In February, two major email providers, Gmail and Yahoo, will begin strengthening sender requirements to fight spam. Google will implement major changes on February 1 and Yahoo said changes will take effect sometime during the month. If you send bulk emails to non-UNC accounts, you need to be aware of these new requirements.
Google and Yahoo define “bulk emails” as more than 5,000 messages a day from one domain or subdomain. You may think that doesn’t apply to you, but if you send bulk external mailings of any size, it probably does. That’s because providers aggregate emails by sender. If you send bulk mail from a subdomain, like @its.unc.edu, all those messages are counted toward a different 5,000.If you run afoul of the new requirements, Google and Yahoo will reject your messages. And the scope is bigger than one person or just bulk mailings. When the stricter requirements are in place, every email from flagged domains or subdomains will be rejected. So just a few bad mailings could result in Google and Yahoo blocking all emails from UNC, not just bulk mailings.
These requirements are a blend of technical settings and non-technical behaviors. ITS and IT partners across campus are working hard on technical aspects to ensure UNC senders are authenticated. Take a few minutes to protect UNC’s email reputation and give your bulk emails the best chance of reaching your audience.
Big organization, big problems
Google breaks down the tightened anti-spam initiative into three parts:
- Sender authentication
- Easy unsubscribe
- Enforcement of a new, lower spam rate threshold
The first two are concrete. ITS is working with IT staff on campus to authenticate bulk senders on UNC domains. You can ensure your mailings include easy unsubscribe options (more on that below).
But the lower spam rate threshold may feel a little out of your hands. Essentially, we need to try to keep recipients from marking our messages as spam. Starting February 1, when 0.3% of Google (or Yahoo) recipients mark a message as spam, that will meet a new threshold for spam enforcement.
While all of us want less spam in our inboxes, the new requirements present challenges to large organizations like UNC. As one large organization, we all affect the overall UNC sender reputation.When an external recipient marks a UNC bulk email as spam, it hurts everyone from that same domain (like @unc.edu) or subdomain (like @qualtrics.unc.edu or @listserv.unc.edu). Note that the domain and subdomains have independent thresholds and enforcement is top down. One subdomain being rejected will not affect other UNC subdomains or the main UNC domain. But the enforcement at the domain level will affect all subdomains.
Marking emails as spam has always affected delivery rates for bulk email, but the requirements just got a lot stricter. That means we’re all responsible for being good senders.
CAN-SPAM provides helpful framework
Thankfully, Google and Yahoo’s enhanced requirements overlap with existing guidelines from the CAN-SPAM Act, passed in 2003. While the CAN-SPAM Act does not apply to all UNC emails, these established guidelines provide a helpful framework.
The CAN-SPAM Act, which imposes heavy financial penalties for violations, technically only covers “commercial” emails, meaning that many UNC messages are exempt. The Federal Trade Commission defines “commercial” messages as one that are selling goods or services. Since many bulk emails from UNC promote free events and services, they would be exempt from the CAN-SPAM act. Messages deemed “transactional,” like email confirmations for purchases or job applications, are also exempt from CAN-SPAM compliance.
Bulk email tips to keep messages out of the spam folder
While CAN-SPAM may not apply to all bulk messages, adhering to CAN-SPAM guidelines whenever possible is still the safest course of action.
These rules help your messages from feeling “spammy” and protect you from financial penalties.
Here are how following CAN-SPAM guidelines can keep on the right side of Google and Yahoo’s new requirements.
Identify yourself in plain text
Both the CAN-SPAM Act and the new requirements from Google and Yahoo require senders to properly identify themselves. However, that identification differs.
With CAN-SPAM, recipients need to clearly understand who sent the message. You must adequately and correctly identify yourself in a few places.
If you need a shared mailbox for a department or a project, you can request one from ITS. When sending from a listserv, use the @listserv address as the sender instead of your own. ITS does not recommend using listserv for external bulk mailings. If you regularly send bulk mail to external addresses, ITS recommends switching from listserv to a third-party bulk mailing system.
Identify yourself behind the scenes
With Google and Yahoo’s new authentication requirements, most sender identification is behind the scenes. You must now be authenticate messages with SPF, DKIM and DMARC. These are industry standard email authentication methods that prove your identity to email services.
