2024 Email Authentication Standards: Elevating Security with Google and Yahoo

2024 Email Authentication Standards: Elevating Security with Google and Yahoo

In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email authentication requirements to combat harmful messages and emphasize the crucial role of data security. This measure aims to prevent restrictions on sending rates, message blocking, and marking messages as spam.



Who will experience the effects? 

The updated security guidelines apply to all users, particularly those who send 5000 or more than 5000 emails per day from ZOHO DESK. Not following these guidelines may lead to email delivery delays, blocked messages, or the categorization of emails as spam.

Not to worry. We are here to support you with the best possible solutions.

Basic details that every sender should be aware of
 
To safeguard your path in 2024, it is mandatory to follow the fundamental requirements, beginning with email authentications.

When utilizing a Gmail domain in the 'From' address, it is essential to configure the address with its dedicated SMTP for ensuring accurate mail delivery.

For recipients on gmail.com or googlemail.com, it is recommended to publish DMARC for the sender domain to enhance prompt mail delivery. 

Verify with your own SMTP 

In adherence to the new guidelines, reply emails sent from Zoho Desk with From addresses belonging to gmail.com, googlemail.com, to any domains may be bounced or marked as spam. Therefore, we kindly request all customers to configure these From addresses with your own SMTP verification and use TLS for transmitting email rather than Zoho SMTP. If the From addresses were verified previously with your own SMTP, we will continue using the same authentication for all notification emails sent from Zoho Desk.



Rolling out SPF & DKIM  

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are vital email authentication protocols that protect against spam, phishing, and spoofing. SPF verifies the authenticity of emails from your domain, while DKIM confirms their source by validating authorized servers associated with sending domains. These protocols work together to validate emails, ensuring that they originate from legitimate sources and have not been tampered with during transmission. This implementation enhances the overall security of your email communications by reducing the risk of email spoofing, phishing, and other malicious activities. 

Minimal Spam Rate 

Maintain spam rates below 0.10% and ensure they never exceed 0.30% for optimal email deliverability.

Essential  Requirements for Users Sending 5000 or More Emails Daily 

Implement DMARC Policy 

DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that leverages the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to authenticate emails. This helps in preventing forging emails and engaging in unauthorized activities through them.

 How DMARC Works: 

1: Publish the DMARC policy outlining instructions for mailbox providers' receiving servers on how to handle emails that breach the policy.
2: Authenticate your sender domain by implementing SPF and DKIM.
3: The receiving server will apply the DMARC policy and execute the instructions specified in the policy.
4: The receiving server will send a report detailing how it handled the email to the reporting email address specified in the DMARC record.

Sample: DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100

v: Signifies the DMARC version in use.
p: Signifies the policy established by the business.
rua: Specifies the URI for sending a consolidated report, including information on SPF and DKIM validation results, details about the sending and receiving domains, and the percentage of successful authentications.
ruf: Specifies the email address where the comprehensive SPF/DKIM failure report will be delivered.
pct: Denotes the percentage of emails subject to the policy application.

To prevent emails from being marked as spam, bounced, or experiencing delays in delivery, it is mandatory to set your policy (p) to none in DMARC record. “p = none”

If the policy (p) is set to "quarantine" or "reject," the emails will either be redirected to the spam folder or will not be delivered to the recipient, respectively. 

Ensure DMARC Alignment 

DMARC alignment pertains to the uniformity in the alignment of email authentication mechanisms, particularly SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), with the domain asserted by the sender.

Sample DMARC - SPF Alignment

Sender Address

From: Header

Strict Alignment

Relaxed Alignment

support@mycompany.com

support@mycompany.com

Pass

Pass

support@admin. mycompany.com

support@mycompany.com

Fail

Pass

support@mycompany.org

support@mycompany.com

Fail

Fail

 
SPF Strict Alignment: A precise match between the SPF-authenticated domain and the domain specified in the header's "From:" address. 

SPF Relaxed Alignment: The domain indicated in the "From:" address of the header should either match or be a subdomain of the SPF-authenticated domain. 

Sample DMARC - DKIM Alignment

From: Header

DKIM d= domain

Strict Alignment

Relaxed Alignment

support@mycompany.com

mycompany.com

Pass

Pass

support@admin. mycompany.com

mycompany.com

Fail

Pass

support@mycompany.org

mycompany.com

Fail

Fail


DKIM Strict Alignment: A precise match between the relevant DKIM domain and the domain specified in the header's "From:" address. 

