In February 2024, Gmail will begin enforcing several security-related requirements for messages sent to Gmail accounts. These requirements include proper authentication and domain records for the sending domain, secure transmission connections, a low spam rate for the sender, and proper email formatting and headers.

However, any Cornell senders who use third-party email or marketing vendors or Amazon Web Services to send bulk email to more than 5,000 Gmail accounts daily need to pay particular attention to the new requirements. Google has provided detailed documentation at Email sender guidelines.

Requirements for bulk senders include those listed above for all senders, but also add the requirements to have DMARC authentication of outgoing mail, alignment of the sender address with registered domain records, and a clear one-click unsubscribe link in the message.

If you send bulk email that includes Gmail accounts as recipients, review the document carefully to help ensure your email is delivered as expected and not throttled, blocked, or marked as spam by Google.

Answers to many common questions about Google’s new email sender requirements can be found at Email sender guidelines FAQ.

Relatedly, in preparation for Cornell’s own adoption of stricter email security protocols later this year, CIT Email Services has been working with Cornell-based senders to help ensure they are properly configured to avoid delivery problems to Cornell recipients. For more information about this Cornell initiative, visit CIT to Begin DMARC-based Email Security Initiative.