2024 Email Authentication Standards: Elevating Security with Google and Yahoo

2024 Email Authentication Standards: Elevating Security with Google and Yahoo

In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email authentication requirements to combat harmful messages and emphasize the crucial role of data security. This measure aims to prevent restrictions on sending rates, message blocking, and marking messages as spam.



Who will experience the effects? 

The updated security guidelines apply to all users, particularly those who send 5000 or more than 5000 emails per day from ZOHO DESK. Not following these guidelines may lead to email delivery delays, blocked messages, or the categorization of emails as spam.

Not to worry. We are here to support you with the best possible solutions.

Basic details that every sender should be aware of
 
To safeguard your path in 2024, it is mandatory to follow the fundamental requirements, beginning with email authentications.

When utilizing a Gmail domain in the 'From' address, it is essential to configure the address with its dedicated SMTP for ensuring accurate mail delivery.

For recipients on gmail.com or googlemail.com, it is recommended to publish DMARC for the sender domain to enhance prompt mail delivery. 

Verify with your own SMTP 

In adherence to the new guidelines, reply emails sent from Zoho Desk with From addresses belonging to gmail.com, googlemail.com, to any domains may be bounced or marked as spam. Therefore, we kindly request all customers to configure these From addresses with your own SMTP verification and use TLS for transmitting email rather than Zoho SMTP. If the From addresses were verified previously with your own SMTP, we will continue using the same authentication for all notification emails sent from Zoho Desk.



Rolling out SPF & DKIM  

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are vital email authentication protocols that protect against spam, phishing, and spoofing. SPF verifies the authenticity of emails from your domain, while DKIM confirms their source by validating authorized servers associated with sending domains. These protocols work together to validate emails, ensuring that they originate from legitimate sources and have not been tampered with during transmission. This implementation enhances the overall security of your email communications by reducing the risk of email spoofing, phishing, and other malicious activities. 

Minimal Spam Rate 

Maintain spam rates below 0.10% and ensure they never exceed 0.30% for optimal email deliverability.

Essential  Requirements for Users Sending 5000 or More Emails Daily 

Implement DMARC Policy 

DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that leverages the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to authenticate emails. This helps in preventing forging emails and engaging in unauthorized activities through them.

 How DMARC Works: 

1: Publish the DMARC policy outlining instructions for mailbox providers' receiving servers on how to handle emails that breach the policy.
2: Authenticate your sender domain by implementing SPF and DKIM.
3: The receiving server will apply the DMARC policy and execute the instructions specified in the policy.
4: The receiving server will send a report detailing how it handled the email to the reporting email address specified in the DMARC record.

Sample: DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100

v: Signifies the DMARC version in use.
p: Signifies the policy established by the business.
rua: Specifies the URI for sending a consolidated report, including information on SPF and DKIM validation results, details about the sending and receiving domains, and the percentage of successful authentications.
ruf: Specifies the email address where the comprehensive SPF/DKIM failure report will be delivered.
pct: Denotes the percentage of emails subject to the policy application.

To prevent emails from being marked as spam, bounced, or experiencing delays in delivery, it is mandatory to set your policy (p) to none in DMARC record. “p = none”

If the policy (p) is set to "quarantine" or "reject," the emails will either be redirected to the spam folder or will not be delivered to the recipient, respectively. 

Ensure DMARC Alignment 

DMARC alignment pertains to the uniformity in the alignment of email authentication mechanisms, particularly SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), with the domain asserted by the sender.

Sample DMARC - SPF Alignment

Sender Address

From: Header

Strict Alignment

Relaxed Alignment

support@mycompany.com

support@mycompany.com

Pass

Pass

support@admin. mycompany.com

support@mycompany.com

Fail

Pass

support@mycompany.org

support@mycompany.com

Fail

Fail

 
SPF Strict Alignment: A precise match between the SPF-authenticated domain and the domain specified in the header's "From:" address. 

SPF Relaxed Alignment: The domain indicated in the "From:" address of the header should either match or be a subdomain of the SPF-authenticated domain. 

Sample DMARC - DKIM Alignment

From: Header

DKIM d= domain

Strict Alignment

Relaxed Alignment

support@mycompany.com

mycompany.com

Pass

Pass

support@admin. mycompany.com

mycompany.com

Fail

Pass

support@mycompany.org

mycompany.com

Fail

Fail


DKIM Strict Alignment: A precise match between the relevant DKIM domain and the domain specified in the header's "From:" address. 

DKIM Relaxed Alignment: The domain mentioned in the "From:" address of the header must either coincide with or be a subdomain of the SPF-authenticated domain. 

Add ARC headers 

Implement ARC (Authenticated Received Chain) authentication to avoid Gmail categorizing the email as unauthenticated, especially when utilizing frequent mail forwarding practices.
For additional information on ARC authentication, please refer to the official Google document linked here.

Set up SPF & DKIM 
Mail authentication protocols such as SPF & DKIM should be implemented for organization sending emails to google or yahoo recipients.

What are the consequences if the deadline is not met? 

Adhering to the sender requirements before the deadline is crucial for optimizing email delivery. Failure to meet the criteria detailed in this article may lead to your email not reaching its destination as intended or being categorized as spam.

Quick Summary:

The Update - Gmail and Yahoo are implementing robust email authentication standards from February 2024.
The Effects - Failure to meet these requirements may result in emails being categorized as spam or not reaching their intended destination.
The Action to be taken - Users sending 5000 or more emails daily must implement SPF,  DKIM and publish DMARC policies. 


Regards,
Sumaya Howth - Product Manager
The Zoho Desk Team

    • Sticky Posts

    • 2024 Email Authentication Standards: Elevating Security with Google and Yahoo

      In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email

    • Using Agent Email Address as From Address

      Currently, while replying to a ticket, it is possible for agents to choose their own email addresses as 'from' addresses. Although we built this just for that little extra flexibility, in hindsight, it hasn't figured much in conventional usage.  Almost all businesses prefer that responses to their customers' tickets be sent from the common support/service email address and NOT from those of individual agents. During personal interactions at events, some of you have even made passing mentions about

    • Edit and Delete options in Comments

      A lot of teams have been using ticket comments extensively to collaborate everyday. Notification Center further improved this experience by bringing real-time updates. As we continue to build more improvements to this experience, we've shipped a small-yet-important

    • Webinar 2: Supercharged customer support for growing business

      Join us for this webinar and learn how to step up your support game using a real-time communication platform to generate happier, more successful customers. In this live webinar, we will will discuss the importance of SalesIQ for your support team and how it can help you:  Understand your customers better and their journeys to proactively support and engage them even before they ask for help.  Integrating real time conversations into Zoho Desk’s Support, providing a conversational customer service

    • Customize Colors of your Customer Self Service Portal

      You asked for it. We heard you. We're happy to roll out the most sought after feature request, Customizing the Colors of your Customer Self-service Portal. Now you can set the color of your customer portal to mimic your company's web site, so that your customers visiting the portal will not feel alienated by the default theme.  Go ahead and configure the color of the header, tabs, fonts and background according to your needs. You can either choose between default color themes like Blue, Grey, Green

    • Recent Topics

    • How can Data Enrichment be automatically triggered when a new Lead is created in Zoho CRM?

      Hi, I have a pipeline where a Lead is created automatically through the Zoho API and I've been trying to look for a way to automatically apply Data Enrichment on this created lead. 1) I did not find any way to do this through the Zoho API; it seems like

    • Announcing Kiosk 1.1 - Customize screen titles, configure new fields & actions, use values from your Kiosk to update fields, and more.

      Hello all We are back again with more enhancements to Kiosk. So what's new? Enhancements made to the Components Add titles for your Kiosk screens and adjust its width to suit your viewing preferences. Three new fields can be added to your screen: Percentage,

    • Any recommendations for Australian Telephony Integration providers?

      HI,  I am looking for some advice on phone providers as we are looking to upgrade our phone system, does anybody have experience with any of the Australian providers that integrate with CRM Telephony? So far we are looking at RingCentral and Amazon Connect, and would love to hear feedback on any of the other providers you might have tried.  Thank you

    • CRM Cadences recognise auto-responses

      I have leads in a Cadence. I get an auto-responder reply "I'm out of the office..." Normally Cadences seems to know that isn't a real reply and keeps the lead enrolled in the cadence. However, today, Cadences has UNENROLLED a Lead who sent an auto-reponse

    • Zoho Campaigns Workspaces

      Hi, I’m currently working on a Zoho CRM + Zoho Campaigns setup for a franchisee-based organization, where each franchise must only see and use its own contacts. At the moment, franchisees cannot properly access their contact lists in Zoho Campaigns unless