You can use a domain checker tool to see if SPF, DKIM and DMARC are configured for your subdomain.
While this authentication process does require work for senders, there will be benefits beyond deliverability. These authentication settings will enable more reporting and visibility for ITS on who is sending from UNC addresses.
No unsubscribe link in your promotional email or newsletter? Your email is likely going to spam.
Not offering (or honoring) unsubscribes is the biggest CAN-SPAM Act violation and can mean big penalties (up to $51,744 per email) for commercial mailings. And even if your mailing isn’t subject to CAN-SPAM Act penalties, without an easy unsubscribe link, disgruntled recipients may mark your message spam.Google and Yahoo’s newest requirements make unsubscribe rules even stricter. You must now provide clear and easy unsubscribe options. Do not hide your links or make users hunt for options. If you can, offer one-click unsubscribes. Google will begin requiring one-click unsubscribes in June 2024.
If you can’t yet offer one-click unsubscribe, then work with your (iContact, Constant Contact, Mailchimp, etc.) to make unsubscribing as easy for recipients as possible. The more hoops you make someone jump through, the more likely that Google (or recipients) will penalize you.
If you aren’t using a bulk mailing system, include clear instructions on how someone can unsubscribe from future mailings. ITS highly recommends that bulk mail senders use a dedicated mailing service like iContact or Constant Contact. These services have processes in place to decrease the likelihood your message will be sent to spam. For example, third-party systems manage deliveries and send emails in small batches, which Google and Yahoo view as less “spammy.” Listserv, on the other hand, will flood inboxes, triggering extra scrutiny.
Honor unsubscribes quickly
Google and Yahoo now require you to process unsubscribe requests within two days, versus the 10 days required by the CAN-SPAM Act. Leverage automation from your bulk mail service to make this happen. If you are not using a service, make sure you process unsubscribe requests before you send out your next mailing.
Note that not all messages need (or can have) unsubscribe links. Transactional messages, like a ticket purchase confirmations, are exempt. And internal UNC mailings, like Mass Mail, can exclude unsubscribe links.
Avoid clickbait and deception
You want people to read your emails, but at what cost?
If your email feels spammy, it’s going to spam. You likely know that certain words or behaviors, like messages in all caps or emails that are just images of text, send your messages straight to the spam folder.
In fact, for commercial messages, a deceptive subject line is a CAN-SPAM violation. Subject lines must accurately reflect the subject of the message.
Note that the enforcement is top down, but domain and the subdomains have independent thresholds. If Google and Yahoo flag messages at the domain level (@unc.edu, @live.unc.edu, @office.unc.edu, @ad.unc.edu and @email.unc.edu), all subdomains will also be flagged. This means Google and/or Yahoo would reject all mail from the domain and subdomain levels.
However, if one UNC subdomain (like @its.unc.edu) trips the threshold, only messages from that subdomain will be rejected. Messages from the @unc.edu domain or other UNC subdomains will not be affected. ITS recommends sending from subdomain addresses and not top-level @unc.edu or @email.unc.edu accounts to limit impact to other units.
Protect an essential communication tool
While the communication landscape, especially social media networks, evolves rapidly, email remains an essential tool. Protecting UNC’s sender reputation and ensuring external recipients receive our messages can be a critical part of UNC’s success. From donor relations to potential students to research to athletics and cultural events, we rely on email.
While ITS is working diligently to ensure mailings reach recipients, you should anticipate there will be times when Google and/or Yahoo block email from UNC.If you send bulk mail, it’s essential you thoroughly review and document your mail services and processes. Each department should be aware of all third-party applications they use to send mail. Keep in mind that as mail providers like Google increase requirements, third party companies are playing catch up. Many of their recommended settings only meet the bare requirements, and some are insecure. ITS strongly recommends you contact your departmental IT or the ITS Service Desk to ensure your bulk mailings meet sender requirements.
In response to the strengthened requirements from Google and Yahoo, a campus committee is drafting new policies and standards around UNC subdomains, email addresses and aliases to help ensure deliverability. ITS will share additional guidance as the email landscape evolves.