TD;LR: You’ll need to make sure SPF, DKIM and DMARC are setup properly for your domain and each service you use to send email to be sure you stay out of SPAM.

If you’re using any sort of email marketing platform, you likely received an email informing you of the changes Gmail and Yahoo! are making as of February 1, 2024 to tighten email authentication in order to fight SPAM.

This is a good thing, for all of us, but it means you likely need to make some updates to DNS (Domain Name System).

Below is a quick guide on what you should do:


SPF stands for Sender Policy Framework. It’s a DNS record that authenticates who is allowed to send email from your domain.

Here are the directions for Google Workspace and MS365.

Keep in mind, if you’re sending email from different places (like your website), those details need to be added into your SPF record as well to be sure email is authenticated properly when sending form details or other transactional emails.


DKIM stands for DomainKeys Identified Mail. It is another DNS record that indicates email was sent by the domain owner.

Here are the directions for Google Workspace and MS365.

Again, if you’re using multiple systems, you may need to add multiple DKIM records to DNS. For example, if you’re using a transactional email service, like Postmark or Mailgun, both will require a specific DKIM record to authenticate as an authorized sender of the domain.


DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. This one is to help protect domain owners email from unauthorized use and spoofing.

Before setting up DMARC, you’ll need to be sure SPF and DKIM are implemented properly.

Once you’re all set, to get started with DMARC, we recommend setting up a free monitor that sends you a weekly digest to help you understand and setup DMARC. If in your report you’re seeing a lot of email being sent from sources that aren’t aligned with SPF and/or DKIM, you’ll need to investigate further and figure out if they are legit sources or not. If they are, you’ll need to find the proper SPF and DKIM records to add so those sources are authenticated. If they aren’t, you may have someone spoofing your domain and require additional steps to lock DMARC down further so those emails are rejected.

SPAM Complaints

The last thing is your SPAM rate. Try to make sure it’s obvious to subscribers why they are getting your emails and making it crystal clear how/where to unsubscribe. If your SPAM rate increases above 0.3%, it’ll be hard to recover and your domain will be flagged to have all email coming from it to go to SPAM.

That’s the nitty gritty of it.

Not a fan of dealing with this kind of stuff? Let’s find time to chat and determine if one of our services would be a good fit to support you and your website.

About The Author
Justin Korn

Justin is the founder of Watchdog Studio, and former Director of IT at both Wells Fargo Securities and AirTreks. A prodigy of the dotcom era, he now provides businesses in Oakland, California and the surrounding Bay Area with honest, expert website services to drive growth.