    • Limited System because of Limited Number of Fields for Car Dealership

      Dear Zoho Support, we want to have all the information about a car inside of a car record. We want to have Zoho CRM as our single source of truth for our data, but the limited number of fields are not allowing that. The data consist of: technical data

    • Automatically Update Form Attachment Service with Newly added Fields

      Hi, When I have a Form Setup and connected to a 3rd Party Service such as OneDrive for Form Attachments, when I later add a new Upload Field I have to remove and redo the entire 3rd Party Setup from scratch. This needs to be improved, such as when new

    • Zoho CRM for Everyone's NextGen UI Gets an Upgrade

      Hello Everyone We've made improvements to Zoho CRM for Everyone's Nextgen UI. These changes are the result of valuable feedback from you where we’ve focused on improving usability, providing wider screen space, and making navigation smoother so everything

    • Newsletter in multiple languages

      Hi We are planning on starting to use Zoho Campaigns for our newsletters. Since we send our newsletters in three languages, I would need the "unsubscribe page" and other pages related to the NL (Thank you page and so on) to be available in different languages

    • Default Ticket View - Table?

      Guys, We mostly use the table view to queue tickets. Maybe I am missing it - but how can I set that view as 'default" for all our agents? Thanks JV

    • Fixed assets in Zoho One?

      Hi, We use Zoho Books and have the fixed asset option in it. I started a trial for Zoho One and I do not see that as an option. Is the books that is part of zoho one equivalent to Zoho Books Elite subscription or is it a lesser version? Thanks, Matt

    • Set Default Status of Assembly to "Assembled" When Entered in UI

      I've just discovered the new "confirmed" status of Assemblies within Inventory. While I understand the intent of this (allowing for manufacturing planning and raw material stock allocation), it was initially confusing to me when manually entering some

    • I need to Record Vatable amount and non vatable amount separately in zoho books in a single line

      I need to Record Vatable amount and non vatable amount separately in zoho books in a single line give me the customisation option and in invoice copy to customer the total amount should be inclusive 5%vat and no need to show the vatable and non vatable

    • Sort Legend & stacked bar chart by value

      I'd love to see an option added to sort the legend of graphs by the value that is being represented. This way the items with the largest value in the graph are displayed top down in the legend. For example, let's say I have a large sales team and I create

    • Scanned Doc - selecting Item overwrites Rate

      I have a Vendor Invoice which was uploaded to Documents. I select Add To > New Bill. The OCR is actually quite good, but it is reading an Item Description instead of an Item Number. I remove the description and select the correct Item Number... and it

    • Timesheet invalid data error

      Getting the "Invalid Date" error when trying to add a time sheet to an appointment in a work order. I initially though the work order was corrupt or something so I deleted the work order and recreated it. I added the first time sheet to the AP and saved

    • Convert invoice from zoho to xml with all details

      How to convert an Invoice to XML format with all details

    • Any update on adding New Customer Payment Providers who support in store terminal devices?

      Currently there is only one Customer payment provider listed for terminal devices in USA- Everyware. They charge a monthly fee of almost $149 minimum. Will you add other providers - like Zoho Payments or Stripe or Worldpay that would allow integrated

    • Dealing With One-Time Customers on Zoho Books

      Hello there! I am trying to figure out a way to handle One-Time customers without having to create multiple accounts for every single one on Zoho Books. I understand that I can create a placeholder account called "Walk-In Customer", for example, but I

    • Customizing Helpcenter texts

      I’m customizing the Zoho Desk Help Center and I’d like to change the wording of the standard widgets – for example, the text in the “Submit Ticket” banner that appears in the footer, or other built-in widget labels and messages. So far, I haven’t found

    • Passing the image/file uploaded in form to openai api

      I'm trying to use the OpenAI's new vision feature where we can send image through Api. What I want is the user to upload an image in the form and send this image to OpenAI. But I can't access this image properly in deluge script. There are also some constraints

    • "Temporary" Field Value?

