2024 Email Authentication Standards: Elevating Security with Google and Yahoo

2024 Email Authentication Standards: Elevating Security with Google and Yahoo

In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email authentication requirements to combat harmful messages and emphasize the crucial role of data security. This measure aims to prevent restrictions on sending rates, message blocking, and marking messages as spam.



Who will experience the effects? 

The updated security guidelines apply to all users, particularly those who send 5000 or more than 5000 emails per day from ZOHO DESK. Not following these guidelines may lead to email delivery delays, blocked messages, or the categorization of emails as spam.

Not to worry. We are here to support you with the best possible solutions.

Basic details that every sender should be aware of
 
To safeguard your path in 2024, it is mandatory to follow the fundamental requirements, beginning with email authentications.

When utilizing a Gmail domain in the 'From' address, it is essential to configure the address with its dedicated SMTP for ensuring accurate mail delivery.

For recipients on gmail.com or googlemail.com, it is recommended to publish DMARC for the sender domain to enhance prompt mail delivery. 

Verify with your own SMTP 

In adherence to the new guidelines, reply emails sent from Zoho Desk with From addresses belonging to gmail.com, googlemail.com, to any domains may be bounced or marked as spam. Therefore, we kindly request all customers to configure these From addresses with your own SMTP verification and use TLS for transmitting email rather than Zoho SMTP. If the From addresses were verified previously with your own SMTP, we will continue using the same authentication for all notification emails sent from Zoho Desk.



Rolling out SPF & DKIM  

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are vital email authentication protocols that protect against spam, phishing, and spoofing. SPF verifies the authenticity of emails from your domain, while DKIM confirms their source by validating authorized servers associated with sending domains. These protocols work together to validate emails, ensuring that they originate from legitimate sources and have not been tampered with during transmission. This implementation enhances the overall security of your email communications by reducing the risk of email spoofing, phishing, and other malicious activities. 

Minimal Spam Rate 

Maintain spam rates below 0.10% and ensure they never exceed 0.30% for optimal email deliverability.

Essential  Requirements for Users Sending 5000 or More Emails Daily 

Implement DMARC Policy 

DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that leverages the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to authenticate emails. This helps in preventing forging emails and engaging in unauthorized activities through them.

 How DMARC Works: 

1: Publish the DMARC policy outlining instructions for mailbox providers' receiving servers on how to handle emails that breach the policy.
2: Authenticate your sender domain by implementing SPF and DKIM.
3: The receiving server will apply the DMARC policy and execute the instructions specified in the policy.
4: The receiving server will send a report detailing how it handled the email to the reporting email address specified in the DMARC record.

Sample: DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100

v: Signifies the DMARC version in use.
p: Signifies the policy established by the business.
rua: Specifies the URI for sending a consolidated report, including information on SPF and DKIM validation results, details about the sending and receiving domains, and the percentage of successful authentications.
ruf: Specifies the email address where the comprehensive SPF/DKIM failure report will be delivered.
pct: Denotes the percentage of emails subject to the policy application.

To prevent emails from being marked as spam, bounced, or experiencing delays in delivery, it is mandatory to set your policy (p) to none in DMARC record. “p = none”

If the policy (p) is set to "quarantine" or "reject," the emails will either be redirected to the spam folder or will not be delivered to the recipient, respectively. 

Ensure DMARC Alignment 

DMARC alignment pertains to the uniformity in the alignment of email authentication mechanisms, particularly SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), with the domain asserted by the sender.

Sample DMARC - SPF Alignment

Sender Address

From: Header

Strict Alignment

Relaxed Alignment

support@mycompany.com

support@mycompany.com

Pass

Pass

support@admin. mycompany.com

support@mycompany.com

Fail

Pass

support@mycompany.org

support@mycompany.com

Fail

Fail

 
SPF Strict Alignment: A precise match between the SPF-authenticated domain and the domain specified in the header's "From:" address. 

SPF Relaxed Alignment: The domain indicated in the "From:" address of the header should either match or be a subdomain of the SPF-authenticated domain. 

Sample DMARC - DKIM Alignment

From: Header

DKIM d= domain

Strict Alignment

Relaxed Alignment

support@mycompany.com

mycompany.com

Pass

Pass

support@admin. mycompany.com

mycompany.com

Fail

Pass

support@mycompany.org

mycompany.com

Fail

Fail


DKIM Strict Alignment: A precise match between the relevant DKIM domain and the domain specified in the header's "From:" address. 

