Google’s new policies apply to emails received by any Google-hosted account, including Google Workspace and Gmail accounts. It is estimated that Google’s servers host roughly 1/3 of all email, so no matter what email provider you’re using to send your email, a significant number of your recipients are likely hosted by Google and will have their filters managed under these new rules. It’s important to understand these changes so you can stay on their good side.
Spam filters exist to protect the recipient from unwanted and unsafe mail, and the rules about what is and is not allowed into the inbox are up to the email recipient’s provider and the email server administrator. This means there’s nothing that you can do to 100% guarantee your email won’t get routed to a recipient’s spam folder (if there was a surefire way to avoid every spam filter, the spammers would be using it.)
The email spam filter examines each incoming message for common hallmarks seen in previously reported spam, including text phrases, web addresses, sender domains, IP addresses, and underlying code contents. Each suspicious element found is used in a weighted calculation and mail that reaches a given threshold gets filtered out. The specifics of the formula are up to the email server, and some are beginning to apply GPT methods in addition to traditional tools. While Google Workspace Business edition admins can create whitelists and adjust spam settings for their own users, users of basic Gmail accounts get standard spam filter settings that are beyond their control.
These systems learn to identify spam based on which emails cause the user to hit the ‘spam’ button, as well as the emails that users choose to remove from their spam folders by hitting ‘not spam.’ They build up a reputation for your domain or IP that is continuously updated over time. Your objective as a sender should be to minimize the number of people who mark your messages as spam, as that can affect your deliverability overall.
Whether you’re sending 10 emails or 10,000, there are established best practices that will go a long way toward keeping you deliverable. Several of them overlap with the CAN-SPAM Act, so adhering to them helps with your email getting delivered as well as your FTC legal compliance. The CAN-SPAM laws apply only to advertising email, so messages about an application process or other ‘transactional’ messages with existing candidates or clients are typically exempt from it. The laws in non-US jurisdictions may vary, so if you’re emailing people elsewhere, check the applicable laws.
Google’s new changes are centered around sender authentication and stricter adherence to spam report thresholds. In response to rising scams and phishing emails, where someone impersonates a different sender by faking the “From” address on their email, Google is now changing “show our bouncer your ID at the door” from a recommendation to a requirement.
Their policies fall into two categories: rules that apply to everyone sending emails to Google accounts, and rules that apply specifically to bulk senders.
Fortunately, most of the changes Google is making will not have much impact on you if you’re already using a properly configured email server and following the best practices above. We’ll outline the rules below and give some details on how they apply to PCRecruiter specifically.
Most of these items relate to technical settings that are handled by your DNS (domain registration) admin or your email provider. If you’re not sure who your configuration is through, you can perform a DNS lookup at MX Toolbox.
Here’s what Google requires for all senders:
If you’re used to importing candidate lists or sending larger Campaigns in PCRecruiter, you’ll need to be even more particular about where you get your data from, what messages you send, and how often. Before these updates, Google treated the 0.30% spam rate as a recommended maximum, but these changes mean they could be treated with more scrutiny. If you want to get to the inbox, being more granular and relevant will be increasingly important. The Postmaster Tools also show your Domain Reputation — keeping your Spam Rate low will help to keep your reputation High.
You can verify your own SPF here. If you have a Gmail account, you can use the Show Original option in the More menu (three dots) on any email you’ve received to see if the sender’s SPF and DKIM passed or failed.
For PCRecruiter users who only send email directly from their own email account and server (i.e. you’ve linked PCR to your Google or Microsoft account), the authentication is already handled. However, if you’re using a dedicated bulk email service like SendGrid or using a self-managed email server, you’ll want to double-check that you’ve properly configured your DNS so that mail sent using your domain is showing up as authenticated, no matter what mail server it is sent from.
If you’ve got multiple Email Aliases in PCRecruiter, check SYSTEM > Email Setup > Email Alias List to review your outgoing settings. If the “SMTP Server:Port” box on any of them contains an IP address rather than a full email server domain, you may want to check with that provider about authentication options.
Google has a few more requirements for “bulk senders” in addition to those listed above. Google defines bulk senders as any domain sending 5000+ emails per day to Google-hosted accounts. Keep in mind that this is cumulative, meaning that Google considers your domain a “bulk sender” whether you’re sending a single mass mail to 5000 recipients or 100 people at your company are sending 50 personal emails daily.
PCRecruiter adds the required “one-click unsubscribe header” code to any outgoing Campaign or Bulk Mail that contains an unsubscribe link merge tag in the body automatically, so by using PCR’s opt-out features for your form letters you’re already compliant. When a recipient uses the ‘one-click’ unsubscribe, they’re instantly opted out of any future emails for that bulk mail category in your PCR database.
Hiding or omitting your unsubscribe link just makes it more likely that an unwilling recipient will mark you as spam, so making it easy to get off the list will improve your deliverability overall, whether you’re sending bulk emails to 5000 or 50. If you are not currently including an unsubscribe link in your bulk emails, review our documentation on setting up the opt-in/out features to get started.
The typical PCRecruiter user is sending mail from a Google or Microsoft 365 account, which means a lot of the nuts and bolts of setting up authentication are already taken care of. PCRecruiter also already generates properly formatted emails and headers, so you don’t need to change anything to comply with these rules either. Plus with PCR’s bounce handling, opt-out list, and Sequencing, you can send the right emails to the right people and keep your database clean.
So, in essence, Google’s new rules just enforce what you should be doing already: sending legitimate emails to people who want to receive them and using a properly configured email server to do it. With a double-check of your domain record and a bit of extra scrutiny of your large-scale email plans, you should have nothing to worry about.
Digital tools for recruiters are rapidly evolving. Used properly, new technology can enhance every aspect of the recruitment process, including sourcing. Automating the extraction of relevant candidate data from social platforms like LinkedIn or job sites like Indeed has become commonplace.Read more
Back in October, Google announced changes to their email handling policies designed to combat spam. These new changes will be fully in place by February 2024. Yahoo/AOL has announced similar policies and others will likely follow suit. While the changes should mostly have a positive effect — reducing the amount of junk and scams that get to inboxes — they could have a negative effect on your recruiting process if you rely heavily on cold email or aren’t using properly configured outgoing email systems.Read more
Find out more about who we and what we do.