In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email authentication requirements to combat harmful messages and emphasize the crucial role of data security. This measure aims to prevent restrictions on sending rates, message blocking, and marking messages as spam.
Who will experience the effects?
The updated security guidelines apply to all users, particularly those who send 5000 or more than 5000 emails per day from ZOHO DESK. Not following these guidelines may lead to email delivery delays, blocked messages, or the categorization of emails as spam.
Not to worry. We are here to support you with the best possible solutions.
Basic details that every sender should be aware of
To safeguard your path in 2024, it is mandatory to follow the fundamental requirements, beginning with email authentications.
When utilizing a Gmail domain in the 'From' address, it is essential to configure the address with its dedicated SMTP for ensuring accurate mail delivery.
For recipients on gmail.com or googlemail.com, it is recommended to publish DMARC for the sender domain to enhance prompt mail delivery.
Verify with your own SMTP
In adherence to the new guidelines, reply emails sent from Zoho Desk with From addresses belonging to gmail.com, googlemail.com, to any domains may be bounced or marked as spam. Therefore, we kindly request all customers to configure these From addresses with your own SMTP verification and use TLS for transmitting email rather than Zoho SMTP. If the From addresses were verified previously with your own SMTP, we will continue using the same authentication for all notification emails sent from Zoho Desk.
Rolling out SPF & DKIM
SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are vital email authentication protocols that protect against spam, phishing, and spoofing. SPF verifies the authenticity of emails from your domain, while DKIM confirms their source by validating authorized servers associated with sending domains. These protocols work together to validate emails, ensuring that they originate from legitimate sources and have not been tampered with during transmission. This implementation enhances the overall security of your email communications by reducing the risk of email spoofing, phishing, and other malicious activities.
Minimal Spam Rate
Maintain spam rates below 0.10% and ensure they never exceed 0.30% for optimal email deliverability.
Essential Requirements for Users Sending 5000 or More Emails Daily
Implement DMARC Policy
DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that leverages the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to authenticate emails. This helps in preventing forging emails and engaging in unauthorized activities through them.
How DMARC Works:
1: Publish the DMARC policy outlining instructions for mailbox providers' receiving servers on how to handle emails that breach the policy.
2: Authenticate your sender domain by implementing SPF and DKIM.
3: The receiving server will apply the DMARC policy and execute the instructions specified in the policy.
4: The receiving server will send a report detailing how it handled the email to the reporting email address specified in the DMARC record.
Sample: DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100
v: Signifies the DMARC version in use.
p: Signifies the policy established by the business.
rua: Specifies the URI for sending a consolidated report, including information on SPF and DKIM validation results, details about the sending and receiving domains, and the percentage of successful authentications.
ruf: Specifies the email address where the comprehensive SPF/DKIM failure report will be delivered.
pct: Denotes the percentage of emails subject to the policy application.
To prevent emails from being marked as spam, bounced, or experiencing delays in delivery, it is mandatory to set your policy (p) to none in DMARC record. “p = none”
If the policy (p) is set to "quarantine" or "reject," the emails will either be redirected to the spam folder or will not be delivered to the recipient, respectively.
Ensure DMARC Alignment
DMARC alignment pertains to the uniformity in the alignment of email authentication mechanisms, particularly SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), with the domain asserted by the sender.
Sample DMARC - SPF Alignment
Sender Address | From: Header | Strict Alignment | Relaxed Alignment |
support@mycompany.com | support@mycompany.com | Pass | Pass |
support@admin. mycompany.com | support@mycompany.com | Fail | Pass |
support@mycompany.org | support@mycompany.com | Fail | Fail |
SPF Strict Alignment: A precise match between the SPF-authenticated domain and the domain specified in the header's "From:" address.
SPF Relaxed Alignment: The domain indicated in the "From:" address of the header should either match or be a subdomain of the SPF-authenticated domain.
Sample DMARC - DKIM Alignment
From: Header | DKIM d= domain | Strict Alignment | Relaxed Alignment |
support@mycompany.com | mycompany.com | Pass | Pass |
support@admin. mycompany.com | mycompany.com | Fail | Pass |
support@mycompany.org | mycompany.com | Fail | Fail |
DKIM Strict Alignment: A precise match between the relevant DKIM domain and the domain specified in the header's "From:" address.
DKIM Relaxed Alignment: The domain mentioned in the "From:" address of the header must either coincide with or be a subdomain of the SPF-authenticated domain.
Add ARC headers
Implement ARC (Authenticated Received Chain) authentication to avoid Gmail categorizing the email as unauthenticated, especially when utilizing frequent mail forwarding practices.
