2024 Email Authentication Standards: Elevating Security with Google and Yahoo

2024 Email Authentication Standards: Elevating Security with Google and Yahoo

In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email authentication requirements to combat harmful messages and emphasize the crucial role of data security. This measure aims to prevent restrictions on sending rates, message blocking, and marking messages as spam.



Who will experience the effects? 

The updated security guidelines apply to all users, particularly those who send 5000 or more than 5000 emails per day from ZOHO DESK. Not following these guidelines may lead to email delivery delays, blocked messages, or the categorization of emails as spam.

Not to worry. We are here to support you with the best possible solutions.

Basic details that every sender should be aware of
 
To safeguard your path in 2024, it is mandatory to follow the fundamental requirements, beginning with email authentications.

When utilizing a Gmail domain in the 'From' address, it is essential to configure the address with its dedicated SMTP for ensuring accurate mail delivery.

For recipients on gmail.com or googlemail.com, it is recommended to publish DMARC for the sender domain to enhance prompt mail delivery. 

Verify with your own SMTP 

In adherence to the new guidelines, reply emails sent from Zoho Desk with From addresses belonging to gmail.com, googlemail.com, to any domains may be bounced or marked as spam. Therefore, we kindly request all customers to configure these From addresses with your own SMTP verification and use TLS for transmitting email rather than Zoho SMTP. If the From addresses were verified previously with your own SMTP, we will continue using the same authentication for all notification emails sent from Zoho Desk.



Rolling out SPF & DKIM  

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are vital email authentication protocols that protect against spam, phishing, and spoofing. SPF verifies the authenticity of emails from your domain, while DKIM confirms their source by validating authorized servers associated with sending domains. These protocols work together to validate emails, ensuring that they originate from legitimate sources and have not been tampered with during transmission. This implementation enhances the overall security of your email communications by reducing the risk of email spoofing, phishing, and other malicious activities. 

Minimal Spam Rate 

Maintain spam rates below 0.10% and ensure they never exceed 0.30% for optimal email deliverability.

Essential  Requirements for Users Sending 5000 or More Emails Daily 

Implement DMARC Policy 

DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that leverages the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to authenticate emails. This helps in preventing forging emails and engaging in unauthorized activities through them.

 How DMARC Works: 

1: Publish the DMARC policy outlining instructions for mailbox providers' receiving servers on how to handle emails that breach the policy.
2: Authenticate your sender domain by implementing SPF and DKIM.
3: The receiving server will apply the DMARC policy and execute the instructions specified in the policy.
4: The receiving server will send a report detailing how it handled the email to the reporting email address specified in the DMARC record.

Sample: DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100

v: Signifies the DMARC version in use.
p: Signifies the policy established by the business.
rua: Specifies the URI for sending a consolidated report, including information on SPF and DKIM validation results, details about the sending and receiving domains, and the percentage of successful authentications.
ruf: Specifies the email address where the comprehensive SPF/DKIM failure report will be delivered.
pct: Denotes the percentage of emails subject to the policy application.

To prevent emails from being marked as spam, bounced, or experiencing delays in delivery, it is mandatory to set your policy (p) to none in DMARC record. “p = none”

If the policy (p) is set to "quarantine" or "reject," the emails will either be redirected to the spam folder or will not be delivered to the recipient, respectively. 

Ensure DMARC Alignment 

DMARC alignment pertains to the uniformity in the alignment of email authentication mechanisms, particularly SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), with the domain asserted by the sender.

Sample DMARC - SPF Alignment

Sender Address

From: Header

Strict Alignment

Relaxed Alignment

support@mycompany.com

support@mycompany.com

Pass

Pass

support@admin. mycompany.com

support@mycompany.com

Fail

Pass

support@mycompany.org

support@mycompany.com

Fail

Fail

 
SPF Strict Alignment: A precise match between the SPF-authenticated domain and the domain specified in the header's "From:" address. 

SPF Relaxed Alignment: The domain indicated in the "From:" address of the header should either match or be a subdomain of the SPF-authenticated domain. 

Sample DMARC - DKIM Alignment

From: Header

DKIM d= domain

Strict Alignment

Relaxed Alignment

support@mycompany.com

mycompany.com

Pass

Pass

support@admin. mycompany.com

mycompany.com

Fail

Pass

support@mycompany.org

mycompany.com

Fail

Fail


DKIM Strict Alignment: A precise match between the relevant DKIM domain and the domain specified in the header's "From:" address. 

