Email marketing is one of the most effective tools that a nonprofit organization can use to stay connected with their donors, boost fundraising appeals, and send important updates to those involved in their mission.
However, email marketing is facing big changes in 2024 that may impact you and your organization. We’ve created a handy resource to help explain these changes, and what they might mean for you.
What changes are Google and Yahoo making towards sending bulk email messages?
Google and Yahoo have announced that they are now requiring email senders to implement specific email authentication methods.
Starting on February 1, 2024, senders who send more than 5,000 messages per day to Gmail or Yahoo accounts must meet the following requirements:
SPF and DKIM email authentication must be set up for your domain
Sending domains (or IP addresses) must have valid forward and reverse DNS records
What is email authentication?
Email authentication is a set of tools and techniques used to ensure that an email being sent is legitimate, and isn’t an attempt to send an individual spam, phishing attempts, or other malicious communications.
Why are Google and Yahoo making these changes mandatory?
These requirements are designed to help prevent your messages going to your contact’s spam folders, as well as prevent any attempts to impersonate your organization by bad actors. They’re meant to help make sure that verified, authentic emails hit your recipient’s’ inboxes more often – and invalid, junk emails have a harder time clogging up individual inboxes.
While these changes will now be required, these authentication tools have always been considered as a part of “best practices” for bulk email deliverability. These requirements also help Google and Yahoo move towards a safer, more standardized global email ecosystem, and are part of a greater initiative to help the two companies align with global cybersecurity standards moving forward.
Additionally, while these changes are now a requirement through Google and Yahoo, other ISPs (“internet service providers”) and email clients are also beginning to enact stronger authentication requirements. This means these changes will likely also become requirements for other email clients in the future.
What does this mean for my organization?
This means that if you send one email to over 5,000 Gmail or Yahoo email recipients, you’ll now be subject to these new requirements moving forward – even if you don’t send emails of that volume frequently, or ever again.
If this is the case for your organization, and you do not comply with these requirements, your emails are more likely to be quarantined or flagged as spam or junk by email providers, and not reach their intended recipients.
What steps do I need to take to implement these changes for my future Email Blasts?
In order to make sure you’re compliant with these new changes, you’ll want to make sure that your SPF, DKIM, and DMARC records are set up for your sending domain. (If you’re not familiar with these terms, scroll down for more information.)
Network for Good will be releasing additional tools to help confirm that your organization is compliant with these guidelines in the near future; however, your organization is (and will remain) responsible for ensuring that these records are set up correctly within your organization’s domain.
We’ve created a quick reference chart to help explain what steps you and your organization may need to take below.
Please ask yourself:
How many emails are you sending? | Are you using the default noreply@networkforgood.com email as the “from” email address in email messaging? | Are you using an email with a custom domain (such as director@myorganization.org) as the “from” email address in email messaging? |
Less than 5,000 emails per day* | At this time, you aren’t required to make any changes, but we strongly recommend you obtain a custom domain and authenticate that domain with both DKIM and SPF records. | Make sure you’ve authenticated your domain with DKIM verification. |
More than 5,000 emails per day* | Obtain a custom domain and authenticate that domain with both DKIM and SPF records. | Make sure you’ve authenticated your domain with DKIM, SPF, and DMARC records. |
* Please note that one email blast to 5,000 recipients still counts as 5,000 emails, since the email blast is sending out 5,000 individual emails!
We also strongly recommend that all customers sign up for Postmaster Tools, which is a free service through Gmail. Postmaster Tools reports on spam rates associated with the email address you use to send communications. Because Gmail doesn’t inform us when an email recipient reports a message as spam, Postmaster Tools provides that reporting so you can stay on top of any potential risks – such as keeping your spam rate below 0.3%.
What happens if we do not implement these authentication tools?
Messages sent without the proper authentication sent after February 1st may end up in increased “bounce” rates, or messages being sent to the junk or spam folder more frequently.
What is SPF email authentication, and how do I set it up for my organization?
SPF (or “Sender Policy Framework”) is an email authentication tool that helps to prevent spanners from sending unauthorized messages that appear to come from your organization’s domain.
Here are some setup steps for the most common domain hosts that nonprofits use:
What is DMARC email authentication, and how do I set it up for my organization?
DMARC (or “Domain-based Message Authentication, Reporting & Conformance”) is an email authentication tool that helps email clients understand what to do with messages sent from your domain that don’t pass SPF or SKIM authentication.
DMARC is particularly helpful in helping you identify senders who may be maliciously impersonating your domain, and helps email providers understand whether an email that fails those authentication methods should be delivered to a spam folder, or ultimately rejected.
Here are some setup steps for the most common domain hosts that nonprofits use:
What is DKIM email authentication?
DKIM (or “DomainKeys Identified Mail”) is an email authentication tool that allows email clients to verify that the domain owner listed on the email is the person (or organization) who actually owns that domain.
What is a DNS record?
DNS (or “Domain Name System”) records are designed to help a domain (or subdomain) point to an IP address. For example, a small business may use a DNS record to have the URL “examplestore.smallbusiness.com” instead lead site visitors to an online store, like Amazon or eBay.
How will this affect my email recipients?
Other than adding security to your sent messages and increasing confidence that any emails sent from your organization are legitimate, there shouldn’t be much impact on your contacts.
Despite an anticipated minimal impact, you may want to communicate to your contacts if your “from” email address will be updated so that they’re aware of the change.
Is this only impacting Network for Good or Bonterra customers? Does this only impact nonprofits?
No, this change is impacting all bulk mail senders across the internet community. These changes will be required of any organization who sends emails to 5,000 or more Google or Yahoo recipients.
Does this only affect customers in the United States? Does it only affect my contacts in the United States?
These changes affect all mail senders, no matter where the email was created or is being received.
What else should we know about these changes?
These new requirements apply to emails sent to 5,000 or more Gmail or Yahoo email addresses.
If you sent one email to over 5,000 Gmail or Yahoo email recipients, you’ll now be subject to these new requirements – even if you don’t send emails of that volume frequently, or ever again.
There are additional requirements that Google and Yahoo have announced with respect to sending bulk emails. While most of those other requirements are already built into Donor Management and the Email Blast feature, you may want to familiarize yourself with those additional requirements here.
Where can I learn more about these updates?
You can learn more about these updated through the following resources: