What's your biggest current challenge? Have your say in Community Polls along the right column.

Re: Google & Yahoo email deliverability changes - February 2024

Solved

Google & Yahoo email deliverability changes - February 2024

superp
Tourist
10 1 8

Hello! 

 

I'm sure most of you are aware. Google and Yahoo are both adding requirements for successful email deliverability very soon in February 2024

 

These four main changes are:

-Required DKIM, SPF, and DMARC records

-Branded Sending Domain

-One-Click unsubscribe link

-Keep spam complaints under 0.3% (literally 3 complaints every thousand emails.....)

 

Lots of questions here:

-Has the 1024 vs 2048 DKIM debacle been solved yet? Currently, I believe Shopify will only accept 1024 bit DKIM records which is a huge problem as February 2024 is coming very soon.
-If Shopify is hosting our domain, we update/add our DKIM, SPF, and DMARC records right in the back of Shopify, correct? (admin profile > settings > domains > add record)

-If we're using a third-party email service (e.g. Klaviyo) and we update create our branded sending domain in the third-party service, does this affect Shopify transactional emails? (Order confirmations, receipts, etc)  Do we need to do something else in the Shopify backend to create a branded sending domain? Would this just entail adding DKIM, SPF, and DMARC records for our sending domain in the back end of shopify???

Thank you for your time!

Accepted Solution (1)

superp
Tourist
10 1 8

This is an accepted solution.

Some updates that I've found by myself with absolutely zero help from Shopify.....

DKIM, SPF, and DMARC:
Your ESP (Klaviyo, etc) should update the DKIM and SPF records for you. However, the DMARC records are still on the end user. I've been using https://easydmarc.com/ 

Branded Sending Domain:
Again, if you are using an ESP this should be easy. Klaviyo has an area specifically for this. (bottom left > settings > email > domains). I do believe you have to update your DMARC to reflect your new branded sending domain though. 

One-Click Unsubscribe:
If you are using an ESP, this should automatically be fixed, but I would check with your ESP to make sure.

Spam Complaints under 0.3%:
I would start using double opt-ins, great content, and really think about your subject/preview text copy. 

Klaviyo has a great article here and Google's article here.

View solution in original post

Replies 21 (21)

superp
Tourist
10 1 8

This is an accepted solution.

Some updates that I've found by myself with absolutely zero help from Shopify.....

DKIM, SPF, and DMARC:
Your ESP (Klaviyo, etc) should update the DKIM and SPF records for you. However, the DMARC records are still on the end user. I've been using https://easydmarc.com/ 

Branded Sending Domain:
Again, if you are using an ESP this should be easy. Klaviyo has an area specifically for this. (bottom left > settings > email > domains). I do believe you have to update your DMARC to reflect your new branded sending domain though. 

One-Click Unsubscribe:
If you are using an ESP, this should automatically be fixed, but I would check with your ESP to make sure.

Spam Complaints under 0.3%:
I would start using double opt-ins, great content, and really think about your subject/preview text copy. 

Klaviyo has a great article here and Google's article here.

juenology
Shopify Staff
28 1 13

Hello! I'm an Email Deliverability Specialist at Shopify and would love to help answer your questions. 

  1. While a 2048 bit DKIM record would be ideal, Gmail's minimum requirements for February 1st are fine with 1024 bits 
  2. If Shopify is hosting your domain, we will automatically insert a DMARC record of p=none before February 1st if we do not detect one in place before then. Any required DKIM / SPF records for you to continue sending emails from the Shopify platform will automatically be setup for you as well. However, any DKIM / SPF records needed for you to send through other email service providers (i.e. Google Workspace, Mailchimp, Klayvio, etc.) will need to be setup and more information will be available through their help documentation and support.
  3. Your setup with 3rd party sending platforms will not impact your Shopify transactional emails. To continue sending from a branded sending domain through Shopify, you need to ensure that DMARC for your sending domain is set up and that Shopify's DKIM and SPF records are included. Again, if you are hosting your domain through Shopify, we will have taken care of these steps for you.