DKIM Relaxed Alignment: The domain mentioned in the "From:" address of the header must either coincide with or be a subdomain of the SPF-authenticated domain. 

Add ARC headers 

Implement ARC (Authenticated Received Chain) authentication to avoid Gmail categorizing the email as unauthenticated, especially when utilizing frequent mail forwarding practices.
For additional information on ARC authentication, please refer to the official Google document linked here.

Set up SPF & DKIM 
Mail authentication protocols such as SPF & DKIM should be implemented for organization sending emails to google or yahoo recipients.

What are the consequences if the deadline is not met? 

Adhering to the sender requirements before the deadline is crucial for optimizing email delivery. Failure to meet the criteria detailed in this article may lead to your email not reaching its destination as intended or being categorized as spam.

Quick Summary:

The Update - Gmail and Yahoo are implementing robust email authentication standards from February 2024.
The Effects - Failure to meet these requirements may result in emails being categorized as spam or not reaching their intended destination.
The Action to be taken - Users sending 5000 or more emails daily must implement SPF,  DKIM and publish DMARC policies. 


Regards,
Sumaya Howth - Product Manager
The Zoho Desk Team

    • Sticky Posts

    • 2024 Email Authentication Standards: Elevating Security with Google and Yahoo

      In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email

    • Using Agent Email Address as From Address

      Currently, while replying to a ticket, it is possible for agents to choose their own email addresses as 'from' addresses. Although we built this just for that little extra flexibility, in hindsight, it hasn't figured much in conventional usage.  Almost all businesses prefer that responses to their customers' tickets be sent from the common support/service email address and NOT from those of individual agents. During personal interactions at events, some of you have even made passing mentions about

    • Edit and Delete options in Comments

      A lot of teams have been using ticket comments extensively to collaborate everyday. Notification Center further improved this experience by bringing real-time updates. As we continue to build more improvements to this experience, we've shipped a small-yet-important

    • Webinar 2: Supercharged customer support for growing business

      Join us for this webinar and learn how to step up your support game using a real-time communication platform to generate happier, more successful customers. In this live webinar, we will will discuss the importance of SalesIQ for your support team and how it can help you:  Understand your customers better and their journeys to proactively support and engage them even before they ask for help.  Integrating real time conversations into Zoho Desk’s Support, providing a conversational customer service

    • Customize Colors of your Customer Self Service Portal

      You asked for it. We heard you. We're happy to roll out the most sought after feature request, Customizing the Colors of your Customer Self-service Portal. Now you can set the color of your customer portal to mimic your company's web site, so that your customers visiting the portal will not feel alienated by the default theme.  Go ahead and configure the color of the header, tabs, fonts and background according to your needs. You can either choose between default color themes like Blue, Grey, Green

    • Recent Topics

    • Tracking Non-Inventory Items

      We have several business locations and currently use zoho inventory to track retail items (sales and purchase orders). We were hoping to use zoho inventory to track our non-inventory items as well (toilet paper, paper towels, etc). I understand that we

    • Profile Page View Customization

      I need to change the fields, sections from the profile view of an emplyoyee.

    • Zoho Desk Android app update: Filter, Sort and Saved filters Enhancements

      Hello everyone! We are excited to introduce the below features on the Android version Zoho Desk mobile app: 1. Filter & Sort support has been introduced for the Contacts and Accounts modules. 2. Sort options is now available in Custom Modules as well.

    • Accessing shared mailboxes through Trident (Windows)

      Hi, I have a created a couple of shared mailboxes. The mailboxes are showing up on the browser based Zoho workplace, but I cannot seem to figure out how to access my shared inboxes through Trident (Windows). Am I missing something or is this feature not

    • Feature Request: Ability to set Default Custom Filters and apply them via URL/Deluge

      I've discovered a significant gap in how Zoho Creator handles Custom Filters for reports, and I'm hoping the Zoho team can address this in a future update. This limitation has been raised before and continues to be requested, but remains unresolved. The

    • Closing the Loop: Why Lookup Asymmetry is Harming Data Integrity in Creator

      TL;DR: Lookup fields allow users to add new related records inline via the "+" icon, but there's no equivalent ability to edit an existing related record without navigating away and losing form context. Adding a native "Edit" icon—with automatic User

    • filtering lookup field options based on information in another module.

