Understanding Gmail’s Bulk Sending Changes

Google Google workspace Security Services Updates Wursta
Patrick Della Peruta
  • 7 min read

In Google’s October 2023 announcement, the team at Gmail described their recent efforts into the ongoing battle against malicious email.  New requirements for inbound messages to Gmail addresses saw a 75% decrease in unauthenticated email.  Additionally, new protections and requirements were announced, which kick into effect in February 2024.  Let’s take a look at what these requirements mean.

These requirements are aimed at organizations with outbound sales, marketing or other bulk email sending practices. If your domain sends to more than 5,000 separate Gmail addresses over a 24 hour period (including Workspace addresses but not including your internal email traffic) then these apply to you.

1. Authenticate your outbound email

SPF & DKIM

Email sent by your employees using Google Workspace should be protected by SPF and DKIM. Ensure these are setup for all email domains associated with a Workspace tenant.

3rd-party Applications

Each third party application that sends email on your behalf needs to be authorized in a specific way so that they are properly authorized to “send email on your behalf”. There is a wide range of applications that can fall under this category. Common examples include Salesforce, IT service ticketing systems or email relay services such as SendGrid and Mailchimp.

2. Add an Opt-out Option

Outbound sales / marketing campaigns must include an unsubscribe option. This is commonly offered in modern newsletter and relay services.

3. Respect Opt Outs

Respect unsubscribe opt-outs. Google will decrease the “spam threshold” for bulk senders, meaning that it will take less users reporting an email as Spam for Gmail’s algorithms to update.

More to know

Note:  Gmail.com addresses should be excluded from outbound marketing strategies if Google Workspace is utilized as the preferred outbound campaign tool. 

While not part of these upcoming requirements from Gmail, Wursta also recommends organizations work to become DMARC compliant. The implementation of  DMARC provides organizations with great insight about what technology systems are sending email on behalf of the organization, and the amount of outbound volume the domain(s) typically experience. 

We are ready to help you meet these new requirements. Contact your Wursta account manager or connect with us to discuss our approach for increasing email security with a solid email authentication strategy.

 

See Similar Articles