providers help you configure this in your settings. 
• If you’re an Axios HQ customer: You have access to subscribe and unsubscribe features in your general Settings. You can toggle them on or off for any series you manage to ensure external readers have control over which communications they receive.

3. Keep spam rates low. Google’s guidance is to stay under 0.1% and never reach 0.3%. Yahoo has said it will monitor a threshold, but has not announced what it will be.

• What you can do: Never buy lists, and only send to readers who want to hear from you. Try Google’s Postmaster Tools to get information about the email you send to Gmail users.
• If you’re an Axios HQ customer: Clear any external audience lists of bad emails before you send your first message. Check your edition analytics after each send and remove any bounced email addresses it flags for you. Routinely use the poll or feedback features to ask your readers for input on what you’re sending and what would make it even stronger.

How Axios HQ’s custom domain still protects you

If you’re an Axios HQ customer who has worked with us to set up a custom domain, you’re still covered. Custom Domain configurations still send from Axios HQ, so the work we’ve done on your behalf to make sure we’re all compliant still applies.

Two steps we still recommend to all users:

• Review your DMARC policy.This policy should already exist on your root domain, and will trickle down to the custom subdomain we’ve set up for you. Your IT team can help.
• If you do not have a valid DMARC alongside your custom domain setup, let us know. We can implement one on your subdomain to protect your Axios HQ sends.

Go deeper: If you’re Interested in learning more, check out Google’s support article and Yahoo’s support article, And if you’re an Axios HQ customer, reach out to your account manager with questions.