Hoping this helps. 

superp
Tourist
10 1 8

Okay more updates from weeks of figuring this out and support chats from 4 separate companies..... I hope someone finds this helpful in the next couple of weeks as we all scramble to get these requirements completed and be in compliance with daddy google.

Shopify Transactional Emails: These emails need separate CNAME records that include DKIM with DMARC and SPF records being automatically added by shopify on Feb 1st.

 

Klaviyo Branded Sending Domain Emails: The installer in the backend of Klaviyo walks you through setting up CNAME records that point to a subdomain that Klaviyo takes care of. "When the CNAME records are added to your DNS, a subdomain is created and delegated over to Klaviyo to control and make use of. At this point, Klaviyo automatically adds the necessary SPF/DKIM records to set your account up to send emails using your own dedicated domain. On your end, you only need to add the prescribed CNAMEs; no records are required."

*Note: Shopify does not accept NS records so you must use the static IP for a sending domain which equals CNAME records instead of NS.


Google Workspace Emails: Their helpers/installers inside the google workspace admin area should help you add the appropriate MX records to your DNS. And then finally just need to add the "v=spf1 include:_spf.google.com ~all"

After all of that checks out on various tools (e.g. toolbox.googleapps.com) then feel free to head over to easydmarc.com and add a DMARC record (you can also check your DMARC record here)


**Initially I was confused because you're supposed to combine all of your SPF records? But if Shopify and Klaviyo run a subdomain with it's own SPF records then I guess this would still equal ONE spf record per domain? I think that is correct

juenology
Shopify Staff
28 1 13

@superp wrote:

**Initially I was confused because you're supposed to combine all of your SPF records? But if Shopify and Klaviyo run a subdomain with it's own SPF records then I guess this would still equal ONE spf record per domain? I think that is correct


Good question, and yes that's correct: There is only 1 SPF record allowed per domain, with each subdomain being allowed to have their own SPF record that would override the SPF record on the parent domain. 

Integral25
Tourist
6 0 0

Thanks for the info! 

 

Wondering if you can shed some light on the following questions: 

 

Klaviyo Branded Sending Domain Emails: Did you contact someone at Klaviyo to walk you through setting up CNAME records? I see that if we are choosing static (which is our only option if Shopify is the host) that uses CNAME records, the records value and host are listed on this page (https://help.klaviyo.com/hc/en-us/articles/115000357752) from Klaviyo. Did you simply copy and pasted the value for CNAME and TXT in the Shopify DNS Setting? 

 

Google Workspace Emails:  Which department did you talk to and got the MX records sorted? 

 

Thank You So Much! 

superp
Tourist
10 1 8

Hey Integral,

 

For the Klaviyo Branded Sending Domain, once you click through their tool (settings > email > domains) they will provide all of the CNAME records (static) or NS records (dynamic) for you to copy/paste. I was searching for what those were for a while too and then I just clicked thru their authentication tool and Klaviyo had it all ready to go. 

For the Google Workspace Emails, it was the same scenario. The Google Workspace tool guide you the whole way and includes your MX records (https://support.google.com/a/answer/10888698). I will say this requires you to have admin rights inside of your Google Workspace. This cannot be done if you do not have admin privileges.

Bonus: Under the same area in Apps > Google Workspace > Gmail > Authenticate Gmail you can setup your DKIM. The tool will build the record for you to copy/paste.

I hope this helps!

Integral25
Tourist
6 0 0

Hey Superp, 


Thank you so much for your input here! Followed your steps with the Klaviyo Branded sending domain and copied everything over to the DNS Setting on Shopify. Got all the green arrows and says active. Now just have to test this all out and finger crossed! Thanks again for being one of the few that's leading this discussion. Was speaking with a few other people in this space that didn't know these changes were coming! lol

 

I will check out the MX records you have mentioned shortly! 

 

On your last point! Thanks for pointing me in this direction and validating what I did earlier was correct! When I regenerated the DKIM again today, it got me down below the 255 character limit (which was odd as it wasn't doing that yesterday) and I also ran the authentication on the DKIM google page along with the EasyDMARC platform  and confirm they are all in place! 

