2024 Email Authentication Standards: Elevating Security with Google and Yahoo

2024 Email Authentication Standards: Elevating Security with Google and Yahoo

In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email authentication requirements to combat harmful messages and emphasize the crucial role of data security. This measure aims to prevent restrictions on sending rates, message blocking, and marking messages as spam.



Who will experience the effects? 

The updated security guidelines apply to all users, particularly those who send 5000 or more than 5000 emails per day from ZOHO DESK. Not following these guidelines may lead to email delivery delays, blocked messages, or the categorization of emails as spam.

Not to worry. We are here to support you with the best possible solutions.

Basic details that every sender should be aware of
 
To safeguard your path in 2024, it is mandatory to follow the fundamental requirements, beginning with email authentications.

When utilizing a Gmail domain in the 'From' address, it is essential to configure the address with its dedicated SMTP for ensuring accurate mail delivery.

For recipients on gmail.com or googlemail.com, it is recommended to publish DMARC for the sender domain to enhance prompt mail delivery. 

Verify with your own SMTP 

In adherence to the new guidelines, reply emails sent from Zoho Desk with From addresses belonging to gmail.com, googlemail.com, to any domains may be bounced or marked as spam. Therefore, we kindly request all customers to configure these From addresses with your own SMTP verification and use TLS for transmitting email rather than Zoho SMTP. If the From addresses were verified previously with your own SMTP, we will continue using the same authentication for all notification emails sent from Zoho Desk.



Rolling out SPF & DKIM  

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are vital email authentication protocols that protect against spam, phishing, and spoofing. SPF verifies the authenticity of emails from your domain, while DKIM confirms their source by validating authorized servers associated with sending domains. These protocols work together to validate emails, ensuring that they originate from legitimate sources and have not been tampered with during transmission. This implementation enhances the overall security of your email communications by reducing the risk of email spoofing, phishing, and other malicious activities. 

Minimal Spam Rate 

Maintain spam rates below 0.10% and ensure they never exceed 0.30% for optimal email deliverability.

Essential  Requirements for Users Sending 5000 or More Emails Daily 

Implement DMARC Policy 

DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that leverages the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to authenticate emails. This helps in preventing forging emails and engaging in unauthorized activities through them.

 How DMARC Works: 

1: Publish the DMARC policy outlining instructions for mailbox providers' receiving servers on how to handle emails that breach the policy.
2: Authenticate your sender domain by implementing SPF and DKIM.
3: The receiving server will apply the DMARC policy and execute the instructions specified in the policy.
4: The receiving server will send a report detailing how it handled the email to the reporting email address specified in the DMARC record.

Sample: DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100

v: Signifies the DMARC version in use.
p: Signifies the policy established by the business.
rua: Specifies the URI for sending a consolidated report, including information on SPF and DKIM validation results, details about the sending and receiving domains, and the percentage of successful authentications.
ruf: Specifies the email address where the comprehensive SPF/DKIM failure report will be delivered.
pct: Denotes the percentage of emails subject to the policy application.

To prevent emails from being marked as spam, bounced, or experiencing delays in delivery, it is mandatory to set your policy (p) to none in DMARC record. “p = none”

If the policy (p) is set to "quarantine" or "reject," the emails will either be redirected to the spam folder or will not be delivered to the recipient, respectively. 

Ensure DMARC Alignment 

DMARC alignment pertains to the uniformity in the alignment of email authentication mechanisms, particularly SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), with the domain asserted by the sender.

Sample DMARC - SPF Alignment

Sender Address

From: Header

Strict Alignment

Relaxed Alignment

support@mycompany.com

support@mycompany.com

Pass

Pass

support@admin. mycompany.com

support@mycompany.com

Fail

Pass

support@mycompany.org

support@mycompany.com

Fail

Fail

 
SPF Strict Alignment: A precise match between the SPF-authenticated domain and the domain specified in the header's "From:" address. 

SPF Relaxed Alignment: The domain indicated in the "From:" address of the header should either match or be a subdomain of the SPF-authenticated domain. 

Sample DMARC - DKIM Alignment

From: Header

DKIM d= domain

Strict Alignment

Relaxed Alignment

support@mycompany.com

mycompany.com

Pass

Pass

support@admin. mycompany.com

mycompany.com

Fail

Pass

support@mycompany.org

mycompany.com

Fail

Fail


DKIM Strict Alignment: A precise match between the relevant DKIM domain and the domain specified in the header's "From:" address. 

