Recap discussion: [Ask the Experts] Google and Yahoo's New Sender Requirements
Thank you to all those who attended [Ask the Experts] Google and Yahoo’s New Sender Requirements!
If you couldn’t attend live, we’ve got you covered. Whether you’re looking for a replay of this session or you want to catch up with some additional resources, you’ve come to the right place.
Below, you can find the session recording:
During this session, the following panelists presented:
Kenneth Schwartzman, Senior Manager, Sales Engineering at Valimail: Kenneth is an expert in the email authentication space. He has more than 6 years of experience helping organizations of all sizes reach their goal of enforcing DMARC. He currently leads the Sales Engineering team at Valimail and is based in San Francisco, California.
Paxton Nicholas, Email Operations Analyst at Klaviyo: As an Email Operations Analyst at Klaviyo, Paxton works to spot patterns in the billions of emails flowing throughout our network. It's also his job to protect customers' ability to deliver emails to their recipients.
Steve Sonnenberg, Senior Deliverability Specialist at Klaviyo: Steve currently works in strategy consulting on Klaviyo's Deliverability Strategy team. He brings over a decade of experience to this panel.
Additionally, we held a follow-up session to provide further guidance on meeting Google and Yahoo’s new requirements. You can watch the recording of that follow-up session here:
Ready to take the next steps to get ready for Google and Yahoo’s new sender requirements? Follow our checklist in Klaviyo Academy!
Want some help getting your DMARC policy set up? Check out Valimail Alignfor guided workflows that accelerate compliance.
Ready to take the next steps to get ready for Google and Yahoo’s new sender requirements? Follow our checklist in Klaviyo Academy!
Let’s keep the conversation going. Comment below and let us know if you’re ready for Google and Yahoo’s new sender requirements or if you have any questions on what you need to do!
Page 1 / 2
Do the records/text we need to add in our Domain Providers have to come from a third party? OR will I be able to just enter the correct text/policies that are in the Klaviyo support articles and links?
Great session! Super informative, and certainly made the new sender requirements easy to understand.
For any attendees who need help along the way, feel free to post your questions here to the Community so that we can all continue to learn together! Klaviyo also has a wide variety of Agency Partners who are available to help with DNS settings if you are still struggling with what needs updating.
Feel free to reach out!
--
Ashley Ismailovski
Do the records/text we need to add in our Domain Providers have to come from a third party? OR will I be able to just enter the correct text/policies that are in the Klaviyo support articles and links?
This is in regards to creating/publishing a DMARC policy, I would ideally like to do this on my own without having to hire a third-party
Hi there, thanks for the webinar! Question for the team…
If we cannot get our DMARC set up on time, do you suggest that we pause email sends until then?
If so, do you recommend pausing all email sends including automations, transactional emails + marketing emails?
Hope the recap video is posted soon! Missed the live.
Hope the recap video is posted soon! Missed the live.
Hi Wyeth! The recap video has now been posted. Let us know if you need anything else!
Thanks for the recording.. since Klaviyo has great domain deliverability tools and dashboards in their platform to check spam rates for Google and Yahoo domains.. I’m curious why Klaviyo is promoting to Use Google Postmaster Tools to monitor your spam complaint rate?
It’s not clear to me whether we have to pay for these features from third parties. I have used the DMARC records with the company EasyDMARC but in order to visualize the Aggregate Reports I need to go to a Paid Plan. Is that necessary?
Hi! My colleague received an email saying our question was answered but we did not receive an answer, so trying again
Thanks for the webinar! Question for the team: If we cannot get our DMARC set up on time, do you suggest that we pause email sends until we have it in place?
If so, do you recommend pausing all email sends including automations, transactional emails + marketing emails?
This is in regards to creating/publishing a DMARC policy, I would ideally like to do this on my own without having to hire a third-party
@chefdare You do not need to hire a third-party in order to set up a DMARC policy.
To set up DMARC, your network administrator for the domain (or yourself) will need to log in to the domain’s DNS settings to add a DMARC record, like the one shown below. Once logged in to your DNS provider (eg. GoDaddy, Namecheap, AWS...), create a new record with the following information.
Type: TXT
Host: _dmarc
Value: v=DMARC1; p=none; (OR p=quarantine; OR p=reject;)
Different DNS providers will have different processes for updating your DNS records, I’d recommend reaching out to their Support team or look for a tutorial on their Help Center.
That being said, third-party tools such as Valimail can help by guiding you through the process of setting up DMARC or automating the process altogether. They also provide other services such as monitoring impersonation attacks.
Ultimately it all depends on whether you feel confident/have time to do this youself, or you would rather outsource to a third-party.
Hope that helps!
It’s not clear to me whether we have to pay for these features from third parties. I have used the DMARC records with the company EasyDMARC but in order to visualize the Aggregate Reports I need to go to a Paid Plan. Is that necessary?
@fradogo Similar answer to the one I wrote for chefdare, you do not need to work with a third-party tool to monitor your DMARC reports.
DMARC reports are automated reports from Google and Yahoo that tells you (among other things) whether your emails have been authenticated properly, and whether there’s anyone currently impersonating you by using your brand in their from-email address.
The thing is DMARC reports are usually formatted in a way that’s not easy for humans to read (think coding language). Third-party tools such as Valimail can make it easier to understand DMARC reports by transforming them into a human-readable format, or even monitor and flag issues automatically as they arise.
You do not need to use a third-party tool, but they can make the job easier and less time-consuming!
Thanks for the recording.. since Klaviyo has great domain deliverability tools and dashboards in their platform to check spam rates for Google and Yahoo domains.. I’m curious why Klaviyo is promoting to Use Google Postmaster Tools to monitor your spam complaint rate?
