Yahoo & Google's new sender requirements start Feb 1st 2024. Here's what you need to do.
Starting February 1st 2024, all domains must be authenticated and implement a policy (security measures) to prevent people trying to impersonate you by spoofing your email address and sending emails under your name.
This has been recommended for ages but is now becoming a requirement so you should act now in order to help your email deliverability.
Who does it apply to?
At the moment this applies to people who send 5000 emails per day, but our advice is for everyone to take action now. We are sure this will come into effect for everyone soon, Google and Yahoo are probably just rolling it out. Adding it now will be beneficial as it helps stop your genuine emails being caught in spam.
The change coming in means that those with a custom domain (eg @bizinkonline.com or @abcaccountants.com) must now have a DMARC DNS policy in place.
There are currently no rules as to what the policy has to be, our recommendation is below.
When an email server (eg Gmail or Yahoo) receives an email, they do spam checks. I’m sure you know they check the content of the email but they also verify who sent the email and they check, is the person who sent that email allowed to send that email from that address?
There’s a couple of records at play here.
An SPF record checks are they allowed to send from that address
And a DMARC record says what is the policy if they aren’t allowed (eg block them, quarantine the email, do nothing etc).
The receiving server then looks at the custom domain's policy (eg @abcaccountants.com) and sees what is their policy for handling emails that fail these checks?
That policy then dictates what the receiving server will do with it. Eg Quarantine/Spam, Delete/Reject, Do nothing.
So what’s changing?
You now need to have a policy. The policy could just be p=none which means do nothing.
However, at Bizink our recommendation would be quarantine which means your policy tells the receiving server to mark it as spam.
The first step is to check if you currently have a policy or not. There’s a free online tool here which allows you to do a lookup and see if you have a policy.
If you don't comply, you will get a red ! mark like below.
If you do comply you should get a string of smiley faces like the below
What to do next?
If you have IT people, contact them and ask them to add a DMARC record of v=DMARC1; p=quarantine
If you don’t have IT people, we can provide you with some guidance on what to do, but please note we don’t actively support this, it’s not really what we do here at Bizink we just want to advise you as it will affect your deliverability.
Email us at support@bizinkonline.com if you have any questions and we will try to help.
Watch our client insights session for an explanation of this (starts at 4:25)