For additional information on ARC authentication, please refer to the official Google document linked here.
Set up SPF & DKIM
Mail authentication protocols such as SPF & DKIM should be implemented for organization sending emails to google or yahoo recipients.
What are the consequences if the deadline is not met?
Adhering to the sender requirements before the deadline is crucial for optimizing email delivery. Failure to meet the criteria detailed in this article may lead to your email not reaching its destination as intended or being categorized as spam.
Quick Summary:
The Update - Gmail and Yahoo are implementing robust email authentication standards from February 2024.
The Effects - Failure to meet these requirements may result in emails being categorized as spam or not reaching their intended destination.
The Action to be taken - Users sending 5000 or more emails daily must implement SPF, DKIM and publish DMARC policies.
Regards,
Sumaya Howth - Product Manager
The Zoho Desk Team
Recent Topics
Deleting Views
How do you delete views? Please syd
Fixed Assets
Where would I manage my fixed assets
Report on Assets
Hi, Is it possible to report purchased assets on a specific year? The Balance Sheet shows everything up to the current date, and the expense reports will not show purchased assets because they are assets not expenses. If it is not possible, then is it possible to setup an API connection with Books to extract data from to another Reporting application?
Purchase of Fixed Assets
How can I record the purchase of assets using zoho books? For example, I purchased 4 laptop for 100000 $ each and paid it through my bank account. How can I record this transaction and maintain track of how much of the assets I bought?
Where is the Fixed Asset Register?
I am a Zoho One user for 18 months, using invoicing and CRM and now ready to migrate my books to Zoho Books. Where do I keep the fixed asset register for the equipment that I use in my business? I have a service based business with a lot of gear and business
Kaizen #168 - Incremental Authorization
Welcome to this week's post in the Kaizen series. In this post, we will discuss Incremental Authorization. What is Incremental Authorization? Incremental Authorization is an OAuth strategy that allows a client to request specific authorization scopes
Configure Notes Title for Blueprint Transition
It'd be very helpful to be able to configure note titles on blueprint transitions when requiring notes. This would help tie back the history of notes to the blueprint actions. We have some approval processes in our blueprint and require notes for the
An update to improve email delivery | Email Authentication & Relay
Dear Zoho Recruit Community, We hope this message finds you well. This post is to inform you about an important update regarding the authentication of all email domains in your Zoho Recruit account. Effective 31st December, 2024, emails sent using email
Stop adding Default ID column to xls exports
When anything is exported to xls, Zoho adds a column with an ID. WE DO NOT WANT THIS COLUMN. We use an automated report to a team. We have our own tracking number. 1. This makes the report messy, it just pushes OUR data off to the right. 2. We have
Zoho cases and remote work api
How to use zoho cases listing api? When i try to hit the endpoint specified in the docs , i get the error : the page you are looking for does not exist with a 401.
Calendly does not show scheduled Meetings
I use Calendly as my standard booking tool, but no matter what I am doing, Calendly shows any appointment as free (when in fact there already is an appointment in CRM Calendar or Zoho Calendar). Drives me nuts - cannot go away from Calendly due to various
I want the currency in my account to be Mexican pesos.
Hello, I am a Mexican citizen and live in Ukraine. When I registered to your system, it was seen that I was from Ukraine, so the default currency is Euro. This is causing me a problem. Please change the standard currency in my account to Mexican Pes
Year-End Wrap: Don't rewrite - Switch to Email Templates
As we're half-way through December, now is the perfect time to start sending out festive greetings. Whether it is to your clients or your team, it is important that every mail is tailored to the recipient and feels genuine, which allows you to make better
Elevating Email Security on Zoho Desk: DKIM Now Mandatory
Hello Zoho Desk Users! It has been a wonderful journey with you on Zoho Desk. As we prepare to welcome 2025, we are strengthening our efforts to ensure a secure and seamless experience for you. To enhance email security, DKIM configuration will be mandatory
How to view shared mailbox in Outlook
How to view shared mailbox in Outlook or in another software
Necesito el código ZB para mi cuenta
Hice cambio de servidor y no encuentro el codigo unico de cname.
Privacy error
Privacy error on Chrome for all embedded forms and reports, this is a huge issue: "Your connection is not private Attackers might be trying to steal your information from creator.zohopublic.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID"
Automate Backups
This is a feature request. Consider adding an auto backup feature. Where when you turn it on, it will auto backup on the 15-day schedule. For additional consideration, allow for the export of module data via API calls. Thank you for your consideration.
Customise Search Bar in CRM
Is there a way to customise this search bar in the CRM to add fields?
