--- title: "How to Setup DMARC to Meet Google’s New Requirements for Bulk Senders? | DMARC Report" description: "Google and Yahoo have unveiled a new email authentication policy that will be effective from ." image: "https://dmarcreport.com/og/blog/setup-dmarc-meet-googles-new-requirements-for-bulk-senders.png" canonical: "https://dmarcreport.com/blog/setup-dmarc-meet-googles-new-requirements-for-bulk-senders/" --- Quick Answer \[Google and Yahoo\](https://dmarcreport.com/blog/google-and-yahoos-new-email-authentication-policy-for-2024/) have unveiled a new email authentication policy that will be effective from Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/) Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fsetup-dmarc-meet-googles-new-requirements-for-bulk-senders%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=How%20to%20Setup%20DMARC%20to%20Meet%20Google%E2%80%99s%20New%20Requirements%20for%20Bulk%20Senders%3F&url=undefined%2Fblog%2Fsetup-dmarc-meet-googles-new-requirements-for-bulk-senders%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fsetup-dmarc-meet-googles-new-requirements-for-bulk-senders%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fsetup-dmarc-meet-googles-new-requirements-for-bulk-senders%2F&title=How%20to%20Setup%20DMARC%20to%20Meet%20Google%E2%80%99s%20New%20Requirements%20for%20Bulk%20Senders%3F "Share on Reddit") [ ](mailto:?subject=How%20to%20Setup%20DMARC%20to%20Meet%20Google%E2%80%99s%20New%20Requirements%20for%20Bulk%20Senders%3F&body=Check out this article: undefined%2Fblog%2Fsetup-dmarc-meet-googles-new-requirements-for-bulk-senders%2F "Share via Email") ![How to Setup DMARC to Meet Google’s New Requirements for Bulk Senders?](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) ## Try Our Free DMARC Checker Validate your DMARC policy, check alignment settings, and verify reporting configuration. [ Check DMARC Record → ](/tools/dmarc-checker/) [Google and Yahoo](https://dmarcreport.com/blog/google-and-yahoos-new-email-authentication-policy-for-2024/) have unveiled a new email authentication policy that will be effective from February 1, 2024 . So, if you send \*\*over 5,000 emails daily and haven’t aligned your email settings as per the new requirements, this guide is for you. DMARC ([RFC 7489](https://datatracker.ietf.org/doc/html/rfc7489)) ties SPF and DKIM together by requiring alignment between the envelope sender and the visible `From` header. According to Google’s February 2024 bulk sender requirements, a DMARC policy of at least `p=none` is now mandatory for any domain sending 5,000+ messages per day to Gmail users. > Google’s February 2024 requirements were a turning point, says Brad Slavin, General Manager of DuoCircle. Before that, DMARC was a recommendation. Now it’s a gate - if your DMARC record is missing or set to p=none without a plan to enforce, your email deliverability to Gmail is at risk. ## What are the New Requirements? Bulk senders who dispatch more than 5,000 emails per day to Gmail users are subjected to authenticate their [email-sending domains](https://developers.sparkpost.com/api/sending-domains/#:~:text=A%20sending%20domain%20is%20a,the%20%22From%3A%22%20header.) through SPF, DKIM, DMARC, and [rDNS](https://www.cloudflare.com/learning/dns/glossary/reverse-dns/). Moreover, the \*\*spam rate should be below 0.3% , and an \*\*easy way to unsubscribe should exist. This practice would make users compliant with Google’s new policy and establish them as trusted senders with improved email deliverability and good domain reputation. As of 2025, DMARC is mandatory under multiple compliance frameworks. [CISA BOD 18-01](https://www.cisa.gov/news-events/directives/bod-18-01) requires p=reject for US federal domains. [PCI DSS v4.0](https://www.pcisecuritystandards.org/) mandates DMARC for organizations processing payment card data as of March 2025\. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and [Microsoft began rejecting](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) non-compliant email in May 2025\. The UK [NCSC](https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing), Australia’s [ASD](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-email), and Canada’s [CCCS](https://www.cyber.gc.ca/en/guidance/implementation-guidance-email-domain-protection) all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition. ![Dmarc report](https://media.mailhop.org/dmarcreport/images/2024/01/dmarc-report-20.jpg) This means that most of the emails will land in the primary inboxes, which would minimize the occurrences of [false positives](https://www.nospamproxy.de/en/what-is-a-false-positive-and-what-is-a-false-negative/) and increase the **open and