How do I check if I'm compliant?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

You've set up SPF, DKIM, and DMARC, you've got an unsubscribe link in your footer, and you're pretty sure you're compliant with Gmail and Yahoo's 2024 requirements. But how do you actually know? Checking off the list yourself is one thing. Getting confirmation from tools that your emails see the same thing mailbox providers see is another.

Here's a practical walkthrough of what to check and how.

Step 1: Check your authentication records

Use our free SPF Checker to confirm your SPF record exists, parses correctly, and includes your sending sources. Do the same for DKIM with our DKIM Record Lookup. For DMARC, use our DMARC Generator to verify your policy is set and pointed at a reporting address. All three need to pass, not just exist.

Step 2: Send a test email and read the headers

Send a message to a Gmail or Yahoo address you control. Open the email, find the original message headers (in Gmail, click the three-dot menu and choose "Show original"). You're looking for three lines that say PASS next to SPF, DKIM, and DMARC. If any of those say FAIL or NEUTRAL, you've found your gap. Our Email Header Analyzer makes this easier if reading raw headers isn't your idea of a good time.

Step 3: Verify your unsubscribe setup

Look at those same headers for a List-Unsubscribe tag and a List-Unsubscribe-Post tag. If both are present, one-click unsubscribe is working. If only the first is there without the second, you're not meeting the one-click unsubscribe requirement. Also manually click the unsubscribe link from a test send to make sure it actually unsubscribes someone within 2 days.

Step 4: Monitor your complaint rate

Register your domain with Gmail Postmaster Tools if you haven't already. This is free and gives you a live view of your spam complaint rate. The threshold you're staying under is 0.10% for safe territory. Anything above 0.30% puts you at real risk of deliverability problems. Yahoo Mail has its own sender portal with similar reporting. Both are worth checking at least weekly if you send regularly.

Step 5: Check if you're on any blocklists

Even a perfectly configured domain can land on a blocklist after a spam complaint spike. Use our free Blocklist Checker to scan your sending domain and IP. If you're listed somewhere, that's worth fixing before anything else.

What does passing actually look like?

  • SPF, DKIM, and DMARC all show PASS in email headers
  • DMARC policy is at least p=none with a reporting address set
  • List-Unsubscribe and List-Unsubscribe-Post headers are present in outbound mail
  • Spam complaint rate in Postmaster Tools is below 0.10%
  • Domain is not listed on major blocklists
  • Sending domain is aligned between your From address and your DKIM signature

If any of these aren't checking out, the consequences of non-compliance are real and can move fast. If you're stuck on a specific failure, our SOS hotline is free and doesn't come with a sales pitch.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Run my compliance audit

I want to run a compliance audit on my email setup. My sending domain is your domain, I use your ESP, and I send to Gmail/Yahoo/Microsoft/all three. Walk me through exactly what to check, what tools to use, and what passing looks like for each requirement. Flag anything that might look compliant on the surface but still cause deliverability problems.

Edit the yellow boxes, then send to the AI of your choice.