Do you feel like fighting spam in your email inbox is a never-ending battle? Two major email providers – Gmail and Yahoo – are raising the email authentication requirements in hopes of combating the ongoing fight against spam. As of February 1, 2024, anyone sending an email to a Gmail or a Yahoo (including AOL) email address will need to have valid DNS records in place to ensure email authentication. If these records are not in place, Google or Yahoo may choose to drop the email and not warn the sender of this – in short, the email will not reach its recipient, and you, the sender, will not be notified.
What Does This Mean for Email Senders?
The new email requirements may result in less spam in people’s inboxes, but they also will require users to have up-to-date and valid DMARC records in your email settings.
Any individual or company that uses email addresses incorporating a company domain name will need to verify they have valid DNS records for email authentication in place in their domain’s DNS. For example, our staff uses @corporateconversions.com in our email addresses, and we have verified that our DNS records are correct.
At a minimum, every company should ensure that it has valid SPF and DKIM records added to its domain’s DNS records. If your company sends a large number of emails – for example, newsletters or order confirmations – you’ll want to do more than just checking your SPF and DKIM for validity.
What is SPF?
Sender Policy Framework (SPF) is a method of authenticating the sender of an email. An SPF record is a TXT record added to your domain’s DNS that contains a list of domains or IP addresses that are allowed to send email on behalf of your domain. If your email is set up using Google Workspace, for example, you’ll want to verify that your SPF record includes the following, at a minimum:
v=spf1 include:_spf.google.com ~all
Each email service provider requires that a different “include” statement, called a mechanism, be included within the SPF record. If you use an authentication service such as Mailgun or Sendgrid, they will also have an “include” statement that you’ll add to your SPF record. Other more complicated mechanisms may involve including an IP address or authorizing a domain name.
Unfortunately, it will be your responsibility to determine that you are including the correct mechanisms for any service you may use. There is also a limit to the number of mechanisms that can be added, so if you aren’t sure if your SPF is up to par, reach out to your IT person or email administrator. They will be able to validate your SPF record for you and ensure it contains all necessary “include” statements.
What is DKIM?
DKIM, or DomainKeys Identified Mail, is a method of email authentication which is designed to detect when an email has a forged sender address – something commonly known as “spoofing.” Spoofed emails include spam and phishing emails, such as those purporting to be from Amazon or a banking institution, which often encourage recipients to click a button or link in the email and log in to their personal accounts. DKIM records help to mark those emails as spam.
DKIM allows for an electronic “signature” of sorts and verification of that signature along the delivery route – an example would be a spoofed email from Amazon. The sender identifies the email as being sent from Amazon, but the DKIM signature doesn’t match the known signature for the amazon.com email domain. In these cases, the email provider is able to determine the email is likely not legitimate and will send it to your spam folder.
Having proper DKIM records set up on your email domain also allows you to build your domain’s reputation as one of a valid sender and not a sender of spam. Building a reputation as a sender of legitimate emails is very important as this helps an ISP determine whether to deliver an email to an inbox or mark it as spam.
Services such as Sendgrid and Mailgun will clearly show you your Sender Reputation score in your account dashboard, and this can help you to maintain a clean reputation of email sending. Additionally, online tools such as the Google Postmaster Tools web page will also allow you to check your domain’s reputation.
SPF and DKIM together are not the entire story, but ensuring that these two records are added to your domain correctly are a good first step in ensuring your emails reach their destination promptly and without being treated as spam.
