Knowledge Base
New Authentication Requirement by Google
Starting from February 1, 2024, Google will implement a new set of guidelines for bulk email senders. This move is to provide additional security measures against email threats, such as email spoofing and spam. According to the new rules, email senders who are sending more than 5,000 messages per day to Gmail accounts must follow the new authentication requirements outlined in this article. Adhering to these guidelines will ensure that email delivery to and from email platforms remains smooth and uninterrupted.
Google External Help Center
This article will discuss the following topics:
- Complying with the New Authentication Requirement
- Related articles and topics
For All Email Senders
To create a secure email environment, it is critical to take proactive steps to reduce the risks associated with hazardous and unsolicited emails. Whether you work for a major organization or a small firm, everyone must follow these guidelines:- Implement SPF or DKIM records: Setting up SPF or DKIM records for your domain will help prevent email spoofing and improve security.
- Validate DNS records: Ensure that your IP addresses or sending domains have proper forward and reverse DNS records (rDNS) so that the sending hostname is accurately translated to the sending IP address.
- Use TLS encryption: Using Transport Layer Security (TLS) connections to send emails can improve privacy and security. Setting up TLS is simple with Google Workspace.
- Minimize spam: Keep reported spam rates below 0.1% in Google Postmaster Tools. Regularly monitoring spam reports can help you avoid having messages marked as spam.
- Format messages correctly: When formatting messages, follow the Internet Message Format (IMF) standard to guarantee that your emails are correctly formatted.
- Avoid mimicking Gmail from headers. Google is imposing a new DMARC policy, which may quarantine or block emails impersonating Gmail addresses.
- ARC Headers for Forwarded Emails: If you frequently forward emails, consider adding Authenticated Received Chain (ARC) headers to ensure SPF and DKIM authentication. For mailing lists, include a List-id: header in outgoing messages to ensure proper identification.
Adhering to these rules results in a more secure email environment and lowers the likelihood of email-related security issues.
For Bulk Email Senders (sending more than 5000 messages per day)
If your company sends more than 5,000 emails, the following requirements must be met in addition to the initial requirements given above.- Set up DMARC Records: The DMARC policy informs your receivers that your communications are DKIM-protected. It also includes advice on how to handle communications that do not pass, are designated as garbage, or are refused.
- Create a DMARC Record by adding a TXT record with this standard format.
v=DMARC1; p=none; rua=mailto:[user email]
Visit this article, How to Update TXT and SPF Records - DNS Management, for more information on how to add DNS to your Control Panel. - Consider the following DMARC options:
- None: No action is needed; it is useful for monitoring.
- Quarantine: Messages should be set aside.
- Reject: Messages should be rejected.
Note: It is advised that DMARC policies be implemented progressively. Start with None, then move on to Quarantine, and finally Reject. Check the DMARC reports at each level to ensure that the communications are signed and not faked.
- In the Send Reports to section, enter the email address to which you want to receive DMARC reports. The email address must belong to the domain you are managing.
Note: An email address is necessary to set up your DMARC policy. It will be used to get reports on authenticated and flagged messages, as well as the reasons behind them. The email address must share the same domain as the DKIM domain. If not, create a DNS report record that allows it to receive reports from another domain.
- Create a DMARC Record by adding a TXT record with this standard format.
- Ensure users may unsubscribe: Marketing and subscribed messages must provide a one-click "Unsubscribe" option and a prominent "Unsubscribe" link in the message body.
Only send emails to people who have demonstrated a wish to hear from you. This minimizes the possibility that they may mark messages from your domain as spam. Frequent reports of mail from your domain being flagged as spam can have a long-term detrimental influence on its reputation.