21, January 2024
February 2024: New Google and Yahoo email requirements
Image: Solen Feyissa on Unsplash
Email giants Google and Yahoo have announced that they are implementing stricter requirements for senders of mass emails. With these new conditions, which will take effect on 1 February 2024, they expect to keep more spam messages out of users' inboxes.
New Google and Yahoo email requirements
Starting 1 February, Gmail will require email authentication to be in place when sending messages to Gmail accounts. The requirements differ depending on the amount of emails you send, and will most likely affect your email marketing.
All senders need to:
-
Have email authentication: Implementing a solution like Email Compromise Protection (ECP) is a crucial step in preventing threat actors from falsely representing your organisation in emails. When unchecked, this tactic, known as domain spoofing, empowers cyber criminals to misuse sending domains for malicious cyber attacks. It's a vital defence against such risks.
- Maintain low spam rates: If the rate at which recipients mark your messages as spam exceeds the new 0.3% threshold, there's a risk of your messages being blocked or routed directly to the recipients' spam folders.
Consequences of missing the deadline
If your company relies on email to communicate with your customers and you don’t implement email authentication by 1 February, these changes are going to significantly impact the deliverability of your messages to customers with Gmail and Yahoo accounts.
Get prepared for the new requirements now
To meet the new requirements you need need to implement Email Compromise Protection (ECP). Start with a Email Deliverability Assessment with one of our experts, the analyse will lay the groundwork for a tailored implementation plan.
If you send more than 5,000 emails
If you’re company is sending more than 5,000 emails per day you will need to meet more requirements:
- Sending to Gmail or Yahoo, you must have Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication methods implemented.
- You’ll need to have a DMARC record in place
- Messages must pass DMARC alignment.
- Make it easy for recipients to unsubscribe (one-click unsubscribe)
What is Email Compromise Protection?
Our Email Compromise Protection (ECP) effectively protects your organization against email frauds, whilst also protecting your customers and suppliers. This service, along with a VMC certificate, will make you both meet the new requirements from Google and Yahoo, as well as showing your logotype in your customer's inbox.
Background: The Rising Threat
According to the FBI's IC3 report, Business Email Compromise (BEC) incidents have surged by a staggering 81% recently, marking a concerning 175% increase over the past two years. In parallel, reported phishing attacks hit a staggering 255 million, underscoring the growing vulnerability of victims of digital communications from malicious actors.
BEC involves cyber criminals impersonating legitimate entities to deceive employees into transferring funds or sharing sensitive information. The alarming surge in these attacks has prompted major email service providers like Google and Yahoo to bolster their defences.
4 benefits with our service for Email Compromise Protection
- Comprehensive Defense with Expert Guidance: Our Email Compromise Protection (ECP) service not only fortifies your email infrastructure but also provides expert guidance to ensure precise configuration. This guidance minimizes the risk of misconfigurations that might inadvertently relegate legitimate emails to the trash bin.
- Mitigating Mistakes: One of the key advantages of our service is the meticulous support provided during the setup phase. Our experts assist in configuring the system accurately, reducing the chances of misalignments among SPF, DKIM, and DMARC protocols. This meticulous approach minimizes false positives, ensuring that legitimate emails aren’t mistakenly flagged as fraudulent.
- Project Management Integration: Implementing ECP isn't just about technicalities; it's a comprehensive project. Our service extends beyond mere setup by integrating project management methodologies. This approach ensures seamless integration into your existing infrastructure without disruptions, guaranteeing a smooth transition while enhancing your email security.
- Alerts & Reporting: Monitoring supervises your email flow, enabling early detection of any emails failing SPF/DMARC/DKIM checks. This significantly reduces troubleshooting time and sends alerts for irregularities, such as when a new system sends non-compliant emails. It also notifies you if your SPF record becomes invalid or includes too much data, providing the closest level of proactive monitoring achievable.
Author
Marcus Wessberg
Technical Solutions Specialist
Get an Email Deliverability Assessment
Contact us for more information about your email setup.