Skip to content
  1. Abion
  2. /
  3. Insights & News
  4. /
  5. February 2024: New Google and Yahoo email requirements

February 2024: New Google and Yahoo email requirements

  • Websecurity
Gmail mobile

Image: Solen Feyissa on Unsplash  

Email giants Google and Yahoo have announced that they are implementing stricter requirements for senders of mass emails. With these new conditions, which will take effect on 1 February 2024, they expect to keep more spam messages out of users' inboxes.

New Google and Yahoo email requirements

Starting 1 February, Gmail will require email authentication to be in place when sending messages to Gmail accounts. The requirements differ depending on the amount of emails you send, and will most likely affect  your email marketing. 

All senders need to:

  • Have email authentication: Implementing a solution like Email Compromise Protection (ECP) is a crucial step in preventing threat actors from falsely representing your organisation in emails. When unchecked, this tactic, known as domain spoofing, empowers cyber criminals to misuse sending domains for malicious cyber attacks. It's a vital defence against such risks.

  • Maintain low spam rates: If the rate at which recipients mark your messages as spam exceeds the new 0.3% threshold, there's a risk of your messages being blocked or routed directly to the recipients' spam folders.
ai tech 1066×600

Consequences of missing the deadline

If your company relies on email to communicate with your customers and you don’t implement email authentication by 1 February, these changes are going to significantly impact the deliverability of your messages to customers with Gmail and Yahoo accounts.

Get prepared for the new requirements now

To meet the new requirements you need need to implement Email Compromise Protection (ECP). Start with a Email Deliverability Assessment with one of our experts, the analyse will lay the groundwork for a tailored implementation plan.

Secure your email sendouts now

If you send more than 5,000 emails

If you’re company is sending more than 5,000 emails per day you will need to meet more requirements:

  • Sending to Gmail or Yahoo, you must have Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication methods implemented.
  • You’ll need to have a DMARC record in place
  • Messages must pass DMARC alignment. 
  • Make it easy for recipients to unsubscribe (one-click unsubscribe)

What is Email Compromise Protection?

Our Email Compromise Protection (ECP) effectively protects your organization against email frauds, whilst also protecting your customers and suppliers. This service, along with a VMC certificate, will make you both meet the new requirements from Google and Yahoo, as well as showing your logotype in your customer's inbox.

Background: The Rising Threat

According to the FBI's IC3 report, Business Email Compromise (BEC) incidents have surged by a staggering 81% recently, marking a concerning 175% increase over the past two years. In parallel, reported phishing attacks hit a staggering 255 million, underscoring the growing vulnerability of victims of digital communications from malicious actors.

Abion welcomes Bridgepoint as a new majority owner

BEC involves cyber criminals impersonating legitimate entities to deceive employees into transferring funds or sharing sensitive information. The alarming surge in these attacks has prompted major email service providers like Google and Yahoo to bolster their defences.

4 benefits with our service for Email Compromise Protection

  • Comprehensive Defense with Expert Guidance: Our Email Compromise Protection (ECP) service not only fortifies your email infrastructure but also provides expert guidance to ensure precise configuration. This guidance minimizes the risk of misconfigurations that might inadvertently relegate legitimate emails to the trash bin.
  • Mitigating Mistakes: One of the key advantages of our service is the meticulous support provided during the setup phase. Our experts assist in configuring the system accurately, reducing the chances of misalignments among SPF, DKIM, and DMARC protocols. This meticulous approach minimizes false positives, ensuring that legitimate emails aren’t mistakenly flagged as fraudulent.
  • Project Management Integration: Implementing ECP isn't just about technicalities; it's a comprehensive project. Our service extends beyond mere setup by integrating project management methodologies. This approach ensures seamless integration into your existing infrastructure without disruptions, guaranteeing a smooth transition while enhancing your email security.
  • Alerts & Reporting: Monitoring supervises your email flow, enabling early detection of any emails failing SPF/DMARC/DKIM checks. This significantly reduces troubleshooting time and sends alerts for irregularities, such as when a new system sends non-compliant emails. It also notifies you if your SPF record becomes invalid or includes too much data, providing the closest level of proactive monitoring achievable.
marcus.wessberg-3

Author

Marcus Wessberg

Technical Solutions Specialist

Get an Email Deliverability Assessment

Contact us for more information about your email setup. 

Related read

ACME Protocol guide
Automating Certificate Management with ACME: What You Need to Know
Firstpage
Insights & News
Okategoriserad
Websecurity
Lyko
Phishing
The ACME protocol brings automation and standardization to certificate management, helping organisations securely...
Läs mer
Password and Digital Hygiene
Digital Hygiene for Organisations
Firstpage
Insights & News
Websecurity
Lyko
Phishing
Recent large-scale data breaches, including the 2025 exposure of billions of login credentials, highlight the ongo...
Läs mer

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At Abion AB, corp. ID no. 556633-6169, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data