Abion / Blog / February 2024: New Google and Yahoo email requirements
Gmail mobile

Image: Solen Feyissa on Unsplash  

Email giants Google and Yahoo have announced that they are implementing stricter requirements for senders of mass emails. With these new conditions, which will take effect on 1 February 2024, they expect to keep more spam messages out of users' inboxes.

New Google and Yahoo email requirements

Starting 1 February, Gmail will require email authentication to be in place when sending messages to Gmail accounts. The requirements differ depending on the amount of emails you send, and will most likely affect  your email marketing. 

All senders need to:

  • Have email authentication: Implementing a solution like Email Compromise Protection (ECP) is a crucial step in preventing threat actors from falsely representing your organisation in emails. When unchecked, this tactic, known as domain spoofing, empowers cyber criminals to misuse sending domains for malicious cyber attacks. It's a vital defence against such risks.

  • Maintain low spam rates: If the rate at which recipients mark your messages as spam exceeds the new 0.3% threshold, there's a risk of your messages being blocked or routed directly to the recipients' spam folders.
ai tech 1066×600

Consequences of missing the deadline

If your company relies on email to communicate with your customers and you don’t implement email authentication by 1 February, these changes are going to significantly impact the deliverability of your messages to customers with Gmail and Yahoo accounts.

Get prepared for the new requirements now

To meet the new requirements you need need to implement Email Compromise Protection (ECP). Start with a Email Deliverability Assessment with one of our experts, the analyse will lay the groundwork for a tailored implementation plan.

Secure your email sendouts now

If you send more than 5,000 emails

If you’re company is sending more than 5,000 emails per day you will need to meet more requirements:

  • Sending to Gmail or Yahoo, you must have Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication methods implemented.
  • You’ll need to have a DMARC record in place
  • Messages must pass DMARC alignment. 
  • Make it easy for recipients to unsubscribe (one-click unsubscribe)

What is Email Compromise Protection?

Our Email Compromise Protection (ECP) effectively protects your organization against email frauds, whilst also protecting your customers and suppliers. This service, along with a VMC certificate, will make you both meet the new requirements from Google and Yahoo, as well as showing your logotype in your customer's inbox.

Background: The Rising Threat

According to the FBI's IC3 report, Business Email Compromise (BEC) incidents have surged by a staggering 81% recently, marking a concerning 175% increase over the past two years. In parallel, reported phishing attacks hit a staggering 255 million, underscoring the growing vulnerability of victims of digital communications from malicious actors.

Abion welcomes Bridgepoint as a new majority owner

BEC involves cyber criminals impersonating legitimate entities to deceive employees into transferring funds or sharing sensitive information. The alarming surge in these attacks has prompted major email service providers like Google and Yahoo to bolster their defences.

4 benefits with our service for Email Compromise Protection

  • Comprehensive Defense with Expert Guidance: Our Email Compromise Protection (ECP) service not only fortifies your email infrastructure but also provides expert guidance to ensure precise configuration. This guidance minimizes the risk of misconfigurations that might inadvertently relegate legitimate emails to the trash bin.
  • Mitigating Mistakes: One of the key advantages of our service is the meticulous support provided during the setup phase. Our experts assist in configuring the system accurately, reducing the chances of misalignments among SPF, DKIM, and DMARC protocols. This meticulous approach minimizes false positives, ensuring that legitimate emails aren’t mistakenly flagged as fraudulent.
  • Project Management Integration: Implementing ECP isn't just about technicalities; it's a comprehensive project. Our service extends beyond mere setup by integrating project management methodologies. This approach ensures seamless integration into your existing infrastructure without disruptions, guaranteeing a smooth transition while enhancing your email security.
  • Alerts & Reporting: Monitoring supervises your email flow, enabling early detection of any emails failing SPF/DMARC/DKIM checks. This significantly reduces troubleshooting time and sends alerts for irregularities, such as when a new system sends non-compliant emails. It also notifies you if your SPF record becomes invalid or includes too much data, providing the closest level of proactive monitoring achievable.
marcus.wessberg-3

Author

Marcus Wessberg

Technical Solutions Specialist

Get an Email Deliverability Assessment

Contact us for more information about your email setup. 

Related read

Insights Microsoft Defense Report

Key Takeaways from the “Microsoft Digital Defense Report 2024”

Domain Management
Websecurity
English
DDOS attack
Domain Hijacking
Phishing
21, November 2024
From the rise of sophisticated ransomware to the increasing use of AI by both attackers and defenders, the report...
Cousin domains

Watch Out for the Black Sheep of the family: Defending Yourself Against Cousin Domain Attacks

Websecurity
English
9, January 2024
Cousin domain attacks are a type of domain spoofing or impersonation attack that can deceive unsuspecting users an...

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number 556633-6169 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data