How to Implement Google's New Email Authentication Requirements
Starting February 1, 2024, Google will start applying new security rules for email authentication, mainly for those who send lots of emails at once. These rules are designed to make email safer and to stop fake emails and phishing attacks. Follow these guidelines to ensure emails are sent and received smoothly on different platforms.
- What to Know About Google's New Sender Requirements
- For All Email Sender
- For Bulk Email Senders (Sending Over 5,000 Messages Daily)
What to Know About Google's New Sender Requirements
Google's latest update to email authentication standards includes various protocols. The specific requirements depend on your organization's email usage, which is broadly divided into two categories: for all email senders and for bulk senders.
For All Email Sender
Here are certain measures to comply with that will enhance email security by filtering out malicious, unwanted, or spam messages.
- Implement SPF or DKIM - Set up Sender Policy Framework (SPF) or DomainKeys Identified Mail (DKIM) for your domain. These are effective in reducing email spoofing and security risks.
- Validate DNS Records - Ensure that your IP addresses or sending domains have proper forward and reverse DNS records. This confirms that the sending hostname corresponds to the IP address.
- Utilize TLS Connections - Use Transport Layer Security (TLS) for email transmission. This encryption secures email privacy and requires both sender and recipient to use TLS. In Google Workspace, TLS can be activated and configured.
- Keep Spam Rates Low - Maintain a spam report rate below 0.1% in Google’s Postmaster Tools , ensuring it never exceeds 0.3%. High spam rates can lead to increased spam classification by Google. Regularly check spam reports to avoid your emails being marked as spam.
- Adhere to Internet Message Format Standard - Format your email messages according to the Internet Message Format Standard, which outlines the basic structure of email messages.
- Avoid Impersonating Gmail "From" Headers - Do not impersonate Gmail in the From: headers of your emails. Google's new DMARC policy might quarantine or block emails that do so.
- Add ARC Headers for Forwarded Emails - For senders regularly forwarding emails, such as mailing lists, it's important to add Authenticated Received Chain (ARC) headers and a 'List-id:' header for clear identification, maintaining SPF and DKIM authentication through various stages.
For Bulk Email Senders (Sending Over 5,000 Messages Daily)
For organizations sending over 5,000 messages a day, here are the additional requirements:
- Implement DMARC Record - To set up the DMARC record, check the steps below:
• Set Up a DMARC Record: Utilize a TXT DNS Record to create a DMARC Record following the standard format:
v=DMARC1; p=none; rua=mailto:[user email] l]
• Please consider the following DMARC options:
a. None: No action needed; useful for monitoring.
b. Quarantine: Messages should be set aside.
c. Reject: Messages should be rejected.Tip: For optimal results, implement DMARC policies in stages. Start with a "None" setting, progress to "Quarantine," and ultimately adopt the "Reject" setting. At each stage, monitor DMARC reports to confirm that messages are properly signed and devoid of spoofing.
Reminder: To set up your DMARC policy, you'll need to provide an email address. This email address will be used to receive reports on authenticated and flagged messages, along with why. It's important to note that the email address must belong to the same domain as the DKIM domain. If it doesn't, you'll need to create a DNS report record to enable it to receive reports from a different domain.
- Enable Users to Unsubscribe with a Single Click - Marketing and subscription-based emails should offer a straightforward one-click opt-out option, with an easily noticeable unsubscribe link included in the email content.
Send emails only to those who have shown interest in receiving them from you, minimizing the chances of your emails being marked as spam. Repeated instances of your domain's emails being reported as spam can gradually harm your domain's reputation. Learn more about Google's Email sender guidelines.
If you need further assistance, feel free to contact us via Chat or Phone:
- Chat Support - While on our website, you should see a CHAT bubble in the bottom right-hand corner of the page. Click anywhere on the bubble to begin a chat session.
- Phone Support -
- US: 888-401-4678
- International: +1 801-765-9400
You may also refer to our Knowledge Base articles to help answer common questions and guide you through various setup, configuration, and troubleshooting steps.