DKIM Relaxed Alignment: The domain mentioned in the "From:" address of the header must either coincide with or be a subdomain of the SPF-authenticated domain. 

Add ARC headers 

Implement ARC (Authenticated Received Chain) authentication to avoid Gmail categorizing the email as unauthenticated, especially when utilizing frequent mail forwarding practices.
For additional information on ARC authentication, please refer to the official Google document linked here.

Set up SPF & DKIM 
Mail authentication protocols such as SPF & DKIM should be implemented for organization sending emails to google or yahoo recipients.

What are the consequences if the deadline is not met? 

Adhering to the sender requirements before the deadline is crucial for optimizing email delivery. Failure to meet the criteria detailed in this article may lead to your email not reaching its destination as intended or being categorized as spam.

Quick Summary:

The Update - Gmail and Yahoo are implementing robust email authentication standards from February 2024.
The Effects - Failure to meet these requirements may result in emails being categorized as spam or not reaching their intended destination.
The Action to be taken - Users sending 5000 or more emails daily must implement SPF,  DKIM and publish DMARC policies. 


Regards,
Sumaya Howth - Product Manager
The Zoho Desk Team

    • Sticky Posts

    • 2024 Email Authentication Standards: Elevating Security with Google and Yahoo

      In contemporary email communication, email authentication plays a pivotal role in mitigating email fraud, spam, and phishing attacks. Brace yourself for a new level of security. Starting February 2024, Gmail and Yahoo will be implementing robust email

    • Using Agent Email Address as From Address

      Currently, while replying to a ticket, it is possible for agents to choose their own email addresses as 'from' addresses. Although we built this just for that little extra flexibility, in hindsight, it hasn't figured much in conventional usage.  Almost all businesses prefer that responses to their customers' tickets be sent from the common support/service email address and NOT from those of individual agents. During personal interactions at events, some of you have even made passing mentions about

    • Edit and Delete options in Comments

      A lot of teams have been using ticket comments extensively to collaborate everyday. Notification Center further improved this experience by bringing real-time updates. As we continue to build more improvements to this experience, we've shipped a small-yet-important

    • Webinar 2: Supercharged customer support for growing business

      Join us for this webinar and learn how to step up your support game using a real-time communication platform to generate happier, more successful customers. In this live webinar, we will will discuss the importance of SalesIQ for your support team and how it can help you:  Understand your customers better and their journeys to proactively support and engage them even before they ask for help.  Integrating real time conversations into Zoho Desk’s Support, providing a conversational customer service

    • Customize Colors of your Customer Self Service Portal

      You asked for it. We heard you. We're happy to roll out the most sought after feature request, Customizing the Colors of your Customer Self-service Portal. Now you can set the color of your customer portal to mimic your company's web site, so that your customers visiting the portal will not feel alienated by the default theme.  Go ahead and configure the color of the header, tabs, fonts and background according to your needs. You can either choose between default color themes like Blue, Grey, Green

    • Recent Topics

    • Introducing parent-child ticketing in Zoho Desk [Early access]

      Hello Zoho Desk users! We have introduced the parent-child ticketing system to help customer service teams ensure efficient resolution of issues involving multiple, related tickets. You can now combine repetitive and interconnected tickets into parent-child

    • How to add to Subforms via Zapier with Zoho Writer?

      I have the following layout for a Zoho Writer Document. As you can see there is a repeating subform taking in "Items". I am trying to make a Zapier integration with it, and I can see there is 1 field saying: "Items", but it does not specify how I'm supposed

    • Contrôles administratifs granulaires : un atout pour la sécurité des e-mails

      La moindre erreur dans votre système de messagerie peut coûter très cher à votre entreprise, tant en argent qu’en conformité et en image de marque. Pour beaucoup d’organisations, ce risque est bien réel. Les e-mails véhiculent quotidiennement des informations

    • Marketer's Space: Why mobile optimization deserves a place in your email strategy

      Hello Marketers, Welcome back to Marketer's Space! Today, we'll talk about the importance of creating mobile-friendly email designs. While mobile phones were once used only to make phone calls, today they're used for almost everything, including texting,

    • Collections Management: #6 Realign Customers who gets back In-Term

      Arun stared at the subscription list on his dashboard. Another account had just been moved to Cancelled status after completing the whole dunning process. Nothing unusual, just that payment failures happen, retries fail, and cancellation is the expected

    • Zoho Mail IP Blacklist

      I need problems with send mails: Error: junk mail rejected - sender4-op-o10.zoho.com 136.143.188.10, is in RBL. Spamcop. Please remove FQDN for blacklist. Regards.