DKIM Relaxed Alignment: The domain mentioned in the "From:" address of the header must either coincide with or be a subdomain of the SPF-authenticated domain. 

Add ARC headers 

Implement ARC (Authenticated Received Chain) authentication to avoid Gmail categorizing the email as unauthenticated, especially when utilizing frequent mail forwarding practices.
For additional information on ARC authentication, please refer to the official Google document linked here.

Set up SPF & DKIM 
Mail authentication protocols such as SPF & DKIM should be implemented for organization sending emails to google or yahoo recipients.

What are the consequences if the deadline is not met? 

Adhering to the sender requirements before the deadline is crucial for optimizing email delivery. Failure to meet the criteria detailed in this article may lead to your email not reaching its destination as intended or being categorized as spam.

Quick Summary:

The Update - Gmail and Yahoo are implementing robust email authentication standards from February 2024.
The Effects - Failure to meet these requirements may result in emails being categorized as spam or not reaching their intended destination.
The Action to be taken - Users sending 5000 or more emails daily must implement SPF,  DKIM and publish DMARC policies. 


Regards,
Sumaya Howth - Product Manager
The Zoho Desk Team

    • Sticky Posts

    • Webinar 2: Supercharged customer support for growing business

      Join us for this webinar and learn how to step up your support game using a real-time communication platform to generate happier, more successful customers. In this live webinar, we will will discuss the importance of SalesIQ for your support team and how it can help you:  Understand your customers better and their journeys to proactively support and engage them even before they ask for help.  Integrating real time conversations into Zoho Desk’s Support, providing a conversational customer service
    • Customize Colors of your Customer Self Service Portal

      You asked for it. We heard you. We're happy to roll out the most sought after feature request, Customizing the Colors of your Customer Self-service Portal. Now you can set the color of your customer portal to mimic your company's web site, so that your customers visiting the portal will not feel alienated by the default theme.  Go ahead and configure the color of the header, tabs, fonts and background according to your needs. You can either choose between default color themes like Blue, Grey, Green
    • Edit and Delete options in Comments

      A lot of teams have been using ticket comments extensively to collaborate everyday. Notification Center further improved this experience by bringing real-time updates. As we continue to build more improvements to this experience, we've shipped a small-yet-important
    • 2024 Email Authentication Standards: Elevating Security with Google and Yahoo

      In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email
    • Announcing the New and Improved Article Editor

      KBase articles are known to help customers, find solutions to problems on their own and set the stage for ticket deflection. That said, the way you present your KBase content is the clinching factor that ensures your customers stick around to consume it.  We took it upon ourselves to build an editor that allows you to publish articles without delving into the code. Well, at least for the most part. With more options and a redefined interface, the article editor in Zoho Desk is now better than ever!
    • Recent Topics

    • Simplify your day-to-day sales operations with new List View actions

      Greetings everyone, Here are a few enhancements for quick actions in modular List Views that will make your day-to-day CRM operations much easier. List Views in modules display records in rows and columns based on set criteria, and are useful for presenting
    • Zoho Sign Product updates - H2 2024

      Hello! We have almost come to the end of 2024! Here's a list of features and enhancements that went live in the later half of the year. NOM 151 certification Witness signing Formula, conditional, and custom fields Zoho Sign's extension for Bigin by Zoho
    • Constant Sync Errors 🙄

      I'm constantly getting sync error notifications with no actual resolution. Also... I have folders and files with a (!) on the cloud icon, indicating it's not accessible. This has also led to the complete loss of certain folders. Like... the go missing!
    • Build custom AI solutions with Catalyst’s QuickML capabilities in CRM

      Hello everyone, We’re thrilled to announce an improvement for our Zoho CRM Enterprise users: the ability to create custom AI solutions using Catalyst’s QuickML directly from Zoho CRM. As you may already know, Zia, Zoho CRM’s AI-powered assistant, offers
    • 【Zoho CRM】Webフォームに関するアップデート

      ユーザーの皆さま、こんにちは。コミュニティチームの中野です。 「Zoho CRM アップデート情報」の中からWebフォームに関するアップデートについて紹介します。 今回、以下2点のアップデートがありました。 ダブルオプトイン(2段階の同意確認)後の確認メッセージのカスタマイズ 登録から確認まで一貫したユーザーエクスペリエンスを顧客に提供するために、カスタマイズされた確認メッセージを作成できるようになりました。 ダブルオプトイン認証メールのカスタマイズ 顧客に最初から興味を持ってもらえるよう、パーソナライズされたメールを作成できるようになりました。ユーザーのブランドに合った本文を作成し、パーソナライズすることで、様々な顧客に対応することができます。
    • Converting Time and Time Zones