DKIM Relaxed Alignment: The domain mentioned in the "From:" address of the header must either coincide with or be a subdomain of the SPF-authenticated domain. 

Add ARC headers 

Implement ARC (Authenticated Received Chain) authentication to avoid Gmail categorizing the email as unauthenticated, especially when utilizing frequent mail forwarding practices.
For additional information on ARC authentication, please refer to the official Google document linked here.

Set up SPF & DKIM 
Mail authentication protocols such as SPF & DKIM should be implemented for organization sending emails to google or yahoo recipients.

What are the consequences if the deadline is not met? 

Adhering to the sender requirements before the deadline is crucial for optimizing email delivery. Failure to meet the criteria detailed in this article may lead to your email not reaching its destination as intended or being categorized as spam.

Quick Summary:

The Update - Gmail and Yahoo are implementing robust email authentication standards from February 2024.
The Effects - Failure to meet these requirements may result in emails being categorized as spam or not reaching their intended destination.
The Action to be taken - Users sending 5000 or more emails daily must implement SPF,  DKIM and publish DMARC policies. 


Regards,
Sumaya Howth - Product Manager
The Zoho Desk Team

    • Sticky Posts

    • 2024 Email Authentication Standards: Elevating Security with Google and Yahoo

      In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email

    • Using Agent Email Address as From Address

      Currently, while replying to a ticket, it is possible for agents to choose their own email addresses as 'from' addresses. Although we built this just for that little extra flexibility, in hindsight, it hasn't figured much in conventional usage.  Almost all businesses prefer that responses to their customers' tickets be sent from the common support/service email address and NOT from those of individual agents. During personal interactions at events, some of you have even made passing mentions about

    • Edit and Delete options in Comments

      A lot of teams have been using ticket comments extensively to collaborate everyday. Notification Center further improved this experience by bringing real-time updates. As we continue to build more improvements to this experience, we've shipped a small-yet-important

    • Webinar 2: Supercharged customer support for growing business

      Join us for this webinar and learn how to step up your support game using a real-time communication platform to generate happier, more successful customers. In this live webinar, we will will discuss the importance of SalesIQ for your support team and how it can help you:  Understand your customers better and their journeys to proactively support and engage them even before they ask for help.  Integrating real time conversations into Zoho Desk’s Support, providing a conversational customer service

    • Customize Colors of your Customer Self Service Portal

      You asked for it. We heard you. We're happy to roll out the most sought after feature request, Customizing the Colors of your Customer Self-service Portal. Now you can set the color of your customer portal to mimic your company's web site, so that your customers visiting the portal will not feel alienated by the default theme.  Go ahead and configure the color of the header, tabs, fonts and background according to your needs. You can either choose between default color themes like Blue, Grey, Green

    • Recent Topics

    • Adding a custom formula field from sub-forms

      I have used my 5 Aggregated Sum fields in the subform. I have another column I want to add a summary of. This can be in a separate section/field. The formula field won't pull in information from the sub-form. How do I pull information from the sub-form

    • Remove Zoho Header from Portals

      I have a portal page with custom domain. But when I print directly from a webpage, the Zoho CRM header shows. It kind of kills the branding aspect. Is there a way to get rid of this?

    • Creator List not showing

      I've edited a list in creator, but when I open it in the live version the list is completely different. Anyone know why this is happening? Edit Version: Live Version:

    • Please design a better spam filter

      Hi Team, While I love Zoho Mail for all the awesome features you have designed - this is the one you need to do a lot of work on - Spam Filter. Your spam categorization seems to be very inefficient - any email containing brand images or a tracking pixel

    • Host not reachable when sending

      For few partner that I send regular emails now got error and they don't receive emails Temporary failure fam-xxx.hr/185.xx.xx.xxx Host not reachable. Have more than 20 mails in https://mailadmin.zoho.eu/cpanel/home.do#mailSettings/retryEmail please

    • IP flagged as abusive

      I'm getting the error that 136.143.188.15 is listed as abusive. I've checked with mxtoolbox.com and it is indeed in the list

