Gmail Deliverability in 2024: What We Know So Far

Let’s start with something that is a bit more clear-cut. During the summer, Google announced that they will begin deactivating accounts that have been inactive for at least 2 years. It makes sense, despite how we may feel about this in the marketing world. This policy won’t take effect until at earliest December 2023. 

So what does this mean from a deliverability point of view? 

As always, list hygiene will become even more important. This creates a clear-cut timeline for potential win-back campaign scenarios as well as potential spam traps when targeting those lesser engaged audiences. It was already a risky task before, but starting in 2024, sending marketing campaigns to anyone who hasn’t opened or clicked in the last 24 months will invite poor delivery and harm your reputation.

Gmail Blog: Updating our inactive account policies.

As a Blueshift user or a marketer sending from any platform in 2023, this shouldn’t be an issue or require any further action. Gmail is requiring all bulk senders to have SPF and DKIM set up, ensuring that all incoming mail is authenticated. This practice has largely become standard practice over the last decade, serving to filter out the lazy bad actors and malicious senders. What the original Google blog doesn’t mention is that, in addition to authentication, DMARC will also be a requirement starting in February 2024. More details will be provided in a later section.

Similarly to the first requirement, Blueshift and modern sending platforms should have a list-unsubscribe header in place. This is that cool little feature that allows for the “unsubscribe” button to appear at the top of emails in supported inboxes. 

Most platforms will enable the list-unsubscribe header by default and may have an option to disable it manually. Within each Blueshift campaign, there is an option to disable the unsubscribe from the header, as seen here. If you have any long-standing campaigns, it would be a good idea to double-check those preferences to ensure that remains unchecked in promotional sends.

Getting a little more technical, the current standard list-unsubscribe header consists of including either the “List-Unsubscribe URL” or “List-Unsubscribe mail:to”. These options allow for the unsubscribe button to appear, but they require confirmation after the unsubscribe, making it a “two-click” unsubscribe process.

However, there’s an additional header line that allows for “one-click” unsubscribes to happen. That would be “List-Unsubscribe-Post”. This POST request works in conjunction with the standard URL or MAIL:TO. Currently, this is not a feature enabled within Blueshift.

Google has not indicated that the POST request is a requirement in any of their new statements or blogs, but we will continue to monitor and update should new information be released.

RFC 8058: Signaling One-Click Functionality for List Email Headers.

Google has always preferred that spam complaints be monitored via the Google Postmaster platform. Truth be told, the data provided isn’t the most granular. If you are looking for specific individuals who complained or subject lines to flag, you are out of luck. However, the “User Reported Spam” page does display a nice clean graph and table to show daily complaint rates. Interestingly, Google is now announcing that they will “enforce clear spam rate thresholds that senders must stay under…”. Their latest blog did not specify any thresholds yet, but we did find in Google Support documentation that the requirement starting February 2024 is to maintain spam rates below 0.3%. While they likely have the data, it’s probably a pipedream to hope Google establishes and publishes complaint thresholds by vertical in 2024. With that in mind, it would be wise to monitor current complaints and adhere to this value for the foreseeable future.

Gmail Blog: New Gmail protections for a safer, less spammy inbox.

As we noted in the new authentication requirements, there is an extra line item for bulk senders. Google classifies a bulk sender as a domain that deploys 5,000 or more messages per day. While you may not fall into this category yet, it’s not a particularly high threshold to inadvertently cross when sending volumes increase.

Fortunately, Google has set the DMARC requirement to only establish a “p=none” policy. This means that having a simple “v=DMARC1; p=none;” record in place would suffice. In truth, this record doesn’t have any practical impact as there are no aggregated reports or forensics generated, but it’s a good starting point.

From a deliverability perspective, DMARC is a valuable tool to add an additional layer of security on top of standard authentication practices. In a nutshell, DMARC requests the receiving ISP (Gmail in this case) to take one of the following actions: do nothing, place an email in spam, or bounce an email altogether if it fails SPF/DKIM. In essence, the effectiveness of DMARC depends on how a marketer utilizes it. For the extra tech-savvy marketers looking to stay on the cutting edge, DMARC with a quarantine or reject policy is also a requirement for getting BIMI set up as well.

Gmail Support Documentation: Email sender guidelines.

As we know from Moore’s Law, the power of technology approximately doubles every two years, and that is also evident in the email industry. Given Gmail’s significant market share, with 1.2 billion users worldwide, it’s only a matter of time before other ISPs follow suit in adopting the changes that Google implements. On the bright side, the requirements set by Google only compel senders, including us as a platform, to adhere to a higher standard. Sooner rather than later, the laundry list of best practices we talk about ad nauseam today, will be simply referred to as practice tomorrow.