      Hi Everyone I am trying to convert a time Zone to the local time of the user. I am fetching some data from an API, and it is coming back in this format: 2024-12-09T16:49:23Z This is in UTC/GMTZulu time. I am looking to convert it to the user time. In
    • Tip of the week 34 - 5 ways to maintain your email list

      A proper email list often reflects the reach of an institution. This reach is coveted by all but achieved by some. We often forget about drawbacks and incline towards numbers. Success is often reflected by quality and not quantity. This simple message reverberates in maintaining a hygienic email list. Here are five tips which will help you maintain a proper email list.    Organic email lists   Non-stop competition can make us susceptible to shortcuts like buying and renting lists from third party
    • Whatsapp Limitation Questions

      Good day, I would like to find out about the functionality or possibility of all the below points within the Zoho/WhatsApp integration. Will WhatsApp buttons ever be possible in the future? Will WhatsApp Re-directs to different users be possible based
    • Can not send campaign

      Hi, I'm trying to send a newsletter to my subscribers, but seems is not working - or maybe I did some wrong steps re. upgrades. I'm the admin for this account, no other person is using Zoho for my campaigns and I did not access the platform during last
    • Does Zoho campaign de-duplicate based on mobile for SMS campaigns?

      Hi - We recently sent our first SMS campaign using Zoho Campaign integrated into Burst SMS and got feedback that some of our customers received multiple messages. Upon inspection, this was due to multiple contacts in our list containing the same mobile
    • Multilingual Newsletter

      Hi, Can Zoho campaign give the possibility to create and send a campaign in English and French, giving the possibility to the person receiving it to switch from default language chosen for a campaign? thnaks
    • Top Menu Disappeared from Blog Page

      Hi, Our top menu disappeared at Blog Posts page. However, it's still visible any other page on the website. I attached two screenshots, so it can be understood clearly. How can we bring back top menu? Thanks, K.
    • Add Comment/Notes to Each Action in Zoho Flow for Internal Documentation

      It would be great if Zoho Flow could introduce a field to every action where we can make an internal note about why we are doing something with a specific action. This is especially helpful if more than one person from the organization handles automation
    • Questions about To Do

      1. I created a To Do note on Android and there is a line sorting option in the options drop down menu. But I didn’t find such an option in the PC client. I really need this option. 2. Why is there no search in To Do on the PC client? 3. Why is there no
    • Tip of the week 03 - Sending emails in batches

      Today's marketers not only want their email marketing to be efficient, but also smart. For an email campaign, you may think you have all the essential elements for lead conversion—a big mailing list, an attractive template design, and the most-engaging message content, but after hitting the ‘send’ button, you may not get the expected conversions. Wondering why? Here’s one of the major reasons. Many marketers miss out on sending the email campaign the right way. Did you know that you should not be
    • Sites Speed and Performance Grades

      I noticed that there are no recent inquiries or complaints about load speed or performance issues with Zoho Sites websites. However, I wanted to understand what Zoho has done to ensure that speed remains optimized, images are compressed and lazy loaded,
    • Feature Request - Configurable Payment Icons + Pay Now link in email.

      The PAY NOW buttons (icons) on invoices are really small. It would be great if we could make that a big, colored icon. Better would be to add a button to emails as well. 
    • Survey end date extension

      Hi, Is there any way to extend the end date of my survey? I needed more time in finding respondents that is why I need to extend the end date of my survey. Help. Thanks
    • AI read notes or explanation

      It would be such a great feature to have AI voices be able to read our Notes or Explanation If not having the AI speak the notes at run time, how about a feature where inside of Zoho Show you can have it look at all the notes of all the slides and have
    • Help with technical problem

      Hello, I want to make it so I can say how many days are left until a date is reached, and for it to give me a status on if its VALID, EXPIRED, or ABOUT TO EXPIRE, but the problem I'm having is I want it to be compared to the date every day, not just the
    • Managing Prepaid Hours for Consulting

      We are a consulting firm that bills clients a flat upfront annual fee plus an hourly rate and offer a discount for pre-paying a block of hours. Hours that surpass the pre-paid block are billed monthly at the normal rate. If there are any pre-paid hours remaining at the end of the project they are banked for future use. I'm not seeing a method of doing this in Projects/Books/CRM... thoughts?
    • Email Verification Tool

      Hi there, just came across this tool for Google Sheets https://www.producthunt.com/posts/email-verification-tool-for-google-sheets-2 How would one do to automatically verify/validate email addresses entered on the CRM in a similar way?
    • Get DealID when Deal Created?