    • App passwords stop working

      Some of my app passwords appear to stop working after awhile. Seems to happen every 6 months or so. Just had to change one again for the second time in a year. Is this a bug or a feature? Or perhaps changes are being made on the back end on occasion that

    • Duplicate entries for contacts birthdays

      Good morning I have recently started to use my Zoho calendar and noticed that there are multiple birthday events showing for some of my contacts. I have checked my contacts and there were duplicates for some contacts which I have now rectified but the

    • Problem: New Email Consistently Failing to Sync/Display in Inbox

      Recently, I have noticed that my Zoho Email inbox does not indicate I've received a new email, until I go to *another* folder and then return to the inbox. Only then will new emails be displayed. This has happened 100% of the time, during the past few

    • Zoho IMAP Access to mail doesn't sync messages

      As stated in the topic - I have company account email address setup, and it has ( as in the picutre ) ActiveSync and Imap access enabled. However the messages does not show up while logged in in Zoho Mail however when I log in in thunderbird everything

    • Cliq iOS can't see shared screen

      Hello, I had this morning a video call with a colleague. She is using Cliq Desktop MacOS and wanted to share her screen with me. I'm on iPad. I noticed, while she shared her screen, I could only see her video, but not the shared screen... Does Cliq iOS is able to display shared screen, or is it somewhere else to be found ? Regards

    • Temps working custom view in Zoho Recruit

      How do you create a custom view of temps working for this week.  I have tried multiple combinations of job status, start date, end date etc but I am unable to find the correct combinations to show the temps I have working this week?? Any suggestions on how I can do this. 

    • Client Scripts similar to CRM?

      Hi, Is there any plans for Client Scripts to become a feature of Recruit? Feel this will be a great benefit to a number of users. Would be great for example in cases where a Client has banned / blacklisted a Candidate - so that if that candidate is associated

    • Announcing Zoho Sheet desktop app for macOS and Windows (Beta)

      Hello Sheet users, We know you’ve been waiting for this one. It has always been the top priority on our roadmap to provide a single native desktop app for macOS and Windows that works both online and offline. Today, we are excited to announce that the

    • Automated entries past the current month in a calendar report

      Hi all, I have an automation problem. I have a form which on successfull entry adds either 5 or 10 more of these entries with a slight change so our customers can see it throug a calendar report on the webiste. The entry put in manually shows up perfectly

    • Billing Status Update

      Hello Latha, I’m working on a new automation (deluge) to fulfill one of our requirements. In this automation, there is a step to update the Work Order billing status from “Not Yet Invoiced” to “Non-Billable.” I tried to find the API information relevant

    • What's New in Zoho POS - April 2026

      Hello everyone, Welcome to Zoho POS’s monthly update, where we share our latest feature updates, enhancements, events, and more. Let’s take a look at how April went. Access and manage other web applications in Zoho POS with Web Tabs You can now access

    • Many Zoho POS Issues

      Can not apply credits from a customers account as a form of payment. It shows that you can but there is a bug that does not execute the action. Reported many times. Can not view Sessions from Zoho POS WebView, throws a JQUERY error Workflows and actions

    • HOW I CAN GET BETA VERSION FOT TESTING

      HI. ZOHO I AM INTERESTED IN YOUR BETA SOFTWARE TO EXPERIENCE NEW FEATURES.

    • Multiple EAN code for product

      option to add multiple EAN code for product???

    • Issue adding/changing mobile number for OTP

      Hi Zoho Community, I’m trying to add or change my mobile number, but I keep getting this error: “We’re unable to send OTP to this mobile number. Please contact support-as@eu.zohocorp.com” Because of this, I can’t verify my number or continue the setup.

    • Zoho Payroll Canada does not work

      We submitted payroll within the required timelines. The money was withdrawn from our account and our employees have not been paid. Impossible to get a hold of someone at Zoho. I can’t believe the company operates like this. What a bloody disgrace. Shame

    • Enhance Appointment Buffers in Zoho Bookings

      There was previously a long-standing feature request related to enhancing the way appointment buffers work in Zoho Bookings, but it looks like the original post has been deleted. I am therefore adding a new request that Zoho Bookings adjust how appointment

    • Functionality based URL to find records due today or in the next week

      I need to construct a URL to filter a view to records where the evaluation is due soon (i.e. in the next 7 days). To me, that includes today, but Zoho has a different opinion. Zoho defines 39 as NEXT_7_DAYS but this gives unexpected results. https://creatorapp.zoho.eu/...#Report:My_Evaluations?Evaluation_due_by_op=39

