Email Dispatch 2024: Google & Co. tighten their policies
2024 is on the horizon, and with it comes a significant turn in the world of email security. Google and Yahoo are tightening their email policies to counteract the ever-increasing problem of email spoofing and phishing. DMARC is now becoming a necessity in addition to SPF or DKIM.
Ing. Philipp Doblhofer
To take a stronger stance against email spoofing, spam, and the like, email providers will further tighten their email policies for proper receipt in the future. For several months now, Google’s Gmail1 has been checking upon receipt of emails from new senders whether a correct SPF or DKIM entry is present, which should protect the email dispatch. Yahoo demands the same2. Now, starting February 2024, another step follows:
For proper dispatch to Gmail accounts1, as well as Yahoo3, it will be necessary to have a DKIM entry for one’s own email domain registered, so that receipt is accepted. This will only be necessary if more than 5000 emails per day are sent to Gmail or Yahoo accounts. However, it is assumed that this threshold will gradually be lowered to make spam and phishing attempts more difficult - because even without this necessity from Google and Yahoo, it makes sense to implement such email measures to protect oneself from misuse of one’s own email domain.
But what exactly are SPF, DKIM, and DMARC? In short, SPF entries specify from which servers email dispatch should be allowed. DKIM allows public keys to be deposited. The own email server digitally signs the emails with the corresponding private key. This can be used to check if the mail comes from an authorized mail server. DMARC specifies how to handle mails that violate these SPF and DKIM policies and offers the possibility of reports.
Details can also be found in one of our earlier articles.