      Hi What's the easiest way to grab the DealID when a deal is created?  I want to add it to a custom field on the deal. Thanks
    • ZOHO Widget SDK not loading in html

      I have this code below, I have imported the widgetsdk however I get the error shown in the image, I have tried many different ways of importing and initiating the function ZOHO but nothing is working. can someone explain what I'm doing wrong, if I am
    • Enhancements to Zoho Corp Help Center "Team Requests" View

      Dear Zoho Team, I hope this message finds you well. The ability to view both my tickets and my team’s tickets in the Zoho Corp Help Center is a fantastic feature, especially as the focal point for Zoho in our organization. However, we’ve encountered a
    • Allow Multiple Scheduled Appointments with Zoho Support

      Dear Zoho Team, I hope you're doing well. First, thank you for introducing the option to schedule support calls via the Zoho CRM booking link. This has been a fantastic enhancement, eliminating the need for back-and-forth coordination when scheduling
    • In Zoho Projects, is there a way to create a folders template under documents that can be used once a project is created?

      We have a specific folder structure that we would like to use that is standard across every project. Instead of having to create this structure every time a project is created, is there a way to create a template for the folders that can be added?
    • Projectwise budget ---

      Can we have a Project wise subject in addition to the Monthly, and quarterly ACCOUNT LEVEL budget?
    • WorkDrive API Documentation

      WorkDrive provides users and developers an extensive set of APIs to help integrate functionalities of Zoho WorkDrive with other Zoho applications and third-party tools. We have published the official WorkDrive API Documentation page for all external users.
    • Error 403: Forbidden When Updating Email Signature via API

      Hi Zoho Desk team, First, congratulations again on the excellent Zoho API. But, I’m encountering an issue while attempting to update an email signature via the API. Whenever I make a request to update the signature, the response returns an HTTP 403 Forbidden
    • Who can see draft replies on tickets?

      We have noticed that we are able to see draft replies made by other agents. Which settings can limit this visibility? It makes sense to me that admins and the agent who created the draft would be able to see the draft, but no one else. How can we make
    • Serious question: Are there actually "solo-preneurs"/small business owners who made Zoho-one work well for them?

      L.S. After already many years of continued struggle with Zoho-One, I am seriously wondering if there are actually solo-preneurs (one person small business owners - without a large, dedicated IT dept.) who got it (Zoho-One) to work well for their businesses.
    • Major iOS issues when accessing forms via the browser

      Hi, We have been using forms for some time, while the office staff are accessing the forms via the app on Android mobiles, we have a fleet of sub contractors that we would not like them having access to the main app as some of the forms are confidential
    • All notes disappeared

      I've been using the notebook app for over five years on my phone without being logged into an account. A few days ago I opened the app and all my notes had disappeared. Since then I tried restarting my phone, updating the app and logging into my account,
    • Leads and Deals Issue

      Hi! Is Zoho having trouble today? I've been experiencing issues today. When I move a deal to closed/won, it previously would require a closing date but today the screen just went blur and the closing date did not pop up. And then under leads, I was trying
    • How to Iterate a Function in Zoho Desk Workflow with Delay Between Calls?

      Hi everyone, I’m working on a function in Zoho Desk that searches for a specific ticket record. If the ticket is not found, I need to retry the search multiple times with a delay between each attempt until the ticket is located or a maximum number of
    • Zoho Books API Limit Is RIDICULOUS!!!!!!!!!!!!!

      The 2,500 API call limit in Zoho Books is about as useful as AOL dialup.  Seriously Zoho, not only can I use up 2,500 API calls in no time with my own app but YOUR OWN STUPID IPAD APP blows through them super fast too, so if any one of my clients wants
    • QR codes in templates

      I'm excited about the new QR code generator. I have included a QR code that contains the record ID setting "${ID}" as input data. In the report detail it works perfectly but when printing it in a template the code is not shown.
    • Button Display Conditions

      Hi Guys, Is it at all possible to have extra button conditions? Context: We have data in our deals module which has a custom button which converts the deal into contacts + set up relationships between them. At the end of the conversion we set a field
    • Knowledge base: The nitty-gritty of SEO tags

      A well-optimized knowledge base with great SEO can benefit your company by allowing customers to find help articles and support resources using search engines. This enables customers to quickly and efficiently find the information they need without direct
    • Next Page