    • I can receive but not send emails

      Hello, I've been not able to send emails for almost a year now. I been using alternate email to do this. I want to know how to fix this so I can use my zoho account normally again.

    • Setting checkbox value on template in Sign from Creator

      Good day, Please help me understand how do I set a tick from a checkbox in Creator into a checkbox on a Sign template. Below is the only values on the Sign template and the code from Creator, "field_boolean_data": {}, "field_date_data": {}, "field_radio_data":

    • The challenge of 24/7 connectivity: Being present and meeting customer expectations

      Before television entered our homes, radio was our window to the world. We had to tune carefully to catch voices from distant places. When television arrived, the world began to grow smaller. We can watch rocket launches, see the goal that wins our favorite

    • How to download all attachments from inbox, send, other folders in one go

      Hi All, Appreciate if anyone could help me with steps for below requirement. How to download all attachments from inbox, send, other folders in one go. Even mapping to new folder will help me. Thanks in advance.

    • Cannot connect mail accounts to Thunderbird

      Hi Support - I'm attempting to add my mail accounts to Thunderbird but I'm getting an unable to login to server error. I tried to use the password associated with my account I received the unable to login error. So I went into Zoho Accounts and generate

    • Alias Email Id already exists

      Hi, I just verified my domain sesque (dot) com and now I am trying to create the admin account using admin (at) sesque (dot) com, but I am getting an error saying "Alias Email Id already exists". I used to have another Zoho account with this email address,

    • Unable to connect to smtp server, connection timed out

      Hi Team, I am facing below issue, while sending out emails from thunderbird client. It used to work, facing this issue from morning. Error: Sending of the message failed. The message could not be sent because the connection to Outgoing server (SMTP) smtp.zoho.com

    • javax.mail.authenticationfailedexception 535 authentication failed

      Hi, I am facing 535 authentication failed error when trying to send email from zoho desktop as well as in webmail. Can you suggest to fix this issue,. Regards, Rekha

    • Issue with Creator's IF logic

      Hi, I found the following code produces unexpected results: if(-1.0 < 0.0000000) {       info "True"; } else {       info "False"; } if(-1.0 < 0.000000) {       info "True"; } else {       info "False"; } The output returned is: False True However, the

    • Client Portal ZOHO ONE

      Dear Zoho one is fantastic option for companies but it seems to me that it is still an aggregation of aps let me explain I have zoho books with client portal so client access their invoice then I have zoho project with client portal so they can access their project but not their invoice without another URL another LOGIN Are you planning in creating a beautiful UI portal for client so we can control access to client in one location to multiple aps at least unify project and invoice aps that would

    • Zoho Creator customer portal users

      Hi, I'm in a Zoho One subscription with our company. I'm running a project now that involves creating a Zoho Creater application and using the Zoho Creator Customer Portal.  At most we need 25 customer portal users. In our Zoho One plan we only get 3

    • DKIM Verification Failed (Namecheap)

      Hi! I have already set up the TXT records in Namecheap but I keep getting the "Verification Failed" pop up. Was wondering if I'm the only one who has this problem and can anyone help me with this? Thanks!

    • Emails stuck in Queue

      Hi there, Since yesterday I have a few out going emails stuck in a queue. It say it will auto retry sending however nothing is happening. It seems to be affecting roughly 50% of my outgoing emails. Please help Thanks

    • Soft Bounce from transational emails from BREVO (Sendinblue)

      I manage the website of a client who uses your EMAIL service for the domain floranativadobrasil.com. And I use the BREVO email service, previously called SendinBlue, to send transactional emails about events specific to the website. All emails sent to

    • Ability to Edit YouTube Video Title, Description & Thumbnail After Publishing

      Hi Zoho Social Team, How are you? We would like to request an enhancement to Zoho Social that enables users to edit YouTube video details after the video has already been published. Your team confirmed that while Zoho Social currently allows editing the

