DomainSecurityScanner
Free Tool | No Signup Required

Google, Yahoo & Microsoft Email Sender Compliance Checker

Instantly check if your domain meets the 2024/2025 bulk sender requirements from Google, Yahoo, and Microsoft Outlook. Get a compliance score with pass/fail for every requirement.

DNS-based check, no test email needed. Results in seconds.

What We Check

SPF Authentication

Critical

Verify your SPF record exists, is syntactically valid, and doesn't use dangerous +all.

DKIM Authentication

Critical

Check DKIM records are configured with strong keys across all your email providers.

DMARC Record & Policy

Critical

Validate your DMARC record exists with at minimum p=none as required by all three providers.

DMARC Policy Enforcement

Important

Check if your policy has progressed beyond p=none to p=quarantine or p=reject for stronger protection.

Aggregate Reporting (rua)

Important

Verify DMARC aggregate reporting is configured so you have visibility into email authentication results.

SPF/DKIM Alignment

Important

Confirm that your From: domain aligns with SPF and/or DKIM domains for DMARC to pass.

TLS Encryption

Important

Check that your domain supports TLS for encrypted email transport as required by all providers.

Reverse DNS (PTR)

Important

Verify that your sending IPs have valid PTR records matching forward DNS.

DMARC Coverage (pct=100)

Recommended

Ensure your DMARC policy applies to 100% of your email, not just a percentage.

Requirements by Provider

Google, Yahoo, and Microsoft now require email authentication for all senders. Here's what each provider demands.

📧

Google Gmail

Enforced since February 2024, progressively tightening

  • SPF and DKIM authentication required for all senders
  • DMARC record with at minimum p=none for bulk senders (5,000+/day)
  • SPF or DKIM alignment must pass DMARC
  • TLS encryption for email transport
  • Valid forward and reverse DNS (PTR) records
  • One-click unsubscribe for bulk senders
  • Spam complaint rate below 0.3%
📨

Yahoo Mail

Enforced since February 2024, aligned with Google

  • SPF and DKIM authentication required
  • DMARC record required for bulk senders
  • One-click unsubscribe with 48-hour processing
  • Complaint Feedback Loop (CFL) monitoring
  • Same 5,000/day bulk sender threshold
✉️

Microsoft Outlook

Enforced since May 2025; junk routing now, rejection coming

  • SPF must pass for the sending domain
  • DKIM must pass to validate email integrity
  • DMARC with at minimum p=none, aligned with SPF or DKIM
  • Non-compliant mail goes to Junk (May 2025)
  • Full rejection enforcement coming in future phase

Frequently Asked Questions

What are Google's email sender requirements?
Since February 2024, Google requires all email senders to authenticate emails with SPF and DKIM, have a DMARC record with at minimum p=none, use TLS encryption, maintain valid reverse DNS (PTR) records, and keep spam complaint rates below 0.3%. Bulk senders (5,000+ daily emails to Gmail) must additionally implement one-click unsubscribe and ensure SPF/DKIM alignment passes DMARC.
What are Yahoo's email sender requirements?
Yahoo's sender requirements mirror Google's: mandatory SPF and DKIM authentication, a published DMARC record, TLS encryption for email transport, valid forward and reverse DNS, and one-click unsubscribe for bulk senders. Yahoo also requires that spam complaint rates stay below 0.3%.
What are Microsoft Outlook's new sender requirements for 2025?
Starting May 5, 2025, Microsoft requires bulk senders (5,000+ daily emails to Outlook.com, Hotmail.com, Live.com) to have properly configured SPF, DKIM, and DMARC (at minimum p=none) with alignment. Non-compliant emails are routed to Junk, with full rejection planned for later enforcement phases.
How do I check if I comply with Google and Yahoo sender requirements?
Use our free Email Sender Compliance Checker tool. Enter your domain name and we'll instantly verify your SPF, DKIM, DMARC configuration, check alignment settings, verify TLS support, and give you a compliance percentage score with pass/fail for each requirement. No signup or test email needed.
What happens if I don't comply with bulk sender requirements?
Non-compliance can result in emails being sent to spam/junk folders, temporary delivery delays (4xx errors), rate limiting, or outright rejection (5xx errors). Google's enforcement has been progressively tightening since November 2025, and Microsoft began enforcement in May 2025. Once your domain is flagged as non-compliant, it can take weeks to rebuild reputation.
What is the difference between a bulk sender and a regular sender?
Google and Yahoo define a bulk sender as anyone who sends 5,000 or more emails in a single day to personal email accounts (@gmail.com, @yahoo.com). This classification is permanent, and once you hit the threshold, reducing volume doesn't revert it. Microsoft uses the same 5,000/day threshold for Outlook.com domains. All senders must meet basic authentication requirements, but bulk senders have additional requirements like one-click unsubscribe.
Do I need DMARC even if I send fewer than 5,000 emails per day?
Yes. While the strictest requirements apply to bulk senders (5,000+/day), Google recommends DMARC for ALL senders and has been progressively enforcing authentication requirements for everyone. Having DMARC protects your domain from spoofing regardless of volume and future-proofs your email deliverability as requirements tighten.
What DMARC policy do I need for compliance?
At minimum, you need a DMARC record with p=none (monitoring mode). However, for better security, Google recommends progressing to p=quarantine and eventually p=reject. A p=reject policy provides the strongest protection against domain spoofing and is required for BIMI (brand logo display in email clients).

Ready to check your compliance?

Enter your domain above and get instant results. No signup, no test email, no waiting. Our DNS-based checker validates everything in seconds.