DKIM DMARC change to email security
A big thing is happening to email security, and it’s going to create delivery issues for some businesses.
Just as you don’t like getting unwanted emails, Google and Yahoo are sick of their platforms being used to send spam, phishing and malware. Unfortunately, some bulk email providers are not fully securing or configuring their systems to block cyber threats and spamming, which is undermining everyone’s mail security. So, as of 1 February 2024, Google and Yahoo are enforcing DKIM and DMARC protocols to improve and tighten security for their users.
These changes will immediately affect companies that send more than 5,000 emails per day. However, this is only the first step in enforcing more stringent requirements for all emails. It’s important you give permission to your IT Provider to implement these standards before your emails get quarantined or blocked.
Email security – protecting yourself from unwanted and malicious emails – relies on being able to validate a sender is who they claim to be!
In Google’s words, “As basic as it sounds, it’s still sometimes impossible to verify who an email is from given the web of antiquated and inconsistent systems on the internet” (refer ‘Focus on email validation’).
Google (Gmail) and Yahoo are mandating new authentication requirements to keep inboxes safer and free from unsolicited mail. If you send or receive emails from Gmail accounts, these changes will impact you sooner or later: emails not meeting their new standards will be blocked!
These new frameworks – DKIM and DMARC – are quickly becoming the industry standard for anyone wanting to work safely online.
Greater email security
Communicating safely online depends on identifying legitimate emails from unauthorised or malicious mail. Which means, verifying a sender really is who they say they are!
Until now, Sender Policy Framework (SPF) has been an industry standard for authenticating emails. Unfortunately, its effectiveness has rapidly diminished, reducing email security and hurting business productivity.
- DomainKeys Identified Mail (DKIM) and
- Domain-based Authentication, Reporting and Conformance (DMARC)
are the new frameworks overtaking SPF as email security best practice. Google and Yahoo are enforcing use of these frameworks to “close loopholes exploited by attackers that threaten everyone who uses email”. Marcel Becker, Senior Director at Yahoo, has stated: “No matter who their email provider is, all users deserve the safest, most secure experience possible… In the interconnected world of email, that takes all of us working together. Yahoo looks forward to working with Google and the rest of the email community to make these common sense, high-impact changes the new industry standard.”
What is DKIM and DMARC, and how do they work to protect you?
DKIM (DomainKeys Identified Mail)
Individual email security – DKIM protects indivdual users. It adds an authorised sender signature to your emails, giving them a high-security score and delivery certainty*.
*All emails are given a security score as a means to establish legitimacy. Any anomalies in sender or receiver details causes a message to be quarantined as spam.
DMARC (Domain-based Message Authentication, Reporting and Conformance
Company-wide email security – DKIM protects the reputation of your company domain name. Firstly, it specifies which mail servers are authorised to send mail on behalf of your business and, secondly, what to do with messages that fail authentication. DMARC blocks unauthorised and malicious emails such as BECs (business email compromise attacks), phishing and emails scams from being sent using your domain name.
As well as ensuring authorised emails get delivered, these new frameworks will protect businesses from suffering financial loss and data leakage.
In summary, DKIM and DMARC are creating a tighter network of security checks and protection to enable legitimate businesses and Firms to send and receive emails safely.
Two key benefits to your business from DKIM and DMARC:
- Mail delivery certainty: authenticated individual user emails won’t get blocked or held up in quarantine (DKIM); and
- Protects your company reputation: unauthorised or malicious entities won’t be able to use your company domain name to deceptively attack other businesses (DMARC).
itro has already implemented DKIM and DMARC across our user mailboxes and email servers. We highly recommend you do the same as soon as practical.
Please email [email protected] or call us if you have any questions or would like us to set up DKIM and DMARC across your email systems.