This month Google and Yahoo introduced crucial changes to their email delivery requirements. For senders targeting individual Gmail accounts, particularly those exceeding 5,000 emails daily, Google mandates authentication measures. While Yahoo does not state a minimum sending requirement, it will align with Google’s criteria.

Requirements that are to be enforced:

  • Implementation of both SPF + DKIM
  • Sending with an aligned “From” domain in either the SPF or DKIM domains
  • Sending from a domain with a DMARC policy of at least p=none
  • Using a TLS connection for transmitting email
  • Valid forward and reverse DNS (FCrDNS)
  • One-click unsubscribe (RFC 8058)
  • Low spam reported rate

Full requirements can be found in Google’s help article.

What are the implications of non-compliance with Google and Yahoo’s email standards?

Failure to adhere to the new email standards set by Google and Yahoo could mean non-delivery to Gmail and Yahoo inboxes, affecting businesses relying on email communication.

These new requirements aim to fortify email security globally, emphasizing industry-acknowledged best practices. Safeguarding business reputation from phishing attacks is one of the top benefits of these changes. DMARC, now a steadfast requirement, blocks domain impersonation, providing control over email identity. Google emphasizes the validation of sender authenticity for enhanced email security.

Take action now: Reduce email phishing and ensure deliverability

Strong authentication with DMARC and Verified Mark Certificates (VMCs) is an important milestone for email users.

Entrust has been working with mailbox providers since June 2017 to create Brand Indicators for Message Identification (BIMI) with Verified Mark Certificates (VMCs), digital certificates that enable organizations to display their registered trademark logo in the avatar slot alongside outgoing emails in many mailboxes today. BIMI standards aim to make the email ecosystem more secure and engaging with DMARC (Domain-based Message Authentication, Reporting and Conformance) and VMCs.

VMCs help an organization’s emails stand out and get noticed in a crowded inbox while protecting them against fraud through DMARC’s anti-spoofing technology. Entrust also offers DMARC implementation services to help customers in their BIMI journey. Check if your domain is BIMI ready using this free online tool from our partner Red Sift.

As Google and Yahoo make email authentication mandatory, industry-wide adoption of these practices is crucial. Businesses can ensure compliance for improved email deliverability and overall security.