Mon – Fri: 08:00am – 5:00pm, Sat-Sun: Closed

PC Madness Team

PC Madness Team

New Email Sender Requirements for DMARC, SPF, AND DKIM at Google and Yahoo

Facebook
Twitter
LinkedIn

Google and Yahoo announced in October 2023 that starting early in 2024, bulk senders will be subject to more stringent requirements for authentication of the mail sent to these two mailbox providers.

Yahoo and Google timeline

Specifically, they’re requiring that bulk senders use domains that have DMARC policies in place, and while that requirement is straightforward, some other requirements around this are causing quite a bit of confusion, so we thought we’d clear them up here.

Google’s requirements for bulk senders include these bullet points:

  • Set up DMARC email authentication for your sending domain. Your DMARC enforcement policy can be set to none. Learn more
  • Set up SPF and DKIM email authentication for your domain.
  • For direct mail, the domain in the sender’s From: header must be aligned with either the SPF domain or the DKIM domain. This is required to pass DMARC alignment.

Google Requirements

So, which is it? Do you need SPF and DKIM or just SPF or DKIM?

The answer, believe it or not, is both.

Set Up SPF and DKIM Email Authentication For Your Domain

For the purposes of our discussion (and for the purposes of the new Google and Yahoo requirements), “your domain” is the domain you’ll be using in the visible From: header of your emails. The directive is to set up SPF and DKIM email authentication for your domain, which means that:

  • Your mail must be sent with a Return-Path (or bounce) domain for which an SPF record exists
  • Your mail must be DKIM signed

So that covers SPF and DKIM, but what about SPF or DKIM?

From: Header Must Be Aligned With Either the SPF Domain or the DKIM Domain

DMARC is built on the two email authentication protocols, SPF and DKIM, and DMARC is designed to authenticate the use of the domain in the visible From: header of an email message. Since its release in 2014, DMARC has always required that either SPF pass and the SPF domain align with the From domain or that DKIM pass and the DKIM signing domain align with the From domain. 

With these new policies, Google and Yahoo aren’t changing DMARC’s requirement for a pass verdict; either the SPF domain or the DKIM domain must align, just as it’s always been for DMARC.

LEARN MORE ABOUT DMARC

DMARC Best Practices

Even though DMARC only requires an aligned pass for SPF or DKIM, it’s long been a best practice that messages sent with From domains with published DMARC policy to do so with both SPF and DKIM aligned if possible. 

This “belt and suspenders” approach is meant to mitigate the risk of failures due to DNS hiccups, breakage due to forwarding, and other blips that might cause one authentication method to fail, but not the other. Implementing the best practice here and having both align is a way, and arguably the best way, to meet the Google requirements discussed above.

Unsure of whether or not your SPF and/or DKIM are aligned? Use Valimail Align to view and update your sending domain.

CHECK YOUR COMPLIANCE

By Valimail

More to explorer

pcmadness xmas blog

PC Madness Christmas Catalogue 2023

PC Madness Christmas Catalogue 2023
Christmas time is fast approaching and we have some great deals for you. If you run a business why not make use of the Instant tax write off for small businesses. Instant tax write-off extended for 2023.

Have you Any Question?

PC Madness Offer

Issue with your PC?

Hover here...

10% Off your Service! Mention this code below to our staff;

BLOGPCM10%


*valid till end of Feb2024
** Excludes parts and software

© 2020 PC Madness PTY LTD  All rights reserved

PC Madness Trading Hours​

Monday: 8:00am – 4:00pm

Tuesday: 8:00am – 4:00pm

Wednesday: 8:00am – 4:00pm

Thursday: 8:00am – 4:00pm

Friday: 8:00am – 4:00pm

Saturday: CLOSED

Sunday: CLOSED

Public Holidays: CLOSED

stay informed!

Subscribe to receive exclusive content and notifications