Be Bold, Make Waves with Laura Kåmark

What You Need to Know About the Google and Yahoo Email Compliance Update with Laura Kåmark

Laura Kåmark Episode 61

In this weeks episode, I talk about the new Google and Yahoo email compliance requirements that went into effect Feb 1, 2024. 

Tune in to:

- Learn about the new email authentication requirements from Google and Yahoo and why they're important in cutting down on spam.

- Understand the steps to authenticate your emails using DKIM, SPF, and DMARC, and the consequences if you don't comply with these requirements.

- Discover the impact of maintaining an active, engaged email list on your domain reputation and email deliverability.

Listen to the full episode for expert insights and guidance on getting your emails authenticated and building your domain reputation. 


Links & Resources:


Ready to turn your website into a marketing machine?  Grab my Free Website Power Integrations Guide

For the transcript and show notes:
https://laurakamark.com/61

Laura Kåmark [00:00:01]:
Hey, everyone. Welcome to the Be Bold Make Waves podcast, a show bringing you inspiring stories of women who are growing and scaling their business. I'm your host, Laura Kamark, a website and tech integration specialist who works with online business donors who love their work and not their website. Join me as we have incredible conversations about business, mindset, productivity, and, of course, the website and tech behind the business. Let's go ahead and dive in to this week's episode. Hello, and welcome to this week's show. For those of you who don't already know me, I'm Laura Kamark, web designer, Evergreen Systems, and funnel integration expert for coaches and consultants who love their work but not their tech. Welcome back.

Laura Kåmark [00:00:49]:
Thank you so much for hanging out this past couple years. And we took a little break over the holiday season, and We released some of our top episodes, and let me tell you, it's been a wild ride this year so far. I was not planning on taking this long of a break from the podcast, but I ended up getting very elbow deep in email compliance. And so that's actually what we're gonna talk about today is this whole change that's happening. So if you have no idea what I am talking about that's okay. I'm gonna break this down, make it as simple and non techie terms as I can and explain to you what's been going on, in a quick and simple way. So we're gonna talk about what are these new requirements that Google and Yahoo are asking everyone to do. We are going to talk about why they're doing this, and I'm gonna talk about what you need to do and also what happens if you don't do anything.

Laura Kåmark [00:01:50]:
Then we're also gonna talk about if this even applies to you, and then we're gonna talk a little bit about how to make these changes. Okay. So this is a lot. Let's go ahead and dive into email compliance. So what in the world are we talking about here? So in 2023, Google and Yahoo both announced that they are planning to implement new email authentication requirements. And, like, this is a good thing. So what they're doing is they're making it harder for this Harder for spammers to spam. So I don't know about you, but I have a really old Yahoo email address that I don't really use.

Laura Kåmark [00:02:24]:
It's from back of a long, long time ago, and it is so full of spam. There's a lot of spam being sent every single day. I'm sure you've gotten those emails from what appears to be Amazon and what appears to be UPS just saying, like, click this link. Something happened. Like, dear customer, and their spoof emails that are just not good. So what this new compliance requirement is going to do is help Make it harder for those spammers to send all those junky emails. It's gonna make it harder for them to spoof other email domains. So that's when they sent to hack into your stuff and send on behalf of you to a bunch of junky things.

Laura Kåmark [00:03:04]:
So this is a good thing that they're doing. Now some of these authentication requirements have always been a best practice. Like, a lot of this isn't actually new, but the difference is it wasn't required previously. And now effective back on February 1st, so Just a couple weeks ago, they are now requiring that you have certain pieces in place to authenticate that you are who you say you are. Okay? So, again, it is a good thing. It's one of those things you'll be able to set up kinda 1 and done as long as you don't go around changing Your email service provider, that would be like ActiveCampaign, ConvertKit, MailerLite, any of those. Those are your email service providers. So as long as you don't change those, once you get this set up, you should be good to go.

Laura Kåmark [00:03:52]:
So let's talk a little bit more about why they're doing this. So we're already talked about they're gonna cut down on spam. Okay? So this means that you need to go get your emails in compliance so that your emails will continue to be delivered. So in the past, what was happening is Say you were with ConvertKit or ActiveCampaign. You would go send out an email. And I I I'm with ActiveCampaign. That's Where my emails come from, so I'm gonna use that in this example. So in ActiveCampaign, I would go to send an email out to my list, And ActiveCampaign would be like, hey.

Laura Kåmark [00:04:30]:
I'll vouch for Laura. She's a good person. She's not spamming people. Like, she is who she says she is. And so I was able to use ActiveCampaign's good sending reputation of you know, if someone signs up for ActiveCampaign, they start spamming people and people report spam. I'm gonna guess ActiveCampaign would shut that down. I know I've gotten junky things from, an account that was signed up through an email service provider, and I've They have, like, a spoofing email address or spam email complaint that you can email them to and be like, hey. This account's spamming people because I've done that where I've reported people who were legit spammers.

