Is domain authentication required for all Mailchimp senders after Gmail and Yahoo changes?

Key findings

• Universal requirement: Mailchimp and other ESPs are strongly encouraging, if not outright requiring, custom domain authentication for all senders, not just those designated as bulk senders by Google and Yahoo.
• Authentication methods: This typically involves setting up DKIM for your sending domain within Mailchimp and publishing a DMARC record in your DNS. DMARC is required for compliance.
• Beyond volume thresholds: Even if a client sends well under the 5,000 emails per day threshold, they can still be affected. Google and Yahoo view sending patterns holistically, and even lower volumes can be subject to stricter filtering without proper authentication.
• Deliverability impact: Without proper domain authentication, emails are at a much higher risk of being rejected or delivered to the spam folder, even if Mailchimp does not explicitly block the send.

Key considerations

• Proactive compliance: It is a longstanding best practice to authenticate your sending domain, and the new requirements simply make this a necessity for all senders. Proactive setup is advisable to prevent future deliverability issues. Mailchimp provides guidance on this.
• Warming not typically needed: Unlike some platforms or new domain setups, authenticating an existing domain within Mailchimp typically does not require a separate warming period with engaged contacts. Your domain's existing reputation will carry over, and the authentication helps solidify it.
• ESPs' roles: While Google and Yahoo set the standards, each ESP (like Mailchimp) implements these requirements in their own way. Mailchimp appears to be taking a stricter approach by pushing for widespread authentication. Understanding new requirements is crucial.
• Implementation ease: Setting up DKIM and DMARC can be straightforward, often taking only a few minutes if you have direct access to your DNS records. The main hurdle for some users might be coordinating with IT or domain registrars.

Key opinions

• No volume exceptions: Marketers frequently state that the concept of a non-bulk sender is largely irrelevant when it comes to authentication requirements, as platforms like Mailchimp are pushing for universal adoption.
• Best practice evolution: Many view the new requirements as simply making existing best practices mandatory. Aligning DKIM and implementing DMARC has been recommended for years, and now ESPs are ensuring compliance. Setting up authentication for multiple ESPs is key.
• Surprise at strictness: Some marketers were surprised by Mailchimp's strictness, noting that other platforms they use only applied such requirements to bulk senders initially.
• No warming needed for authenticated domains: For existing Mailchimp accounts, marketers generally agree that warming an authenticated domain with engaged contacts is not necessary, unlike starting a brand new sending domain on a platform like Klaviyo.

Key considerations

• Testing is key: Marketers advise sending test emails to confirm how Mailchimp is handling unauthenticated domains, as their internal policies can vary.
• Beyond Mailchimp: The changes apply across the board. Marketers using other ESPs should also ensure their domains are authenticated to comply with the Gmail and Yahoo mail changes.
• Ease of setup: Despite the perceived strictness, the technical setup for Mailchimp domain authentication is generally quick and easy for those with DNS access. For others, it might require coordination with the relevant parties.
• Compliance for all: The underlying message from the market is that all senders, regardless of volume, should adopt strong authentication. Complying with Gmail's rules is paramount for deliverability.

Key opinions

• No real 'non-bulk' exemption: Experts highlight that the 5,000 message threshold is a guideline, not a strict cutoff. Even sending below this amount can result in an account being treated as a bulk sender, necessitating authentication.
• Mailchimp's proactive stance: Mailchimp's efforts to encourage or enforce authentication for all users are viewed as a positive move that aligns with the industry's need for cleaner sending practices. This affects senders using shared domains and ESP authentication.
• Simplicity of setup: Despite the perceived complexity, experts affirm that setting up DKIM and DMARC through platforms like Mailchimp is relatively quick, particularly for users with direct DNS access.
• Future enforcement: While immediate blocking might not be universal for non-authenticated domains, experts anticipate stricter enforcement, including bounces, as mailbox providers continue to refine their policies.

Key considerations

• Proactive compliance is key: Waiting for emails to be blocked or sent to spam is a reactive approach. Implementing authentication measures now is vital for maintaining a healthy sender reputation and inbox placement.
• Technical updates are minimal: The required DNS changes for DKIM and DMARC are straightforward. The biggest hurdle might be organizational access to DNS settings. Senders should verify DKIM, SPF, and DMARC updates.
• Industry shift: The new requirements from Google and Yahoo, and their implementation by ESPs, signal a permanent shift towards mandatory domain authentication for all commercial senders. Ignoring this will lead to deliverability problems. Stripo.email details the after-effects.
• Avoid shared IP blocklists: Authenticating your own domain provides better control over your sender reputation, reducing reliance on shared IP addresses that might end up on a blacklist or blocklist due to other users' poor sending practices.

Key findings

• Mandatory custom authentication: Mailchimp, in line with Gmail and Yahoo, now requires custom domain authentication and a published DMARC record for improved deliverability and trust.
• DMARC for all: Documentation implies that a DMARC record is essential for all domains sending email through these providers, not just for high-volume senders. Yahoo and Gmail require DMARC.
• Focus on legitimacy: The primary goal of these requirements is to help ensure that an email sent from your domain is legitimate and not spam or 'spoofing,' improving overall email security.
• Impact on inbox placement: Non-compliance, even for smaller senders, will result in emails failing to reach the inbox, potentially leading to hard bounces or being flagged as spam.

Key considerations

• Authentication process: Mailchimp's documentation outlines the steps for setting up custom authentication, typically involving adding CNAME records for DKIM to your domain's DNS. Mailchimp provides a setup guide.
• DMARC policy importance: While authentication for non-bulk senders may not immediately result in blocking by Mailchimp, having a DMARC policy in place is crucial for controlling how unauthenticated emails are handled by recipient servers. Consider the main rules any DMARC must follow.
• Sender reputation: Domain authentication builds trust with mailbox providers, which is fundamental for maintaining a positive sender reputation and avoiding blacklists and blocklists, regardless of sending volume.
• Continuous compliance: These are not one-time changes. Senders should regularly review their authentication settings and stay informed about updates from ESPs and mailbox providers to ensure ongoing deliverability.