 

Thanks again Superp!   

superp
Tourist
10 1 8

Hey Integral,

 

No worries at all. The problem is that you have to setup these records for each email system you're using. Once I figured that out, it became wayyy clearer. I understand why Shopify can only speak to Shopify and why Klaviyo can only speak to Klaviyo. But I just one of these companies would say, "You'll have to check each other your other ESPs, third parties, and integrations to make sure they are all working in concert".


I'm glad you were able to generate new 1024 records and they worked! It is weird that Shopify cannot use 2048 bit DKIM records yet. You would think since they are a world leader in e-commerce.

The MX records with google workspace were the easiest (they do the most for you).

After the MX records, I believe the last thing you need is your DMARC policy. I go here to the "dig" feature (https://toolbox.googleapps.com/apps/dig/) and can check all 3 records (DKIM, SPF, DMARC). To check dmarc though, you'll have to input _dmarc.yourdomain.com as they will not show up in just checking yourdomain.com. 

I get an email if you respond so drop a reply if you have any issues. I'll try my best to help!

Integral25
Tourist
6 0 0

Thanks Superp!

 

I will be tackling the MX records this week so hopefully it'll go smoothly!

 

I wonder if there is a way for Klaviyo to check on their end if everything is in sync and the way we have implemented these changes are correct. I ran a test email campaign yesterday to a small number of people on my list and it seems to work fine and the email domain is finally showing up as my company's domain name instead of Klaviyo's. I hope I didn't miss any steps.

superp
Tourist
10 1 8

That's an interesting question. I would reach out to Klaviyo support and just see what they say? However, if you've sent out to a small list and you see that deliverability, opens, and clicks are working. I personally would consider that completed. If it wasn't setup correctly, I believe you would just see a ton of fails or every single email getting a hard bounce.

 

Honestly the biggest concern post setting up your branded sending domain is potentially having to rewarm your new domain. I would say if your list is bigger than 3,500-4,000 and you send 3-4+ campaigns a month, then you should most definitely rewarm. (Klaviyo has a great article here: https://help.klaviyo.com/hc/en-us/articles/360025945671 and there's also a ton of YouTube videos that helped me). 

Honestly, the Google Workspace MX records were the easiest so I also hope it goes smoothly!

Integral25
Tourist
6 0 0

Hello, Thanks for the information and feedback. However, I have a question regarding point 2. The issue I am encountering and seems like a few people have raised this on separate discussion is the character limitation under the TXT record. It caps at 255 Characters. Google has created the TXT record for both 1024 and 2048 of which both of the record value is more than 255 characters. Any advice on how to solve this issue so we can get the DKIM authenticated? 

superp
Tourist
10 1 8

I have seen this as an issue in the the community forum and in other places as well. 

I have exhausted all support options with Shopify and it's 100% fact that they can only use 1024 bit DKIM records (with a promise to update to 2048 sometime in the future). Fortunately our 1024 bit DKIM record was accepted and under the 255 limit. I am completely unsure what to do here. 

To reach google support on a specific topic, you have to be a google admin. From the admin page hit the circled "?" at the top right and then navigate to support. It'll bring up a new window with an AI bot. Tell it you "need help with DKIM authentication" and then navigate through the AI to chat with a real google support CSR. (It was a long wait but it's worth it as they were the most helpful)

 

Sorry I didn't provide a real answer for you and hopefully google support can help you through this!

john75204
Tourist
3 0 1

I am experiencing this same issue. My TXT records exceed the 255 character limit given by Shopify's DNS entry settings. Have you found a solution to get a 1024 or 2048 record that is below 255 characters? Thank you