      In our CRM system. We have the standard Accounts and Deals modules. We would like to introduce the ability to classify Accounts by Sector. Our desired functionality is to have a global list of all sectors that an Account can select, with the ability to

    • Service op locatie organiseren met Zoho FSM: waar lopen organisaties tegenaan?

      Bij organisaties met service teams op locatie merken we vaak dat de complexiteit niet zozeer in de planning zelf zit, maar in wat er rond die planning gebeurt. Denk aan opvolging na interventies, consistente servicerapporten, en het bijhouden van installaties

    • Introducing Assemblies and Kits in Zoho Inventory

      Hello customers, We’re excited to share a major revamp to Zoho Inventory that brings both clarity and flexibility to your inventory management experience! Presenting Assemblies and Kits We’re thrilled to introduce Assemblies and Kits, which replaces the

    • Does the ability exist to make tax on the customer profile mandatory?

      I am reaching out to inquire about the possibility of making the "Customer Tax" field mandatory when creating a new customer in Zoho. We want to ensure that all customers have their tax information recorded to maintain compliance with our internal processes.

    • email association with CRM

      Why is it 2024 (almost 2025) and Zoho has not figured out how to integrate email with CRM? It is so inconsistent at associating emails within CRM. I am an attorney. I have clients and work with other attorneys. Attorney John Doe is associated with multiple

    • Fix the speed

      It takes ages to load on every step even though my dataset is quite small.

    • Credit Note for Shipped and Fatoora pushed invoices

      We have shipped a Sales Order and created an Invoice. The Invoice is also pushed to Fatoora Now we need to create a credit note for the invoice When we try it, it says we need to create a Sales Return in the Zoho Books, we have already created a Sales

    • FSM - Timesheet entires for Internal Work

      Hi FSM Team, Several of my clients have asked how they can manage internal timesheets within Zoho FSM. Since their technicians already spend most of their day working in FSM, it would be ideal if they could log all working hours directly in the FSM app.

    • Add a way of clearing fields values in Flow actions

      It would be great if there was an option to set a field as Null when creating flows. I had an instance today where I just wanted to clear a long integer field in the CRM based on an action in Projects but I had to write a custom function. It would be

    • Role Management

      I am creating an analytics dashboard for a company that will be utilized by its various departments such as Finance, Marketing, and HR. My goal is to design the dashboard with separate tabs for each department. Additionally, I plan to implement role-based

    • Highlight a candidate who is "off limits"

      Hello: Is there a way to highlight a candidate who is "off limits"?  I would like to have the ability to make certain candidate and / or Client records highlighted in RED or something like that.   This would be used for example when we may have placed a candidate somewhere and we want everyone in our company to quickly and easily see that they are off limits.  The same would apply when we want to put a client or former client off limits so no one recruits out of there. How can this be done? Cheers,

    • Announcing new features in Trident for Windows (v.1.37.5.0)

      Hello Community! Trident for Windows just received a major update, with a range of capabilities that strengthen email security and enhance communication. This update focuses on making your mailbox safer and your overall email experience more reliable.

    • Early Payment Discount customize Text

      Hi, I’m currently using Zoho Books and am trying to customize the standard “Early Payment Discount” message that appears in the PDF invoice template. I’ve reviewed the documentation here: https://www.zoho.com/books/help/invoice/early-payment-discount.html

    • Deprecation of SMS-based multi-factor authentication (MFA) mode

      Overview of SMS-based OTP MFA mode The SMS-based OTP MFA method involves the delivery of a one-time password to a user's mobile phone via SMS. The user receives the OTP on their mobile phone and enters it to sign into their account. SMS-based OTPs offer

    • Zoho Sheet - Desktop App or Offline

      Since Zoho Docs is now available as a desktop app and offline, when is a realistic ETA for Sheet to have the same functionality?I am surprised this was not laucned at the same time as Docs.