Counting downloads of a file
Hello Could anyone help me, I would like to use a custom script to count how many times a file contained in a record has been downloaded. Is that something that is possible in Creator? Thanks Estelle
Is there any way to prevent emails from being sent from zoho crm without pressing email opt out?
When I left my desk yesterday I excitedly thought I had fixed my problem, by making use of the "Inactive" field ... However after contacting the support chat, they have advised to stop emails being sent I need to update the "Email Opt Out" field - which
New Search Function
Hey Team, The search function updated in our CRM about a week ago, so I assume it was an automated update across Zoho. It no longer displays leads/deals etc in Chronological order so that the most recently created or updated is the first to display which
New permissions for accessing emails sent via Zoho CRM
Last modified on Nov 4, 2024: Permissions for accessing emails sent via Zoho CRM have now been extended to the IN DC. With this rollout, the feature is now available to all users across all DCs. Resources: Data sharing for emails, Configuring email compose
is it possible to add more than one Whatsapp Phone Number to be integrated to Zoho CRM?
so I have successfully added one Whatsapp number like this from this User Interface it seems I can't add a new Whatsapp Number. I need to add a new Whatsapp Number so I can control the lead assignment if a chat sent to Whatsapp Phone Number 1 then assign
Request for Alerts on Workflow and Function Changes.
I want to get an alert whenever a new workflow or function is added or an existing workflow or function is edited. Is there any way to do that? I need to log all changes whenever updates are made or new ones are added.
Transfer Amount from One Vendor to Another Vendor
One of the vendors, who has a balance with us, has closed the business and has started a new business; Now he wants me to transfer the outstanding from the old account to the new Vendor Account. I am trying to do this using Payment Settlement a/c, But
How to make Branch compulsory in Zoho Books invoice?
How I make Branches compulsory in Zoho Books invoice?
Regarding GST Report Issue in Zoho Books
Hi, Right now, the very important point from my end is this Zoho Books issue. Here, you can see that we have created the invoice with the items of account sales and expenses. The journal is also correct. The profit and Loss statement is also correct.
Default Ship To Address on Purchase Orders cannot be different than Organization Address
Our organization address is not where we want shipments delivered, it is just a mailing address. We would like to change the Ship To address on our PO's so that by default it is our warehouse (not the mailing address). I understand that when creating
Function #57: Automatically group items in invoices based on categories
Hello everyone, and welcome back to our series! As a business expands and new product lines are launched, it becomes important to organize the items for better inventory management. The Category field in Zoho Books helps here by allowing you to add and
Differences between Zoho Books and Zoho Billing
Without a long drawn out process to compare these. If you were looking at these Books and Billing, what made you opt for one and not the other. Thanks
unable to import transactions into zoho books
I download a csv with separate columns for deposit and withdraw. The sample has zero's in the blank spaces so I ensure mine does too. When I try to import it says the fields must have values greater than zero.
Zoho Forms Unable to Save Account Numbers with a Leading Zero
We are using Zoho Forms to for rental applications. It is working well, except for one thing: when a user enters their bank account information, and that account number actually starts with a ZERO (like 00123456) the Zoho form will return the value without
How to include GST% in PO amount?
Currently when I raise PO, the basic price of the item is used. However, the GST is not calculated and added along with the basic amount. I have added a Custom field for GST in the PO but I need Zoho Inventory to calculate the GST amount and add it with the Basic price to give me the final PO price.
sitemap in zoho sites not updating
I checked my sitemap and it has not added any updates. Do I have to generate one manually all the time or is zoho sites suppose to generate and update it?
I trying to connect our PM tool but API shows failure
Hi All, in ZOHO CRM when an enquiry stage is moved to WON then I have created a rule to trigger POST URL to thrid party AP and then create a function for mapping with below code void automation.kytesfunctions(String enquiryId) { // Fetch enquiry details
Sample Ticket - Created from Bot Preview
Why is Zoho desk adding bot created tickets?
Webhook data is not being received
We’ve set up the webhook with a public URL that returns a 200 status on Postman. However, when we ran a test, we didn’t receive anything in the req.body object or see any data from the POST request. As a team of freshers still learning the ropes of development,
Number of Workflow runs
Is there a way in Zoho desk to see statistics regarding workflows, rules and other automation objects? Would be nice for several reasons: You could ensure that your workflows are actually running. You could determine which ones weren't being used so you
Mail is no longer populating CRM contacts
Hi! For the last few days, my mail hasn't been populating my CRM contacts. Even people I email multiple times per day. In fact, it keeps trying to send mail to myself. Notice, I started typing Amy and only got as far as, "Am" and it suggested myself.
Next Page