click-through rates**. ## How to Prepare for the New Requirements? You can get in touch with experts or DIY the steps mentioned below- ## STEP 1: Setup Email Authentication Protocols To deploy [DMARC](https://dmarcreport.com/) for a domain that sends more than 5,000 emails daily, you first need to have **SPF and DKIM in place**. ![Gmail DMARC Statistics 416x1024](https://media.mailhop.org/dmarcreport/images/2024/01/Gmail-DMARC-Statistics-416x1024.jpg) To begin with [SPF](https://dmarcreport.com/what-is-spf/), create a \*\*list of IP addresses that are authorized to send emails on behalf of your business and using your domain. Then, use an [online SPF record generator](https://mxtoolbox.com/SPFRecordGenerator.aspx) to produce an [SPF record](https://dmarcreport.com/what-is-spf/); _ensure that it begins with v=spf1 and ends with either \~all or -all mechanism_. The \~all mechanism represents a softfail, which means receiving MTAs are instructed to place emails sent by unauthorized IP addresses in spam folders. The -all mechanism commands recipients’ MTAs to \*\*reject the entry of illegitimate messages outrightly. Next, generate [DKIM keys](https://dmarcreport.com/blog/dkim-key-rotation-best-practices-for-large-organizations-should-know/) using an \*\*online DKIM record generator and publish the private key in your domain’s DNS. Then, finally, [create DMARC record](https://dmarcreport.com/blog/how-to-create-dmarc-record-stop-email-spoofing-domain/) with a **‘quarantine’ or ‘reject’ policy**. You can also implement the ‘none’ policy, but that is not at all effective against spoofing and [phishing attacks](https://www.infosecurity-magazine.com/news/us-states-prepared-cyber-elections/). **Note**: Bulk senders must ensure the domain in the [“From” field](https://www.servicenow.com/community/hrsd-articles/defining-quot-from-quot-email-field-on-email-notifications/ta-p/2313183) in email account settings matches the domain authenticated in SPF or DKIM. ## STEP 2: Maintain a Spam Complaint Rate of Lower than 0.3% A [spam complaint](https://help.campaignmonitor.com/spam-complaints#:~:text=Spam%20complaints%20are%20reports%20made,t%20want%20in%20their%20inbox.) is registered when a recipient intentionally marks your email as spam.\_ The email spam rate refers to the percentage or proportion of unwanted, unsolicited, or irrelevant emails within a given set of emails.\_ It measures the \*\*prevalence of spam messages compared to legitimate, desired emails in an email system or network. A Domain owner needs to establish the following practices within their organization to maintain a spam complaint rate **below 0.3%**: - Clean and update [email lists](https://www.podia.com/wiki/all-terms/email-list) by removing inactive or unsubscribed users. - Craft \*\*clear and relevant content to engage the audience while avoiding excessive use of capital letters, exclamation marks, or trigger words. - Regularly monitor \*\*email deliverability metrics like open and [click-through rates](https://en.wikipedia.org/wiki/Click-through%5Frate) to identify and address potential issues promptly. - Implement a [double opt-in process](https://www.bigcommerce.com/ecommerce-answers/what-is-a-double-opt-in/) to confirm subscribers’ intentions and preferences, reducing the chances of unintentional sign-ups. ## STEP 3: Don’t Impersonate Gmail Address in the ‘From’ Field Specifically, refrain from setting a \*\*Gmail address as the “From” address if it doesn’t belong to you. For instance, if you’re sending emails from a Yahoo account, then don’t display a Gmail address in the “From” field visible to recipients. Doing so could result in your emails being flagged as spam. Google takes a \*\*strict stance on this, and starting in February, it will block senders engaging in such practices. So, \*\*always use your [business email address](https://www.microsoft.com/en-us/microsoft-365/business/business-email-address#:~:text=A%20business%20email%20address%20is%20an%20email%20address%20that%20includes,trust%2C%20and%20promote%20your%20brand.) and ensure it matches the one set in your email account settings as the “From” address. This straightforward approach aligns with Google’s guidelines and enhances the chances of your emails reaching their intended recipients without being flagged as spam. ## STEP 4: Make it Easy to Unsubscribe Include a visible and \*\*easy-to-use unsubscribe link in every email to respect users’ preferences promptly. If users find it challenging to unsubscribe, they may mark your emails as spam, which can negatively impact your [email deliverability](https://dmarcreport.com/blog/what-is-a-dmarc-policy-and-how-does-it-affect-sending-my-emails/) and sender reputation. ## Summarizing