Crystal Ball 2026: Where Email Marketing Is Heading This Year

Before I started writing this article I wanted to go back and see what my predictions were last year. Was I even remotely close? But then I figured it doesn’t really matter because I must have mentioned the Yahoogle kicking in this year in full force. And it did – to my surprise much later than I expected.

If you had asked me last year I would have expected Gmail going all-in on the authentication requirements in May, June the latest, not November. Simply because timing matters and enforcing during off-season would definitely cause less friction with the senders and help the overall adoption readiness.

I would have guessed that after all the trouble Microsoft caused across the internet in the past 20 years, they had learned their lesson. But that’s not the case - they are still fully committed to breaking standards, reinventing the wheel and making everyone’s life miserable. And the way they followed up on Yahoogle’s email authentication was no different - reinterpreting the standards in the worst possible ways.

But enough of the review and let’s read some tea leaves, polish up that crystal ball and check out some intestines (wondering which one is most accurate).

A lot of progress has been done in the email authentication space this year. I don’t have the exact numbers but according to some sources it was a 75% growth in DMARC adoption between 2023 and 2025. This alone should make me enthusiastic but I expect that most of these new DMARC deployments will have no security policy and a significant portion won’t even have a reporting address set. That very much undermines the whole point of having DMARC in the first place.

But all is not lost - proper email authentication and its enforcement shines more light on bad actors. It allows the receivers to fight them more efficiently - making our mailboxes a safer place. And that to me is the key step I have seen in the past year and expect to have a major impact in 2026. Mailbox providers will be better at protecting mailboxes not only from the spammiest spam (the bulk carpet bombing), but the nastiest spam as well - the low volume, highly targeted cold mails, scams and phishing emails. It is the light of email authentication that lights these emails up and puts them into context with regular wanted email.

And it won't stop there - the email authentication deployment push is not over. Yahoogle and others will be pushing harder and will be looking at requiring DMARC enforcement soon. 2026 is not likely to be the year of DMARC with quarantine policy, but it’s not as far out in the future as it may seem.

You better get back to reading all your favorite email delivery/deliverability blogs If you did a quick DMARC record deployment just to “meet the requirements”. You will be needing those DMARC aggregate reports soon to get your DMARC to enforcement and that means getting a RUA in place and start the actual work on the email authentication deployment and monitoring.

Not because I say so based on tea leaves, but because the Yahoogle requirements are real and on an organizational domain level. If you thought you are good with having your subdomain set up by your ESP then you were wrong. I had the first hand experience of seeing how a simple mistake in DKIM setup can seriously ruin one year worth of work on DMARC deployment and domain reputation.

Mailbox providers need the legitimate senders to get their ducks in a row across all their sending platforms and channels to be able to see the bad actors better. And if legitimate senders don’t comply then they will rightfully be treated as bad actors. There is no court and jury for good deliverability - it’s all about following best practices and the recipient’s engagement. The recipient will be your judge.

The providers have been doing a great job at providing guidance to everyone during this transition because in 2026 we will see some more. First it should be a minor transition from DMARC to DMARCbis - a newer, clearer, backward compatible DMARC. Most won’t have to do a thing, some will get to simplify their records or understand better how they work. Overall I expect this to be a very smooth sail but still a very important change.

The BIG one will come in the form of DKIM2. It’s a new standard of email authentication that will incorporate a lot of the stuff the industry has learned over the past 20 years. It will supersede not only DKIM, but also ARC, address replay issues, forwarding issues and many other problems that exist in the current email authentication processes.

DKIM2 will be a major upgrade that will take years but everyone is hopeful of the positive impact. The deployment will require technical changes in both sending and receiving infrastructures, but will bring an unprecedented transparency to email flows and authentication. It will hopefully make SPF obsolete as that is the one standard people struggle with the most. It will make the bad actor’s life much harder. It will make email safer and more resilient.

You should not fear 2026 though - email is NOT dying and it is here to stay. We will all have to make sure that our email efforts on all levels - from infrastructure to content are top notch. You won’t be able to get your objectives done unless you follow the rules and best practices. Not only in marketing but overall. You’ll just have to do it right.