      I have a custom action in Form A report Detail View that passes the Rec ID and updates a Temp Record ID lookup field in the Form B record via openURL (and opens the Form B report in popup) . The updated Temp Record ID field value in Form B is then used

    • File Upload field automatically replaces spaces with underscores – support experience

      Hi everyone, I want to share my recent experience regarding the File Upload field behavior in Zoho Creator and my interaction with the Zoho support team. When a user uploads a file, the system automatically renames the document by replacing spaces in

    • We Asked, Zoho Delivered: The New Early Access Program is Here

      For years, the Zoho Creator community has requested a more transparent and participatory approach to beta testing and feature previews. Today, I'm thrilled to highlight that Zoho has delivered exactly what we asked for with the launch of the Early Access

    • Queries on Project-Based Inventory Consumption and Proforma Invoice in Zoho ERP

      We would appreciate your clarification on how Zoho ERP plans to handle the following: Project-based inventory consumption without itemized sales orders Accurate project cost tracking along with inventory reduction Proforma Invoice usage We look forward

    • Applying Excess Payments & Conflict Invoices Due to Cancelled Items

      I’m running into several issues that appear to stem from deeper-than-expected overlap between Zoho Finance (Books/Inventory) and Zoho POS. The level of coupling between these systems seems greater than what was originally communicated, and it’s leading

    • Zoho Sprint Backlog View, filter by item status

      Hello, In Zoho Sprints, it would be great to be able filter out specific items in the Backlog based on their status. We would like to track items that were Removed from our backlog without seeing them constantly in the Backlog view, as this view should

    • WATERFALL CHART IN ZOHO ANALYTICS

      Hi Team, I would like to know whether Zoho Analytics currently supports a Waterfall Chart as a built-in visualization type. If yes, could you please share the steps to create one? If not, is there any workaround or recommended method to build a Waterfall

    • Export contacts from Bigin's mobile app to your Android device

      Hello everyone! We're happy to announce that you can now export customer contacts from the Bigin mobile app to your device. Scenario A small-scale business owner has two pipelines in Bigin—one for procuring raw materials and the other for selling his

    • Passing Info from Function to Client Script

      Hello, I have recently started making use of client script for buttons, allowing me to give the user information or warnings before they proceed. This is great. However, I have never quite managed to pass back any extra information from the function to

    • ASAP iOS SDK – Xcode Compatibility Update

      Hello everyone, We have been delivering the ASAP iOS SDK developed using Xcode 16.1 to provide Help Center support within mobile applications. Thus, ASAP iOS SDK versions upto 4.5.8 are compatible with development environments running in Xcode 16.1 and

    • Sub form auto field population based on parent form

      I have a parent form called "Sites" with a text field called "Site". I have a subform called "Design Comments" (actual form name "Review Comments") with a lookup field name "Sites1" that looks up from the Sites form. I want the Sites1 lookup field to

    • A note-taking app right inside your project management space

      How do you feel when you check off the last task from your to-do list after a long day at work? Euphoric, blissful, satisfied? Now, imagine completing the same checklist from your PM platform, without juggling tools. Sounds simple and handy? That’s exactly

    • Email Forwarding: Maintain business continuity

      As an administrator, ensuring uninterrupted email communication is critical when a role-based employee is unavailable due to extended leave or a temporary role change. Emails from customers, partners, and internal teams must continue to be received and

    • Tip #61- Collaborate live with Invite Technician- 'Insider Insights'

      We’ve all been there: you’re deep into a complex remote session, and you realize you need a second pair of eyes. Instead of ending the call or rescheduling, why not just bring the expert to you? With Zoho Assist, you can invite internal colleagues or

    • How to integrate Zoho CRM, Zoho Forms and a WIX Web Site

      Attached video demonstrates how to use Zoho Forms included in Zoho One, to design a Contact Us form to be embedded into a WIX web site and integrated into Zoho CRM.

    • Bug Causing Major Sync & SO Access Failures in Zoho POS

      We are experiencing critical and recurring issues in Zoho POS that all trace back to role-permission handling defects in the latest POS app version. These issues directly affect syncing, login ability, and Sales Order access for role-restricted users

    • Change Last Name to not required in Leads

      I would like to upload 500 target companies as leads but I don't yet have contact people for them. Can you enable the option for me to turn this requirement off to need a Second Name? Moderation update (10-Jun-23): As we explore potential solutions for

    • OAuth2 Scope Error - Incorrectly defaulting to CRM instead of Analytics.

      Hello Zoho Team, I am trying to connect n8n to Zoho Analytics API V2 for a simple automation project. Despite using the correct Analytics-specific scopes, my OAuth handshake is failing with a CRM-related error. The Problem: The authorization screen shows:

    • Add Custom Reports To Dashboard or Home Tab

      Hi there, I think it would be great to be able to add our custom reports to the Home Tab or Dashboards. Thanks! Chad Announcement: The feature is being rolled out across DC's and Edition in phases. To know more refer to the announcement post here.

    • Next Page