A recent incident with a client highlighted a crucial issue: emails sent to yahoo.com and aol.com addresses were not being delivered. Our investigation revealed the root cause - the presence of two SPF records, leading to email providers marking these emails as spam. This problem stems from the updated email delivery requirements announced by Yahoo and Gmail on October 3, 2023. These requirements are intended to improve the security and quality of email communication and to protect users from spam and phishing attacks. Yahoo's changes are already in effect, while Google's updates will commence on February 1st. This could affect ANY email platform, not just the Microsoft 365 Exchange & Outlook combo that most of us use.
The main changes to the requirements are as follows:
Email senders must authenticate their emails using a combination of SPF, DKIM, and DMARC, which are protocols that verify the identity and integrity of the sender and the message.
Email senders must comply with the latest email security standards, such as TLS, which encrypts the email content and prevents eavesdropping and tampering.
Emails that fail to meet these requirements will be rejected or marked as spam by Yahoo and Gmail. Senders who repeatedly violate these policies will face penalties such as lower sender reputation, reduced deliverability, and even blacklisting.
These updates are crucial for maintaining positive relationships with subscribers and customers, protecting brand reputation, and ensuring revenue. Email remains a vital channel for marketing, sales, and customer service, and emails must reach their intended recipients without being blocked or filtered by providers.
To prepare for the new requirements, email senders should take the following steps
Check the current status of their email authentication and security using tools such as Google Postmaster Tools, Yahoo Postmaster Tools, MX Toolbox, and DMARC Analyzer.
Set up SPF, DKIM, and DMARC for their domain and monitor the reports and feedback from the email providers.
Update their email security standards and enable TLS for their email connections.
Test their email deliverability and performance using tools such as Litmus, Email on Acid, and Mail Tester.
By taking these steps, email senders can align with the new requirements, and avoid any negative consequences. This proactive approach also enhances email quality, and security, and strengthens trust and engagement with subscribers and customers.
Article by: Hector Perez, Senior Modern Work and Security Architect at JourneyTEAM