Skip to main content
All CollectionsFrequently Asked QuestionsEmails
Why are my emails bouncing or unsubscribing? Tips for improving email deliverability
Why are my emails bouncing or unsubscribing? Tips for improving email deliverability

Having trouble with emails not being delivered, receiving lots of bouncebacks or unsubscribes? Learn how to fix it in this article.

Will Rosa avatar
Written by Will Rosa
Updated over a week ago

Having trouble with your emails from LeadSimple not being delivered, receiving error messages, or seeing contacts automatically unsubscribing?

There was a recent policy change by Google and Yahoo to reduce spam that has affected the deliverability of emails. If your email domain doesn’t meet the new policies, your emails will be blocked by Google and Yahoo. This includes emails sent through your connected email account by LeadSimple, and we are seeing an increasing number of clients affected by this.

Currently LeadSimple handles bouncebacks we receive by unsubscribing the contact; we are actively adjusting the error to be more clear when it is a bounceback from Google or Yahoo due to missing SPF, DMARC, and DKIM records.

To fix this issue and get your domain up to date with the new policies, you will need to follow the instructions of your email provider to set up SPF, DMARC, and DKIM records in your DNS provider.

🔥 Please note that while we have linked those instructions below, we HIGHLY recommend working directly with your domain host, email provider, or IT manager to set this up as it is highly technical.

More Details on the Policy Updates

In October 2023, Google and Yahoo announced stricter policies for bulk senders with the goal of reducing spam. Those policies require email messages to be authenticated and an easy way to unsubscribe from those messages.

In February 2024, the rules started being enforced. If your domain doesn’t meet them, email messages from your domain will be blocked by Google and Yahoo, meaning you’ll receive error messages related to failed authentication against SPF, DMARC or DKIM records for your domain (e.g. reply codes 421, 451 or 550, and status codes 4.7.26 or 5.7.26).

While LeadSimple offers features to compose messages, it’s an email service provider like Gmail or Outlook that actually sends them. In order to authenticate email messages from your domain, you must follow the instructions they provide to set up SPF, DMARC and DKIM records in your DNS provider.

Setting up SPF, DKIM, and DMARC records is a critical step in ensuring your email domain's security and reliability. Here’s a straightforward guide for setting these up using Gmail (Google Workspace) or Outlook (Microsoft 365). This will help prevent your emails from being marked as spam and protect against email spoofing.

Setting Up SPF, DMARC, and DKIM records

For Gmail Users

Find more info in Google's guide right here. You may also find this article useful.

Note: If a business sends up to 5,000 messages a day, either SPF or DKIM is enough. If it sends more than 5,000 messages a day, SPF, DKIM and DMARC are all required. Source: here and here.

Step 1: Set up SPF

  1. Log in to your domain’s DNS provider (where you registered your domain).

  2. Navigate to the section where you can manage DNS settings.

  3. Check if there is an existing TXT record whose value starts with "v=spf1".

    1. If there isn't, create a new TXT record with the following values:

      1. Name/Host/Alias: @ or leave blank (depends on the DNS host)

      2. Value/Text: v=spf1 include:_spf.google.com mx ~all

      3. TTL (Time to Live): Set this to the default, or use 3600 (1 hour)

    2. If there is, edit the existing record by appending include:_spf.google.com to the list of existing values.

  4. Save the record.

Step 2: Set up DKIM

  1. Sign in to your Google Admin console (admin.google.com).

  2. Go to Apps > Google Workspace > Gmail.

  3. Click Authenticate email.

  4. Select your domain and then “Generate new record”. Choose a DKIM key bit length (recommend 2048 bits).

  5. Copy the DKIM record generated.

  6. Go back to your domain’s DNS settings and add a new TXT record:

    1. Name/Host/Alias: Enter what’s provided by Google (usually something like “google._domainkey”)

    2. Value/Text: Paste the DKIM value you copied

    3. TTL: 3600

  7. Save the record and then go back to the Google Admin console to “Start authentication”.

Step 3: Set up DMARC

  1. Go to your domain’s DNS settings.

  2. Add a new TXT record:

    1. Name/Host/Alias: _dmarc

    2. Value/Text: v=DMARC1; p=none; rua=mailto:yourname@yourdomain.com

    3. TTL: 3600

  3. Save the record. This setup tells email servers to send reports about emails (passing/failing DMARC) to your specified email address but not to enforce any policy yet.

For Outlook Users

Note: If a business sends up to 5,000 messages a day, either SPF or DKIM is enough. If it sends more than 5,000 messages a day, SPF, DKIM and DMARC are all required. Source: here and here.

Step 1: Set up SPF

  1. Log in to your DNS management console.

  2. Check if there is an existing TXT record whose value starts with "v=spf1".

    1. If there isn't, create a new TXT record for SPF:

      1. Name/Host/Alias: @ or leave blank

      2. Value/Text: v=spf1 include:spf.protection.outlook.com mx ~all

      3. TTL: 3600

    2. If there is, edit the existing record by appending include:spf.protection.outlook.com to the list of existing values.

  3. Save the record.

Step 2: Set up DKIM

  1. Sign in to Microsoft 365 admin center.

  2. Go to Settings > Domains.

  3. Choose your domain and find the option to Manage DKIM.

  4. Select “Enable” for DKIM, which will prompt you to add two CNAME records to your DNS settings.

  5. Add these CNAME records in your DNS settings:

    1. Names/Hosts/Aliases and Values will be provided by Microsoft

    2. TTL: 3600

  6. Save the records.

Step 3: Set up DMARC

  1. Add a new TXT record in your DNS settings:

    1. Name/Host/Alias: _dmarc

    2. Value/Text: v=DMARC1; p=none; rua=mailto:yourname@yourdomain.com

    3. TTL: 3600

  2. Save the record.

Last Step: Verify your Setup

After setting up SPF, DKIM, and DMARC records, it usually takes up to 48 hours for these changes to propagate across the internet. Here's how to check if everything is configured correctly:

Step 1: Verify SPF and DKIM

  1. Go to the MXToolbox website: https://mxtoolbox.com/SuperTool.aspx.

  2. Choose “SPF Record Lookup” to check your SPF record.

  3. Select “DKIM Record Lookup” and enter your selector and domain to verify the DKIM setup.

Step 2: Verify DMARC

  1. Go to the MXToolbox website: https://mxtoolbox.com/SuperTool.aspx.

  2. Choose “DMARC Record Lookup” and input your domain to see if your DMARC record is recognized.

Step 3: Receive DMARC reports

Ensure you’ve provided an email address in your DMARC record to receive reports about email delivery statistics. These reports will help you monitor how emails from your domain are being handled on the receiving end.

These tools provide a straightforward way to confirm that your email security settings are active and functioning correctly. If there are issues, the tools often give hints or errors about what might be wrong, helping you troubleshoot effectively.

FAQ's:

Q: Do I need to update all three records or is one enough?

A: If a business sends up to 5,000 messages a day, either SPF or DKIM is enough. If it sends more than 5,000 messages a day, SPF, DKIM and DMARC are all required. Source: here and here.

Did this answer your question?