    • DKIM Now Mandatory - Changes to Zoho Forms Email Policies

      Hello Zoho Forms Users, This post is to inform you about an important update regarding the authentication of all email domains in your Zoho Forms account. This year, we are doubling down on our commitment to deliver a secure, seamless, and empowering

    • Call description in notes

      When completing a call, we type in the result of the call in the description. However, that does not show up under the notes history on the contact. We want to be able to see all the calls that have taken place for a contact wihtout having to go into

    • Email Address for Contact not Populating

      When I click "Send Mail" from a Contact's page, their email address does not auto populate the "To" field. How do I make this happen?

    • New in CRM: Dynamic filters for lookup fields

      Last modified on Oct 28, 2024: This feature was initially available only through Early Access upon request. It is now available to all users across all data centers, except for the IN DC. Users in the IN DC can temporarily request access using this form

    • Why hybrid project management might be the best fit for you?

      Project management techniques are designed to equip teams with proven methods for easy and efficient project execution. While management teams may have apprehensions about adopting the hybrid method of project management, we’ve compiled the top reasons

    • Allow all Company Users to view all projects, but only owner/admins can change projects

      I was wondering if there was a permission setting I could adjust to allow all our company users to see all projects created. Then, only the project owners and admins with the change permission. Thanks

    • Fail to send Email by deluge

      Hi, today I gonna update some email include details in deluge, while this msg pops up and restrict me to save but my rules has run for one year. can you tell me how to use one of our admin account or super admin account to send the email? I tried to update

    • Seeking help to be able to search on all custom functions that are defined

      Hello I have a lot of custom functions defined (around 200) and i would like to search some specific strings in the content of those. Is there a way to accomplish that? If not, is there a way to download all existing custom functions in some files locally

    • Totals for Sales Tax Report

      On the sales tax report, the column totals aren't shown for any column other than Total Tax. I can't think of a good reason that they shouldn't be included for the other columns, as well. It would help me with my returns, for sure. It seems ludicrous

    • Add Bulk Section / Grid Layout Duplicate Feature in Zoho Forms Builder

      Currently in Zoho Forms, users can only duplicate individual fields. There is no option to duplicate an entire section or two-column/grid layout with all internal fields. This becomes inefficient when building structured forms such as Family Details,

    • Leistungsdatum in Rechnungen (Zoho Books)

      Hallo, ist es irgendwie möglich den Leistungszeitraum in der Rechnung aufzuführen? Beste Grüße Aleks

    • Zoho Trident Windows - Streams Not Visible

      Namaste We’re having an issue with Streams not being visible in Trident (Windows), which is important for us as we share many emails internally. It appears that the feature to show Streams above the Inbox folder, as seen in the default mailbox view, is

    • Sales IQ Chat Widget is Only Displaying Last Name

      Can anyone suggest why the widget is only displaying "last name"?! We have the latest version of the wordpress plugin installed. Thanks Thanks!

    • Shopify - Item sync from Zoho Inventory

      Hi team, We’ve connected Shopify with Zoho Inventory. We want that when an item is created in Zoho Inventory, it must create a product in Shopify. But currently, new items created in Zoho Inventory are not getting created in Shopify even after clicking

    • Bulk upload image option in Zoho Commerce

      I dont know if I am not looking into it properly but is there no option to bulk upload images along with the products? Like after you upload the products, I will have to upload images one by one again? Can someone help me out here? And what should I enter

    • Is it possible to setup bin locations WITHOUT mandating batch tracking?

      Hi fellow zoho users, I'm wondering if anyone else has a similar issue to me? I only have some products batch tracked (items with shelf life expiry dates) but I am trying to setup bin locations for my entire inventory so we can do stock counting easier.

    • Kill zoho meeting

      Saying the quiet part out loud. Can zoho please just give up on the idea that they can make a meeting platform and just make our workplace licenses cheaper when you remove it so people can switch to zoom or teams. Tired of the excuses, you guys cant make

    • Utilisation de Zoho en conformité avec l’article 286 du Code général des impôts (CGI)

      Cher(e) client(e), Conformément à l’article 286 du Code général des impôts (CGI) impose aux entreprises assujetties à la TVA d’utiliser des systèmes de caisse ou de gestion commerciale certifiés lorsqu’elles enregistrent des ventes à des particuliers.

    • Unable to Create Task as a Support Administrator

      Hello! I want to ask for help regarding creating tasks within the tickets. I am by default the Support Admin. I should be able to create tasks or activities right? But there's a prompt that I need to contact the Administrator. See photos for reference.

    • Next Page