Major Email Providers Implement New Policy to Block Emails

Email providers start to block email from companies without DMARC.

 

Two leading email service providers are now requiring businesses that send large numbers of emails to adopt DMARC, a security measure, to ensure safer email communication for their users.  Starting in February, both Google and Yahoo will begin to reject email from any company sending more than 5000 email messages a day unless that company has setup DMARC, and the associated DKIM and SPF services on their domains. DMARC is an important protocol that helps protect recipients from phishing attacks and other forms of email fraud.

 

With the recent changes by Google and Yahoo, it is more important than ever to enable DMARC on your own domains to ensure that your email is protected from unauthorised use. These two companies are the first to enforce these types of policies, but we expect others to follow and for the limits to be reduced until DMARC becomes a general requirement for all email.

 

What is DMARC, DKIM and SPF?

 

DMARC (Domain-based Message Authentication, Reporting, and Conformance):

DMARC builds on DKIM by adding an extra layer of protection. It acts like a set of rules for e-mail authentication. With DMARC, a sender can specify what actions should be taken if an e-mail fails the DKIM or SPF checks. It also provides feedback to the sender, letting them know if someone is trying to impersonate their domain. Essentially, DMARC helps prevent e-mail phishing and spoofing.

 

DKIM (DomainKeys Identified Mail):

Think of DKIM as a digital signature for e-mails. When someone sends an e-mail, DKIM adds a special code to the message that verifies the e-mail's authenticity. It's like putting a seal on a letter to ensure it hasn't been tampered with during delivery. This helps recipients know that the e-mail came from a legitimate sender and hasn't been altered in transit.

 

SPF (Sender Policy Framework):

SPF is a bit like a guest list for your email party. It tells email servers which computers are allowed to send emails on your behalf. If an email comes from a server not on your SPF list, it helps prevent others from pretending to send emails as if they're from you.

 

 

Why You Need Them: 

  • Security: DKIM and DMARC enhance the security of your e-mails. They protect against unauthorised access and tampering, ensuring that the e-mails you send and receive are from legitimate sources. 
  • Trustworthiness: In the age of phishing scams and fraudulent e-mails, having DKIM and DMARC in place helps build trust with your e-mail recipients. They can be confident that the e-mails claiming to be from you are indeed genuine. 
  • Reputation Management: E-mail providers and spam filters take DKIM and DMARC into account when deciding whether to deliver an e-mail to the inbox or mark it as spam. By implementing these authentication methods, you improve your e-mail sender reputation. 
  • Reducing Phishing: Phishers often try to trick people into thinking their e-mails are from reputable sources. DKIM and DMARC make it more difficult for them to impersonate your domains, reducing the likelihood that your recipients will fall victim to phishing attacks. 

 

How can I protect my email domains?

 

Kick can help to add protection to your domains across all the systems you use to send email such as Office 365, Mailchimp, HubSpot, and any other system that sends email on behalf of your organisation. Contact us for more information.