Everything For You! Google and Yahoo will implement a new [email authentication policy](https://dmarcreport.com/what-is-dmarc/) starting February 1, 2024\. This affects bulk senders dispatching over 5,000 daily emails to [Gmail users](https://dmarcreport.com/blog/how-gmail-users-are-affected-by-updated-retvec-system/). To comply, you must authenticate domains through SPF, [DKIM](https://dmarcreport.com/what-is-dkim/), DMARC, and rDNS, maintain a spam rate below 0.3%, and ensure an easy unsubscribe option. Prepare by setting up email authentication protocols, maintaining a low spam complaint rate, avoiding [Gmail impersonation](https://today.ucsd.edu/story/forwarding%5Fbased%5Fspoofing) in the ‘From’ field, and ensuring easy unsubscribes. Following these steps aligns with Google’s guidelines, minimizing false positives, enhancing open and click-through rates, and increasing **overall email effectiveness**. ## Sources - [CISA Binding Operational Directive 18-01](https://www.cisa.gov/news-events/directives/bod-18-01) - [Microsoft Outlook DMARC Enforcement May 2025](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) (2025) - [PCI DSS v4.0 - DMARC Requirement](https://www.pcisecuritystandards.org/) (2025) - [RFC 7489 - Domain-based Message Authentication, Reporting, and Conformance (DMARC)](https://datatracker.ietf.org/doc/html/rfc7489) ## Topics [ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ dmarc record ](/tags/dmarc-record/)[ email security ](/tags/email-security/)[ SPF ](/tags/spf/) ![Vishal Lamba](https://media.mailhop.org/dmarcreport/images/team/vishal-lamba.jpg) [ Vishal Lamba ](/authors/vishal-lamba/) Content Specialist Content Specialist at DMARC Report. Writes vendor-specific email authentication guides and troubleshooting walkthroughs. [LinkedIn Profile →](https://www.linkedin.com/in/vishal-lamba/) ## Take control of your DMARC reports Turn raw XML into actionable dashboards. Start free - no credit card required. [Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) ## Related Articles [ Foundational 7m 4 sectors that need email authentication the most and why Oct 15, 2024 ](/blog/4-sectors-that-need-email-authentication-the-most-and-why/)[ Foundational 4m 8 Misconceptions About DMARC and its Deployment for Businesses Dec 4, 2023 ](/blog/8-misconceptions-about-dmarc-and-its-deployment-for-businesses/)[ Foundational 8m 9 technologies to protect your emails from cyber actors Dec 10, 2024 ](/blog/9-technologies-to-protect-your-emails-from-cyber-actors/)[ Foundational 14m Add TXT Record on Namecheap (SPF, DKIM & DMARC) - 2026 Mar 5, 2025 ](/blog/add-txt-record-on-namecheap-a-complete-dns-guide/) ```json {"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json [{"@context":"https://schema.org","@type":"BlogPosting","headline":"How to Setup DMARC to Meet Google’s New Requirements for Bulk Senders?","description":"Google and Yahoo have unveiled a new email authentication policy that will be effective from .","url":"https://dmarcreport.com/blog/setup-dmarc-meet-googles-new-requirements-for-bulk-senders/","datePublished":"2024-01-12T05:13:03.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-01-12T05:13:03.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vishal-lamba/#person","name":"Vishal Lamba","url":"https://dmarcreport.com/authors/vishal-lamba/","jobTitle":"Content Specialist","description":"Vishal Lamba writes DMARC Report's how-to guides and vendor-specific configuration walkthroughs. His work focuses on step-by-step implementation guides for major email platforms (Google Workspace, Microsoft 365, SendGrid, Mimecast, Proofpoint, Brevo, and others), troubleshooting common SPF and DMARC errors, and translating RFC-level specifications into practical deployment procedures for IT administrators.","image":"https://media.mailhop.org/dmarcreport/images/team/vishal-lamba.jpg","knowsAbout":["SPF Vendor Configuration","Email Platform Integrations","SPF Troubleshooting","Technical Documentation","Step-by-Step Guides"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vishal-lamba/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/setup-dmarc-meet-googles-new-requirements-for-bulk-senders/"},"articleSection":"foundational","keywords":"dkim, DMARC, dmarc record, email security, SPF","wordCount":795,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"How to Setup DMARC to Meet Google’s New Requirements for Bulk Senders?","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}] ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"How to Setup DMARC to Meet Google’s New Requirements for Bulk Senders?","item":"https://dmarcreport.com/blog/setup-dmarc-meet-googles-new-requirements-for-bulk-senders/"}]} ```