Integral25
Tourist
6 0 0

My TXT worked when I regenerated the records the following day. Shopify accepted it but only after I noticed a slight variance on the copy and paste values which I needed to fix. Maybe try regenerate the TXT record through Google DKIM authentication and paste it on an Excel (make sure what you copy from Google exactly matches what you paste on Shopify TXT record). For some strange reason, when I copied the TXT record from Google DKIM Authentication record and then immediately on Shopify, it slightly altered some text and added spacing. It had different characters and I have no idea why. I even used Excel formula to confirm and the values were different. So what I did was I copied the TXT record onto an excel first and then copied that over to shopify. It matched and it finally worked for me.  

naturalfibreart
Tourist
4 0 0

If I am reading this correctly that means that if we only use the shopify marketing emails we don't need to do anything as it's already been done? Is that correct.

juenology
Shopify Staff
28 1 13

Hi @naturalfibreart if your domain is hosted through Shopify, all of your Shopify emails (marketing, transactional, etc.) should be authenticated and setup correctly. However, if you use any other service for sending emails (i.e. Google Workspace for staff emails, etc.) you will need to ensure you setup authentication (i.e. DKIM / SPF) for each of those providers. 

naturalfibreart
Tourist
4 0 0

Do you mean if my website domain is hosted through shopify or my emails?  I send bulk marketing emails (newsletters) via the shopify platform and of course all the order, fulfillment etc automatic emails, but my email address is naturalfibrearts@gmail.com . I understood that I would have to change that to something like admin@naturalfibrearts.com is that correct? That would mean changing all my stationary, business cards etc.

juenology
Shopify Staff
28 1 13

If you leave the Sender email field value as naturalfibrearts@gmail.com, we will rewrite the from email address for your Shopify emails to something that looks like store+123@shopifyemail.com to ensure your emails continue to deliver successfully with the new Gmail and Yahoo sender requirements. However, the reply-to email address will be kept as naturalfibrearts@gmail.com to catch any inquiries from customers that try to respond to your emails. Hopefully this allows you to keep your stationary intact. 

jamcatcandles
Visitor
2 0 0

Hi there Juenology,  might you be able to help me with an issue I have been chatting with Omnisend and Shopify about for over 2 weeks now?  Prior to verifying my domain per Omnisend's direction regarding the 2/2024 requirements, I had no issues receiving emails to my 3 email addresses tied to the domain I had purchased from Shopify.  I last received an email to my shop@  address on 1/18, verified my domain via Omnisend's directions on 1/19 and then the ridiculousness ensued!  Now I am no longer receiving emails to those 3 emails and have spent several hours chatting with  Omnisend, who says they can't help me any further,  and Shopify says I need to get the necessary mx records from gmail....there is no support I can find for gmail....I do not have Google Workspace. Through my own research, I found information regarding MX records for gmail and added those yesterday.  Today when I sent myself test emails I received "undeliverable" messages stating the email address "wasn't found at the destination domain".  That's a first...I hadn't received any undeliverable messages before, so I am hoping that is some type of progress!!! I had NO issues before 1/18,  I am at my wit's end and I am hoping you can help!!  Additionally, I am totally confused as to why Shopify hasn't been more helpful in coming up with a resolution!  Thanks!

juenology
Shopify Staff
28 1 13

Thanks for reaching out. I apologize, these changes that Gmail announced have been really difficult for most senders to navigate. Can I ask which service you use to host your business emails if not Google Workspace? That will be where your MX records should point to, not Gmail / Google. From what I can gather from your post, your email hosting provider is who you will need to reach out to for troubleshooting this, and you may need to loop in a representative from Omnisend, since we do not have visibility into your setup with your email hosting provider or Omnisend.

jamcatcandles
Visitor
2 0 0
Thank you so much for your response!! This has definitely been a
challenge! Extremely long story short, I had email forwarding with
Shopify, but no one recognized that may have been the issue, and I of
course was clueless!! So after all the research I did on my own, I found
google mx records. When I added them, my domain info then said "g suite"
(workspace) was my email host and no longer "email forwarding". I have now
signed up with Zoho instead and am in the process of onboarding with them.
I am hoping that after almost 3 weeks of issues, endless frustrating hours
of chatting/emails with Omnisend and Shopify, that this will soon be
resolved!!! Thanks again for trying to help me! I really appreciate it!