Laura Kåmark [00:05:09]:
And so in the past, again, ActiveCampaign would vouch for their users, and say they're good people. We they can use our domain reputation. So that's not allowed anymore. Effective February 1, Google and Yahoo are like, yep. Not happening. You need to go and validate your domain. So for me, it would be lauracomark.com and send from the lauracomark.comdomain and build up a reputation for myself, put my big girl boots on, and go Send good emails, build up a reputation, make a name for myself in the email marketing space of with, you know, my reputation with Google, Yahoo, Outlook, all the people who, you know, are able on the back end to see Who's this who's getting marked as spam? Who's sending junkie emails? So, again, in requiring Senders to authenticate their actual domain will cut down on if people start or send in spammy junk. They're gonna be able to track that better and shut it down.

Laura Kåmark [00:06:18]:
So next, what is it that you need to do to get in compliance? So there's 3 acronyms that we're gonna talk about. I'm not gonna go too deep into what they mean. I'll tell you, but you don't need to remember. Basically, You authenticate your emails using dkim, d k I m, s p f, and DMARC. DKIM is your domain key identified male. Again, you don't need to remember that. SPF is your sender policy framework. DMARC is domain based message authentication reporting and conformance.

Laura Kåmark [00:06:52]:
Again, please don't try to remember that. What those are is so your DKIM is gonna be a special key, a a code, if you will, a password that is given from your sending platform. So in ActiveCampaign, I went in and said I would like to authenticate my domain, Kamark. And they said, okay. Here's a domain key that you need to go put in place over in your DNS. DNS is your domain records where Basically, what tells the Internet when someone goes to lauracomark.com what to do. There's a bunch of things you can put in your DNS, and that's where These records are gonna live, so you need to know where you purchased your domain through. And that's kind of the 1st piece that you need to figure out, and then you go and think about where are all the places you're sending email from.

Laura Kåmark [00:07:49]:
So I use G Suite or Google Workspace. So I went and set up a DKIM. So, again, that's the special key that I got from them, and I said, hey. I'm gonna send emails from Laura Kamark. Give me a key so that when that email gets sent out, then there's this again, SPF, the sender policy framework, will be a record in the DNS that says, I'm sending from Google. I'm sending from ActiveCampaign. I'm sending from ConvertKit. It tells you all the places that you're sending from.

Laura Kåmark [00:08:21]:
And so when I go send an email, it'll look and say, Oh, it says, lauracomark.com says she will send from Google. I have an email from Google, which is my Google Workspace account. Does the DKIM, this little special key, this passcode match what passcode is on The Google account that we we gave Laura, does that match what's in her DNS? So, again, if a spammer is trying to send send something on my behalf, Unless they get access to my DNS, they're not gonna have that information, and that'll flag it and say this might be a spoof email. So it's putting in place, like, the identification necessary to make it harder for people to send junky emails. Okay? That's what we're doing here. So you have 1 SPF record in your domain. That's your sender policy framework. That's the thing that says, Here's all the places Laura's sending email from.

Laura Kåmark [00:09:19]:
And in each place you send email from, you get a special you set up a special key, your DKIM, that all flows together. K? And then the last piece is the DMARC. This is a reporting system. So what this is gonna do is send a report. What I've been setting up for myself and for clients is a free account with Postmark. They have a free monitoring DMARC report that you can put in place, and they will send you a report every week and let you know where you're sending from, if it passed your GCAM, and if everything's looking good. And that's gonna tell you in that report. If there's something weird going on, if someone has gotten access and is sending on your behalf, You will see it in there.

Laura Kåmark [00:10:02]:
And so that's really kind of putting that security measure in place of knowing, does everything make sense? Does it when you look at that report seeing okay. I see I'm sending it shows me I've sent this many emails from ActiveCampaign In the last week, I've sent this many me emails from Gmail or Google. Is there anywhere else weird that doesn't make sense that I'm sending emails from? And that's where you will tell. So that's why the reporting piece is important with the Kamark is knowing that it's all lining up. Let's kinda go back over this a little bit. So what are the things you need to do? You need to authenticate your emails using DKIM, SPF, and DMARC. This is the new requirement from Google and Yahoo. Something else you need to be doing is keeping your spam complaints below 0.3%.