    • Allow customers to choose meeting venue and meeting duration on booking page

      My business primarily involves one-to-one meetings with my clients. Given the hybrid-work world we now find ourselves in, these meetings can take several forms (which I think of as the meeting "venue"): In-person Zoom Phone call I currently handle these

    • Event Time Zone in meeting invites are confusing users

      When sending calendar invites to internal and external users, the first section "Event Time Zone" is confusing people and they are automatically declining events. Can this section please be removed??? It already shows the correct time zone next to the

    • Forwarding without verification

      Hi, I use Tripit to keep track of all my business travel. I've recently moved over to Zoho and wanted to set up a forwarding rule to send various travel confirmation emails automatically to plans@tripit.com Obviously this is an email address I don't control,

    • Filter by user in Pivot Chart

      I have a Pivot chart where the data should be filtered by user. The user enters the system and should see only the data that correspond to it. Can anyone help me?

    • All new Address Field in Zoho CRM: maintain structured and accurate address inputs

      Availability Update: 29 September 2025: It's currently available for all new sign-ups and for existing Zoho CRM orgs which are in the Professional edition exclusively for IN DC users. 2 March 2026: Available to users in all DCs except US and EU DC. 24

    • Whatsapp Limitation Questions

      Good day, I would like to find out about the functionality or possibility of all the below points within the Zoho/WhatsApp integration. Will WhatsApp buttons ever be possible in the future? Will WhatsApp Re-directs to different users be possible based

    • Internal mails on our company domain (managed by Zoho) do not get delivered

      Hi last week Thursday and Friday a colleague had sent me two emails which did not show up at all in my inbox, spam or anywhere else. What this a problem with Zoho mail in general or did this affect just us? From the forum is reads like many problems had

    • #2 The Tax Talk Nobody Wants to Have

      "We are also able to manage our GST invoices without worrying about compliance issues. With Zoho Invoice, we are happy, our tax consultant is happy, and so are our customers," rejoices Shivprateek Habib, Partner, Flutterboots Services LLP. That's usually

    • Bulk upload images and specifications to products

      Hi, Many users have asked this over the years and I am also asking the same. Is there any way in which we can bulk upload product (variant) images and product specifications. The current way to upload/select image for every variant is too cumbersome.

    • Workflows fail silently in Zoho CRM and there is no native way to know

      Workflow automation is honestly one of the biggest reasons my clients choose Zoho. But there is one problem I keep running into across almost every implementation. When a workflow fails, nobody finds out. Email alerts hit daily limits and just stop. Custom

    • Zoho Commerce and Third-party shipping (MachShip) API integration

      We are implementing a third-party shipping (MachShip) API integration for our Zoho Commerce store and have made significant progress. However, we need guidance on a specific technical challenge. Current Challenge: We need to get the customer input to

    • Is there a way to update bounce domain after verification process has started

      Hi Zeptomail Team, I've created a domain and we did not update the bounce domain to our custom record... the validation has already started and I am now unable to update the bounce domain. Is there any way to get this updated on the backend without deleting

    • Pre-orders at Zoho Commerce

      We plan to have regular producs that are avaliable for purchase now and we plan to have products that will be avaliable in 2-4 weeks. How we can take the pre-orders for these products? We need to take the money for the product now, but the delivery will

    • How to Customize the Member Portal Login Page?

      Hi everyone, I am currently using the default member portal login page for Zoho Commerce, but I feel it looks quite plain and doesn’t align well with my brand's style. I would like to make it more visually appealing, possibly by: Adding custom colors

    • Picklist values out-of-date in Campaigns

      Hi I use a CRM (Global) picklist set of values for my field "Connection Strength" (see screenshot 1). . I use Campaigns to follow-up and change the Connection Strength value depending on their stage. The picklist values that appear in the dropdown for

    • Refering cell from other sheet

      Hi, If we want to refer any cell in the same sheet its very easy, like suppose if I want to refer cell A2  in P7 I just need to type =A2 in P7, similarly how can I refer a cell present in different sheet ( I mean refer cell A2 from Sheet1 into Sheet2) Thanks

    • Next Page