Email verification methods and industry impact

Email marketers, it's time to mark your calendars. On February 1st, 2024, Google and Yahoo will require bulk senders to authenticate their emails, make unsubscribing easy, and stay under a spam rate limit. Let's walk through the new standards: ✅ Email Authentication: Senders need DMARC, SPF, and DKIM verification. 🚫 Easy Unsubscription: One-click unsubscribe with a two-day honor period. 🙅 Low User-Reported Spam: Under 0.3% spam rate threshold. These new requirements are a good thing! Less spam in inboxes means your legitimate emails are more likely to be seen. Authenticated emails are also essential for security reasons, making phishing attempts easier to squash. Emails also look more reputable and on-brand from your organization's domain than your technology provider's. (The same guidance applies to URLs.) For nonprofits, these rules take effect after the EOY fundraising season. That said, February 1st will be here before you know it. Here are some steps to take: EMAIL AUTHENTICATION There are two ways to verify if you have DMARC, SPF, and DKIM records in place. 1. Find an email from your organization sent to your personal Gmail address. Click the three dots and select "Show Original." Each record should be marked as "PASS." 2. Use a web tool such as EasyDMARC's domain scanner. Enter each domain you use to send bulk emails, and it will show you whether DMARC, SPF, and DKIM records are in place. If you don't have all three in place, check with your tech provider for a how-to guide. EASY UNSUBSCRIPTION To meet the new "one-click" unsubscribe requirements, emails must include a List-Unsubscribe header. Email services use this to add unsubscribe links directly to their interfaces, so readers don't need to dig through the fine print to find the link. Look for an underlined "Unsubscribe" link in Gmail next to the email sender. In Yahoo's interface, click the three dots next to the spam button and look for an "Unsubscribe" option. Most modern email platforms have this covered, but contact yours if it is not in place. Honoring unsubscribes within two days means ensuring you have your email tool(s) set up correctly to exempt opt-outs. This should be instant, but watch out if you send from multiple platforms. When someone asks to unsubscribe from one tool, make sure their choice is respected in all the others. This is all the more reason to integrate your tech stack and have a centralized system for collecting consent, sending emails, and managing opt-outs. LOW USER-REPORTED SPAM With the right tools, the 0.3% threshold is easy to manage. First off, enable Google's Postmaster Tools to see where you stand. Secondly, make sure you only send to engaged contacts. This will reduce your spam rate and increase your engagement rates. Email deliverability doesn't need to be a mysterious process! Familiarize yourself with the terminology, get your house in order, and commit to better email practices.

If you don't understand DKIM, SPF, or DMARC, email will get a lot harder. New email requirements from Google and Yahoo, kicking off next month, are not just updates but will significantly impact your email programs. Outbound or Inbound. As a HubSpot customer, you'll get an email in the next few days that recap this news. 𝗛𝗲𝗿𝗲'𝘀 𝘄𝗵𝗮𝘁 𝘆𝗼𝘂 𝗻𝗲𝗲𝗱 𝘁𝗼 𝗸𝗻𝗼𝘄: 𝗘𝗺𝗮𝗶𝗹 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗚𝗲𝘁𝘀 𝗦𝘁𝗿𝗶𝗰𝘁𝗲𝗿 • DKIM, SPF, and DMARC: These aren't just fancy acronyms; they're your new best friends in email marketing. They will become mandatory to combat spam and ensure your emails don't bounce back.    𝗢𝗻𝗲-𝗖𝗹𝗶𝗰𝗸 𝗨𝗻𝘀𝘂𝗯𝘀𝗰𝗿𝗶𝗽𝘁𝗶𝗼𝗻 • The power shifts to the receiver. Ensuring your recipients can opt out easily is more than a courtesy; it's a requirement. 𝗙𝗼𝗰𝘂𝘀 𝗼𝗻 𝗪𝗮𝗻𝘁𝗲𝗱 𝗘𝗺𝗮𝗶𝗹𝘀 • Keeping your spam rate below 0.1% isn't just good practice; it's essential. High spam rates can lead to severe email deliverability issues.    𝗪𝗵𝘆 𝗦𝗵𝗼𝘂𝗹𝗱 𝗬𝗼𝘂 𝗖𝗮𝗿𝗲? These changes aren't just about following rules; they're about enhancing email deliverability and building trust with your audience. It's about sending emails that your audience wants and values, not just what you want to send. How Does This Affect You? If you think, "I'll deal with it later," think again! These changes call for a proactive approach. They require a deep dive into your current email strategies and a significant overhaul to align with these new requirements. 𝗪𝗵𝗮𝘁 𝗖𝗮𝗻 𝗬𝗼𝘂 𝗗𝗼? 1. Start by reviewing your email authentication methods and technical setup. 2. Make sure your unsubscribe process is thought out. 3. Proactively monitor your email engagement and spam rates 4. Run re-engagement campaigns to confirm opt-in 5. Use email verification 6. Monitor sequence sender scores if you're running your Outbound through HubSpot.     I've included a cheat sheet below that explains these technical terms in-depth and provides suggestions for addressing them. Reach out with questions! #hubspot #email #marketing #spam  