Laura Kåmark [00:10:52]:
Now you can monitor those spam complaints by signing up with postmaster.google.com. I have a link below in the show notes. I have a training that shows you how to do that. And when you go to that, again, you're gonna go set up the account. It's very easy to set it up. You go add your domain, and then it gives you another text record to add to your DNS. To, again, authenticate that you are who you say you are and that you have access to those domain records. And then the other piece that's involved in all this that doesn't have much for you to be doing is allowing people to unsubscribe by clicking clicking just 1 link.

Laura Kåmark [00:11:34]:
And then you also have to honor unsubscribes within 2 days. But this is really more on your email service provider. This is on ActiveCampaign, Flodesk, ConvertKit, they need to be doing that because they're the ones putting that piece in place. Next thing I wanna talk about is what happens if you don't do anything. Right now, what's happening, if you're not authenticated, I've already seen messages come through, and they have this big old message on them that says, be careful with this message. The sender hasn't authenticated this message, so Gmail can't verify that it actually came from them. Avoid clicking links, downloading attachments, or replying with personal information. So those messages are coming through.

Laura Kåmark [00:12:17]:
Big yellow warning message at the top. Right now, my understanding is they're just sending warnings, and then later on in the year, They'll just stop sending them. They'll either send them to spam or it will look like on your end, your emails are being sent, and they will just not get delivered. This, again, is not a nice thing to do. This is now a requirement. So before when it was a best practice and it wasn't really pushed. And even I mean, there were some email service providers who couldn't do it to the full extent. I have a client I set it up for when I contacted the company to find out what we needed to do.

Laura Kåmark [00:12:55]:
They had no idea what I was talking about. And then as a couple weeks went by, they sure enough sent out an email and was like, oh, here's how due to these new requirements, here's how you set your your DKIM and SPF up. This is something that does need to happen. You can go go log in to whoever you're sending emails with, and they should have some sort of warning message saying there are new requirements. Here's what you need to do. And they can help you work through that. And then you also need to go and authenticate with either Gmail or G Suite without Microsoft Outlook or Microsoft 365, I think, need to go authenticate all these pieces. So there was a lot of buzz also at the beginning of all this because Google had this magic number of 5,000.

Laura Kåmark [00:13:43]:
It was they were saying, it's only if you send 5,000 emails a day. And Yahoo the entire time was like, we're not giving a number. And now they've actually said, even if you don't have DMARC setup, you still have to have the d DKIM and SPF setup for no matter what you're sending. So that is the piece you need to go do and get that set up. Something else that's really important kind of to wrap this up is that you wanna make sure you're sending good emails. You wanna make sure that you have a good list of people who are engaging. Because if you're sending out emails and no one's opening your emails. Google will also see that, and they're gonna be like, oh, this no one's you know, you're sending this email every week to Jane Smith, and Jane doesn't ever open the email.

Laura Kåmark [00:14:38]:
She must not want that content, so We're gonna not make this an email that goes into the inbox. It's gonna go into promotions. It might go into spam. Look at your list. If you have people who are not opening, they're not engaging with you, just get rid of them. Clean your list. Clean it often. Get rid of the people who aren't engaging because that's gonna hurt your domain reputation.

Laura Kåmark [00:15:08]:
Okay. Hopefully, you found this helpful. We went through what these compliance updates are, why they're doing this, what you need to do, what happens if you don't do anything, if it applies to you even if you have a small list, yes, it does, and some other things you need to know, which is making sure you have a good and active list that people wanna hear from you. So if you have any other questions about this, I do have a offer I created, where I will go and help get you in compliance. If you have questions, you can send me a DM on Instagram. You can go look in the show notes. I have it linked up to some articles on how to go make these set changes for yourself. And then I also have some additional resources that I've created that are linked up in the show notes.

Laura Kåmark [00:15:59]:
So thanks so much for tuning in this week, And let's go get our email and compliance. This is just a piece of as technology changes, as we go forward, Things change, and this is one of those things. It is important. And I get it. There's been a lot of talk about it online, but maybe you haven't been seeing those emails. Maybe You've had other stuff going on. It's the start of the year. I get it.

Laura Kåmark [00:16:25]:
So make sure you go and do this and get your Emails authenticated. Get your domain authenticated so you can start building up that domain reputation, and go email your list. Okay. Thanks so much for see for listening. I'll see you next week. Bye now. Thanks so much for listening to this week's episode. Be sure to check out the show notes at lauracomark.comforward/podcast.

Laura Kåmark [00:16:53]:
And if you're ready to turn your website into a marketing machine, get more sales, save time, and simplify the back end of your business, Grab my free resource, power integrations for your website. Head on over to lauracomark.com/power. If you enjoyed today's episode, make sure to subscribe. And also, I'll just love you forever if you leave me a review. It helps get this podcast cast in front of other people that can help inspire. Thanks so much for listening. I'll see you next week. Bye now.