Skip to main content

Comply with Gmail, Yahoo, and Microsoft's Requirements for Email Senders

1. Background and Objective

As major mailbox providers continue tightening anti-spam policies, senders must comply with stricter requirements to ensure emails can be delivered to the inbox normally.

If requirements are not met, potential impacts include:

  • Emails going to spam or being blocked
  • Delivery failures (rejection or throttling)
  • Decline in domain or IP reputation
  • Permanent sending restrictions in severe cases

This guide clarifies key compliance requirements to help senders build stable and sustainable sending capability.

2. Scope

This specification applies to all email types sent through the platform, including but not limited to:

  • Marketing emails
  • Transactional emails (such as verification codes and order notifications)
  • System notification emails

3. Core Compliance Requirements Overview

CategoryRequirementMandatoryApplicable Providers
Email AuthenticationSPF / DKIM / DMARCYesGmail / Yahoo / Microsoft
User ConsentExplicit subscription consentYesAll
Unsubscribe MechanismOne-click unsubscribeYes (marketing emails)Gmail / Yahoo
Complaint Rate Control< 0.3%YesGmail / Yahoo
Content StandardsNo fraud and no misleading contentYesAll
Domain AlignmentSending domain alignmentYesGmail / Yahoo
List QualityNo purchased or scraped email listsYesAll

4. Detailed Requirements

4.1 Email Authentication

Basic Requirements

The following DNS authentication records must be fully configured:

  • SPF (Sender Policy Framework)
  • DKIM (DomainKeys Identified Mail)
  • DMARC (Domain-based Message Authentication, Reporting, and Conformance)

Configuration Highlights

  • SPF: Cover all legitimate sending sources (IPs or service providers)
  • DKIM: Enable signing and ensure the signing domain aligns with the sending domain
  • DMARC:
    • Minimum requirement: p=none
    • Recommended policy: p=quarantine or p=reject

Alignment Requirements

  • Header From domain ≈ DKIM domain
  • Header From domain ≈ SPF domain

Misalignment is usually identified as high-risk behavior.

Mandatory Requirements

  • Emails can only be sent after obtaining explicit user authorization
  • The following behaviors are prohibited:
    • Using purchased email lists
    • Scraping or importing unauthorized data
    • Sending marketing emails to non-subscribed users
  • Double Opt-in
  • Clearly explain email usage when users sign up or when addresses are collected

4.3 Unsubscribe Mechanism

Mandatory Requirements (Marketing Emails)

  • One-click unsubscribe must be provided
  • Standard unsubscribe headers must be supported (List-Unsubscribe)

Technical Example

List-Unsubscribe: <mailto:unsubscribe@domain.com>, <https://domain.com/unsubscribe>
List-Unsubscribe-Post: List-Unsubscribe=One-Click

Experience Requirements

  • Unsubscribe link must be visible in the email body
  • Do not hide, weaken, or add unnecessary unsubscribe steps

4.4 Spam Complaint Rate Control

Standard Requirements

  • Gmail / Yahoo: complaint rate must be below 0.3%
  • Recommended target: keep below 0.1%

Calculation

Complaint Rate = Number of Complaints / Number of Successful Deliveries

Risk Notes

  • High complaint rates directly affect inbox placement
  • Continuous threshold breaches may lead to domain or IP restrictions

4.5 Email Content Standards

Prohibited Behaviors

  • Misleading or exaggerated subject lines
  • Impersonating individuals or brands
  • Inducing clicks while hiding true intent
  • Keep subject and content consistent
  • Clearly identify sender identity
  • Provide real and verifiable business information

4.6 Sending Behavior Standards

Sending Strategy

  • Avoid sudden traffic spikes
  • New domains must complete warm-up
  • Keep sending rhythm stable

User Segmentation

  • Prioritize sending to highly engaged users
  • Reduce or stop sending to long-term non-engaged users

4.7 List Hygiene

Mandatory Requirements

Regularly clean the following users:

  • Hard bounces (permanent failure)
  • Repeated soft bounces
  • Long-term non-engaged users
User TypeHandling Strategy
No opens in 30 daysReduce sending frequency
No opens in 90 daysLaunch re-engagement campaign
No opens in 180 daysRemove from sending list

5. Platform Capability Support

5.1 Compliance Detection and Scoring

Provides automated checks including:

  • Automatic DNS validation (SPF / DKIM / DMARC)
  • Complaint and bounce rate monitoring
  • Sending behavior analysis

Output includes:

  • Compliance score (0–100)
  • Risk level (Low / Medium / High)

5.2 Setup and Configuration Guidance

Reduces technical barriers through:

  • Auto-generated DNS records
  • One-click copy and setup guidance
  • Real-time validation of configuration status

5.3 Risk Control Policy Engine

When risky behavior is detected, the system applies control strategies automatically:

Risk TypeAction
Abnormal complaint rateRestrict sending speed
Incomplete authenticationBlock sending
Spam trap hitSuspend account

5.4 Deliverability Insights

Provides multidimensional data support including:

  • Inbox and spam delivery trends
  • User engagement data (opens, clicks)
  • Complaint and bounce trend changes

6. Consequences of Non‑Compliance

Failure to meet the above requirements may result in:

  • Gmail: Spam folder / block
  • Yahoo: Rejection or lower delivery priority
  • Microsoft (Outlook): Delivery delay or lower priority

Long-term Impact

  • Domain reputation damage with a long recovery cycle
  • IP blacklisting, affecting overall sending capability