February 2024 marks an important change in DMARC rules from two of the largest email providers, Google and Yahoo. These changes will affect how email management and delivery works, and as a user of Rule, we want to make sure you are fully aware of what will happen and how we can help you smoothly adapt. In this blog post, we will discuss the new requirements from Google and Yahoo and how our Rule can help you comply with them.
What is DMARC and what changes?
DMARC is a technology that helps prevent email fraud and ensure that messages arrive as they should. When setting up DMARC, you can also choose 3 different security levels.
None (p=none): In this mode, emails are only monitored for authentication and no specific action is taken. This means that DMARC reports are generated and the domain owner can see which emails were authenticated on delivery and which were not. This level is often used as a first step to gain insight into how many emails do not meet the authentication requirements before moving on to more restrictive settings.
Quarantine (p=quarantine): In this mode, if an email does not meet the authentication requirements (such as SPF and DKIM), it will be marked as suspicious and delivered to the recipient’s spam folder. This in turn means that emails that are not authentic may reach the recipient, but they are most likely to end up in the spam folder.
Reject (p=reject): This is the most restrictive level where if an email does not meet the authentication requirements, it will be completely rejected and not delivered to the recipient. With this level, the domain owner ensures that only authentic emails reach the recipient’s inbox and potentially malicious or spoofed messages are completely blocked.
Here are the new things to remember:
- SPF/DKIM requirements: Both Google and Yahoo require emails sent from your domain to be verified with SPF and DKIM to ensure the authenticity of the sender.
- Reject policy: If your DMARC policy is set to “p=reject” and a message does not meet SPF/DKIM requirements, it will be rejected instead of being delivered to the recipient.
- Reporting: It is important to monitor DMARC reports to ensure that your email is not misused and that your messages are delivered as they should be.
- DNS reports: All domains, IP addresses and email addresses that send mail must have authorized DNS reports.
- Requirements for deregistration: Make it easy for your customers to unsubscribe with just one click. Sure, you may feel bad about losing a subscriber, but unsubscribing is always better than having your message marked as spam. Too much spam is bad for your reputation in email clients.
How can Rule help you adapt?
As a user of Rule, you can feel confident in using a powerful platform that is already (of course) prepared for the new DMARC requirements for email. Here is how Rule can help you:
SPF/DKIM support: Rule offers support for SPF and DKIM and we help you easily configure these security mechanisms for your email traffic. For best delivery, we recommend setting both. You can read about how to do it here!
DMARC policy management:Rule allows you to easily set and manage your DMARC policy, including choosing between “p=none,” “p=quarantine,” or “p=reject” depending on your needs.
What should you consider?
To ensure that your emails are not negatively affected by the new DMARC rules, here are some important tips:
- Check your SPF/DKIM settings: Make sure that your SPF/DKIM settings are correctly configured according to the guidelines provided by your email providers.
- Monitor DMARC reports: Regularly review DMARC reports to identify any problems and take action where necessary. You can review these reports at https://dmarcadvisor.com/.
- Adjust your DMARC policy carefully: If you use a “p=none” policy today, consider gradually increasing the level of security to avoid your emails being blocked in the future. However, it is important that you make sure that DMARC is set up correctly so that necessary domains are not blocked.
High security is important for BIMI!
Now you may wonder what BIMI (Brand Indicators for Message Identification) has to do with all this. BIMI is a new technology that allows you to have your logo next to your name in the email clients, providing a stronger identification of your brand to the recipients. Usually, a “P-reject” policy is required in order to use BIMI, and this is of course what we want everyone to strive for.
So, to be able to use BIMI and display your logo in the email clients, you need to maintain high security on your email. BIMI acts as a proof of strength for your brand. If you don’t have adequate security and your email is vulnerable to fraud, your logo may not appear next to your name and your brand may be damaged. and we don’t want that. Therefore, this is another reason for you to become a professional at SPF/DKIM/DMARC. It may not sound very flattering, but it is definitely the new black. *ha-ha*.
Rule is here for you and your deliverability
The new DMARC rules from Google and Yahoo are important for increasing email security. We are here to help you adapt to these changes and ensure that your email is delivered reliably and securely. Remember that high security is the key to both high deliverability and the ability to include your logo in the mail clients with BIMI. This will thus significantly strengthen your brand identification. WIN WIN!