Email compliance - Bulk sending

In order to protect their users from receiving low-quality email, some mailbox providers have requirements in place. You must meet these requirements, or risk emails not being delivered.

How do I stay compliant when sending email?

In 2024, Google and Yahoo took the lead by introducing and enforcing a set of standards for email senders. It is likely that the rest of the industry will adopt similar requirements in the future.

At MessageBird, we have taken steps to ensure that the emails you send through us meet these requirements.

MessageBird's responsibilities and best practices

The following best practices are required by Google and Yahoo. You can find out more about Google and Yahoo's requirements on their websites:

Even if you're not sending large numbers of emails to Google or Yahoo accounts, you'll benefit from these best practices anyway, and be prepared for any future changes.

SPF and DKIM email authentication

Requirement
How we meet it

Set up SPF and DKIM email authentication for your domain.

MessageBird ensures all messages meet the requirements by mandating a valid DKIM key and an SPF record.

Forward and reverse DNS records (PTR records)

Requirement
How we meet it

Ensure that sending domains or IPs have valid forward and reverse DNS records (PTR records.)

All MessageBird IPs, including those in our BYOIP program, contain PTR records. These records confirm that the sending hostname is associated with the sending IP address, and all our hostnames have forward DNS entries that correctly point to the respective sending IP addresses.

TLS connection

Requirement
How we meet it

Use a TLS connection for transmitting email

To ensure optimal security and stability, MessageBird supports TLSv1.1 or higher.

Internet Message Format standard (RFC 5322)

Requirement
How we meet it

Format messages according to the Internet Message Format standard (RFC 5322)

MessageBird is fully aligned with RFC 5322.

ARC headers

Requirement
How we meet it

If you regularly forward email, including using mailing lists or inbound gateways, add ARC headers to outgoing email.

Since MessageBird does not operate as a relay, this requirement is not applicable.

Unsubscribes

It is your responsibility as a customer to ensure there is an unsubscribe link included in the message body.

Requirement
How we meet it

Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body.

MessageBird adheres to this requirement by employing the 'mailto' in the List-Unsubscribe header, considered a one-click solution. We will be adding an HTTPS URL alongside the 'mailto' in our unsubscribe header by February 1st along with the List-Unsubscribe-Post header.

Your email responsibilities and best practices

The following best practices are required by Google and Yahoo.

Even if you're not sending large numbers of emails to Google or Yahoo accounts, you'll benefit from these best practices anyway, and be prepared for any future changes.

Spam rates

Requirement

Keep spam rates below 0.10% and avoid reaching 0.30% or higher.

Unsubscribes

Requirement

Ensure each message has a visible unsubscribe link in the body to improve recipient engagement and efficiency.

DMARC Email Authentication

Requirement

Some email providers (including Google and Yahoo) require a DMARC record if your daily email volume exceeds 5000 messages. Is it considered best practice to implement a DMARC record for all sending domains, regardless of email volume. A recommended initial configuration is to set the policy to "none”. In addition, ensure there is alignment of the sender's From: header with either the SPF domain or the DKIM domain.

Last updated

#490: Add Entra ID SCIM settings

Change request updated