Any service claiming they can "verify" catch-all emails with 100% accuracy is full of 💩 By definition, catch-all domains ACCEPT ALL EMAIL ADDRESSES. That's literally what they do. The only way to TRULY verify if an email exists is to: 𝘚𝘦𝘯𝘥 𝘢𝘯 𝘢𝘤𝘵𝘶𝘢𝘭 𝘦𝘮𝘢𝘪𝘭 Wait for either: • A bounce • A response • Or...silence (which tells you nothing) I know there is at least one or two verification services that literally send an email (Scrubby?), but most either resort to pinging servers or their own users historical data. Verification tools connect to the mail server and issue the 𝚁𝙲𝙿𝚃 𝚃𝙾: command to see if the server rejects invalid addresses. For a normal domain (without catch-all), if the mailbox doesn’t exist, you often get an SMTP error like 𝟻𝟻𝟶 𝟻.𝟷.𝟷 <𝚊𝚍𝚍𝚛𝚎𝚜𝚜@𝚍𝚘𝚖𝚊𝚒𝚗.𝚌𝚘𝚖>: 𝚁𝚎𝚌𝚒𝚙𝚒𝚎𝚗𝚝 𝚊𝚍𝚍𝚛𝚎𝚜𝚜 𝚛𝚎𝚓𝚎𝚌𝚝𝚎𝚍. For a catch-all domain, the server might accept the address with a 𝟸𝟻𝟶 𝙾𝙺 (even if that specific mailbox doesn’t exist). A common trick is to check random addresses at the same domain (like 𝘢𝘣𝘤123@𝘥𝘰𝘮𝘢𝘪𝘯.𝘤𝘰𝘮, 𝘹𝘺𝘻987@𝘥𝘰𝘮𝘢𝘪𝘯.𝘤𝘰𝘮). If every single random address gets the same “𝙾𝙺” response, that strongly indicates the domain is configured as catch-all. Sure, verification services can detect if a domain is catch-all, run fancy SMTP check, or look at historical data, but at the end of the day, they're basically just telling you "yeah this domain accepts everything" 🤷♂️ If you know which domains are catch-all you can: • Flag them as higher risk • Adjust your sending strategy • Set proper expectations Don't get me wrong, I use multiple email verification tools in sequence on every campaign. And depending on the campaign I will send to catch-alls, especially if they're a large portion of the lead list. You can't definitively verify a catch-all email address without some form of response or engagement. Period. Anyone claiming otherwise is: a) Lying b) Doesn't understand how email actually works c) Playing semantic games with what "verify" means (most common amongst these vendors) Can anyone explain how these companies are claiming they are doing this? I've only ever gotten nebulous non-answers when I've asked.