@Travis Unfortunately, Gmail does not provide spam complaint feedback directly to email service providers (ESPs) like Klaviyo. So in your Klaviyo account, you will never see a spam complaint from a Gmail user. But this doesn’t mean there are no Gmail users marking your messages as spam. You just can’t see that data in Klaviyo. To view spam complaints from Gmail users, you will need to use Google Postmaster Tools.
Hi there, thanks for the webinar! Question for the team…
If we cannot get our DMARC set up on time, do you suggest that we pause email sends until then?
If so, do you recommend pausing all email sends including automations, transactional emails + marketing emails?
Hey @VM10 and @BPSC-M10-MD,
This would really depend on your business and what your typical send volumes are like. Beginning on February 1, Google and Yahoo will begin to block emails that do not meet their requirements. This means, if you’re sending emails after 2/1 without meeting all of the new sender requirements, you’ll begin to see elevated bounce rates in your email sends - both campaigns and flows.
If you have a smaller sending volume and you plan on meeting all of the requirements shortly after this date, then it may be alright to send one or two emails. However, if you have a large sending volume, then I would recommend pausing all sends.
This is because elevated bounces will negative impact your sender reputation.
Overall, to be safe, I would personally recommend pausing sends until you meet these new requirements to prevent any harm to your sender reputation.
Do the records/text we need to add in our Domain Providers have to come from a third party? OR will I be able to just enter the correct text/policies that are in the Klaviyo support articles and links?
This is in regards to creating/publishing a DMARC policy, I would ideally like to do this on my own without having to hire a third-party
Hey @chefdare if you do not already have a DMARC policy and you just want to add the simplest record which will get you compliant with the new requirements then you can add the DNS record below:
Type: TXT
Host: _dmarc
Value: v=DMARC1; p=none;
… if you want to add a rua tag then I would suggest you pay for a third party DMARC Manager service such as Valimail.
A DMARC Manager can also help you if you ever choose to advance your DMARC policy to be more secure than “p=none;”. In other words... switching your DMARC policy from "none" to "quarantine" or "reject."
Thanks for an awesome training video! How can we verify we have completed the steps correctly? Especially with SPF and DKIF as mentioned in the video?
Thanks for an awesome training video! How can we verify we have completed the steps correctly? Especially with SPF and DKIF as mentioned in the video?
To add clarification for your question specifically setting up a Branded Sending Domain is the step that takes care of both SPF and DKIM.
Thank you for the webinar! It was mentioned that Klaviyo would be automatically adding the one-click Unsubscribe to our email headers. Is this functionality live now? What if we’re not seeing these added to our emails?
Thank you for the webinar! It was mentioned that Klaviyo would be automatically adding the one-click Unsubscribe to our email headers. Is this functionality live now? What if we’re not seeing these added to our emails?
We cannot guarantee that the header unsubscribe button will appear for a given email. This is completely at the discretion of the inbox provider. Even if the button does not appear, the email is still compliant.
Such a helpful webinar today, THANK YOU Klaviyo!
I’m a little worried about two of my reports… The below has 2 warnings; I think it’s really just the Rua tag that should be addressed. Is that for the Domain Policy=None?
On the call, it was suggested that we use another reporting tool like EasyDmarc to monitor our stuff to maybe change things down the road - to quarantine and/or reject. Is that necessary?
I’m also questioning this scan… This doesn’t look so good, lol. Overall results 1 of 10? What does the orange and red dots mean? Is the third green and thats where we should be? Would love your advice on this too.
Much thx. I look forward to hearing from the experts! :)
Such a helpful webinar today, THANK YOU Klaviyo!
I’m a little worried about two of my reports… The below has 2 warnings; I think it’s really just the Rua tag that should be addressed. Is that for the Domain Policy=None?
On the call, it was suggested that we use another reporting tool like EasyDmarc to monitor our stuff to maybe change things down the road - to quarantine and/or reject. Is that necessary?
I’m also questioning this scan… This doesn’t look so good, lol. Overall results 1 of 10? What does the orange and red dots mean? Is the third green and thats where we should be? Would love your advice on this too.
Much thx. I look forward to hearing from the experts! :)
If all you are worried about is compliance for the new requirements then you are good to go.
EasyDMARC adds a bunch of warnings and extra stuff that you may want to do to increase the security of your DMARC policy in defending against someone spoofing your domain (pretending they are you to steal information from others) but as far as Gmail and Yahoo are concerned for their new requirements it’s not required… yet
Gmail and Yahoo may ask for folks to move to p=reject or p=quarantine in the future but for now that’s just speculation
Thank you for your reply! And for the other URL. Once ran, the results were it couldn’t find a SPF record with my domain. I was told that it’s best practice to ensure and SPF recrod is in your settings and I didn’t see it in the branded set up I went thru w/Klaviyo. I reached out to Kaviyo support then tech team and they said all was good (see screenshot), but it’s not in my GoDaddy account. What info would I add to my DNS settings w/GoDaddy? Sorry, the prompted requests that Klaviyo had made things easy for copy and paste… Can you help me with that?
Thx, Rae
Heya! Can anyone help on this? :)
Heya! Can anyone help on this? :)
Hi Rae, I just looked up your domain and I can see that your DMARC policy is propogated and Valid:
That’s all that matters for that requirement. I can also see that your branded sending domain is Active from your domain settings. You should contact support for more questions, but I can tell you now you should be all set!
Way to be compliant.
Thank you so so much! I’ll take it as complete! Appreciate the help.
Hi there! I just wanted to clarify, do we need to set up SPF or DKIM for our sub domain i.e send.domain.com address if we have verified our branded sending domain in Klaviyo? Or is this handled by Klaviyo?
Further to the above, have just tested since configuring our send domain and noticed the below in the header when opening an email in gmail. Is is it correct to have k3 in front of the sending domain? This brand is using dynamic routing.