Importance of Email Validation and New Guidelines for Email Senders

In an effort to protect users from too much spam, Gmail and Yahoo Mail have introduced some new guidelines that add some more checks and controls for providers sending bulk mails. In this blog, we will briefly explain what these guidelines are and give some ideas on how they can be addressed.

Understanding the New Guidelines

The Push for Enhanced Security and User Experience

Gmail and Yahoo Mail, two of the most widely used email platforms, have announced a set of stringent requirements for senders that send more than 5,000 emails per day or have a reported spam rate of more than 0,3%.

These requirements are applicable from the 1st of February 2024 and are geared towards enhancing the security of user inboxes and improving the overall user experience. In more detail, these guidelines include:

1. Email Authentication: Senders are required to authenticate their emails using established protocols like SPF, DKIM, and DMARC. This step is crucial to prevent phishing and ensure that emails are from a legitimate source.

2. Simplified Unsubscription Process: An easy, one-click unsubscription option must be provided, empowering recipients with the choice to opt out of unwanted communications.

3. Sending Wanted Emails: Ensuring that the emails sent are desired by the recipients, which involves maintaining updated mailing lists and respecting user preferences.

For more information around the new guidelines please read here.

Consequences of Non-Compliance

Gmail and Yahoo Mail have made it clear that non-compliance may lead to the rejection of message delivery to their users. This is a significant concern for companies whose customer base predominantly uses these platforms.

Impact on Email Campaigns and Business Reputation: Sending unsolicited commercial emails not only tarnishes the sender's reputation but also negatively impacts the success of email campaigns. A damaged reputation leads to lower email deliverability rates and diminished trust among recipients.

Proposed solutions and approaches

To make sure that they comply with the new guidelines, companies need to start:

• Authenticating email lists using established standards: This means verifying that the emails you send originate from trusted and authenticated domains. Essentially, before dispatching an email, it's important to confirm that the email addresses on your list have been checked and validated, ensuring they are linked to domains with a proper MX (Mail Exchange) Record. It will help in reducing bounce rates.
• Using a reputable email service provider: Think of this as choosing a good postman for your emails. Use well-known email services (like MailChimp or SendGrid) that are trusted by email platforms like Gmail or Yahoo. These services help make sure your emails are delivered correctly and not marked as spam.
• Segmenting lists for more targeted emails: This is about sending the right emails to the right people. For example, if you have an online store, you don’t want to send pet food ads to someone who only buys computer games. By organizing your email list into different groups based on what people like, you can send them more relevant and interesting emails.
• Further personalizing emails: This means making your emails more special for each person. For example, if someone buys a lot of cooking books from your store, send them emails about new cooking books or special offers on kitchenware rather than marketing offers or clothing.

Email Authentication

Many bulk senders don’t appropriately secure and configure their systems, allowing attackers to easily hide in their midst. As basic as it sounds, it’s still sometimes impossible to verify who an email is from given the web of antiquated and inconsistent systems on the internet.

As Google mentions: “Last year we started requiring that emails sent to a Gmail address must have some form of authentication. We’ve seen the number of unauthenticated messages Gmail users receive plummet by 75%, which has helped declutter inboxes while blocking billions of malicious messages with higher precision.

That’s great progress, but there’s much more we need to do — starting with new requirements for large senders.”

To help address this, we at ApyHub have worked on an important aspect of email security: the validation that a sender is who they claim to be. You can take a look at our previous blog where we discussed the importance of email validation as a way to secure customer facing applications. ApyHub's Email DNS Validation API significantly reduces bounce rates by verifying the authenticity and deliverability of email addresses before sending out bulk emails.

How does ApyHub Email Validation API validate an email?

The email validation through the API involves 3 levels of checks.

1. Validating Email Address Format - The API checks that the email address is in the correct format.
2. Verify the MX Record - The API checks the MX records from the DNS.
3. Flag Disposable Email - The API checks if the email is in a disposable database and if so, the email is flagged.

In light of these new guidelines, it's crucial for companies involved in email marketing to take proactive measures. ApyHub’s Email Validation API offers a robust solution to ensure compliance with these guidelines and maintain the integrity of your email campaigns. By using ApyHub's API service, companies can enhance their email deliverability, protect their sender reputation, and ultimately, achieve better engagement with their audience.

Are you a developer looking for an API integration guide? Here you can find tutorials in NodeJS and Go. (Do you want a tutorial in another language? Drop me a message here and I can put it together).

🤔 Got more questions?

Want to know more about the email validation service? You can try it out here.

Still have questions? Chat with us on Discord or drop us an email at hello@apyhub.com.

References:

• Gmail Security and Authentication
• Yahoo Mail - More Secure, Less Spam
• AWS Blog - Bulk Sender Changes at Yahoo & Gmail
• Brevo - New requirement from Google and Yahoo

Comments

[Ranjan Dailata]

Great blog post.

There are lots of known real-time email validators available. They go beyond the rules which you have mentioned.

Never bounce is trusted by multiple bigger corporates like Dell, Uber, Indeed etc.

Here are some of the known vendors out there.

• Zerobounce
• Neverbounce

Suggestion

• Write a detailed blog post on how you guys are handling. You do not have to explain the internals, but there are minimum aspects that need to be stated well to the public consumers.
• Consider doing a detailed comparison against the competing organization. This space is certainly not new
• Consider providing the bulk email verification functionality. This is highly essential and a MUST requirement.
• Explain how you guys are handling the hard vs soft bounces?
• Returning a response of true or false is too basic. Sorry to say this. You guys need to provide a detailed response including the confidence score and other details such as bounce rate, whether it's a soft or hard bounce, whether the DNS, MX records matched or not etc.

[Sohail Pathan]

Thanks, Ranjan for the feedback. I've shared this internally with the team and will let you know once we address it.