    • Introducing Multi-Asset Support in Work Orders, Estimates, and Service Appointments

      We’re excited to announce a highly requested enhancement in Zoho FSM — you can now associate multiple assets with Work Orders, Estimates, and Service Appointments. This update brings more clarity, flexibility, and control to your field service operations,

    • Getting an error Address not found Your message wasn't delivered

      Hey, I'm trying to configure zoho mail for my website https://businessentity.org/ The email is meredith.karter@businessentity.org I'm able to successfully send the mails but when someone sends an email to above mail, this error shoots up: Address not

    • Support Uploading YouTube Videos Longer Than 60 Minutes

      Hi Zoho Social Team, How are you? We would like to request support for uploading YouTube videos longer than 60 minutes directly through Zoho Social. Your support team informed us that Zoho Social currently cannot upload videos over 60 minutes due to “API

    • Need Faster Help? Try Live Chat Support

      Hello there, We understand that sometimes, whether you’re facing an issue, exploring a feature, or need quick clarification, sending an email and waiting for a response just doesn’t cut it. You need answers, and you need them now. That’s exactly why we

    • Can't deactivate Spell Check

      Hi Community, right now I'm using the Zoho Mail Desktop-Software. So far, so good.. many possibilities. Overall very nice. What is extremely annoying right now, is that we are not able to deactivate the Spell Check feature. And we are barely able to focus

    • Zoho Toolkit Email Signature Generator

      I'm having real issues with the email signature generator with no matter where I host the photo, Zoho doesn't seem to show the photo on the link provided?

    • Company Policy Upload - Request All EE to review and sign

      How can I upload policies into Zoho People and have the employees review them and sign off saying they agree, etc.? Also, if I make a revision to a policy, I would like that changed or updated policy to be distributed or have the employees notified that

    • Zoho Sign Global Settings vs. Template and Document

      Hello, We are running into an issue on a current use case. We already use Zoho Sign. Now that KBA is available, we want to begin using it in our tax delivery process, by allowing clients to sign electronically, but also download a copy of their return

    • Zoho Mail Desktop Crashes on Linux - Ubuntu 24 LTS

      Hi, I have been trying to run the desktop app on Ubuntu for the past few day with no luck. I have tried both the .deb package and the appImage. When I attempt to open the app. It just crashes immediately. The crash error dialog appeared once and I cant

    • Can't login to Zoho mail

      I'm logged into Zoho but when I try to go in zoho mail I get: Invalid request! The input passed is invalid or the URL is invoked without valid parameters. Please check your input and try again. I just set up my mx records and stuff with namecheap a few

    • Zoho IP blocked by SpamCop

      Hi, Many of my emails are blocked and I receive this:  INVALID_ADDRESS, ERROR_CODE :550, ERROR_CODE :spamcop.mimecast.org Blocked - see https://www.spamcop.net/bl.shtml?136.143.188.51. - https://community.mimecast.com/docs/DOC-1369#550 [DGwIYPPSOfWI

    • Differences between Zoho Books and Zoho Billing

      Without a long drawn out process to compare these. If you were looking at these Books and Billing, what made you opt for one and not the other. Thanks

    • Custom validation in CRM schema

      Validation rules in CRM layouts work nicely, good docs by @Kiran Karthik P https://help.zoho.com/portal/en/kb/crm/customize-crm-account/validation-rules/articles/create-validation-rules I'd prefer validating data input 'closer to the schema'

    • No Ability to Rename Record Template PDFs in SendMail Task

      As highlighted previously in this post, we still have to deal with the limitation of not being able to rename a record template when sent as a PDF using the SendMail Task. This creates unnecessary complexity for what should be a simple operation, and

    • Server error when trying to Data > Sort > Custom Sort

      Been using Data > Sort > Custom Sort for a while, now it has suddenly stopped working. When selecting the same data range and trying to execute, I get "Sorry! There was a problem saving your last edit. Please try again."

    • To Assign a genrated pdf to a file upload field using delug

      content = "<html><body>HTML Content on page One <div style='page-break-after:always'></div> HTML Content on page Two </body></html>"; file = zoho.file.convertToPDF(content); file.setFileName("Name of the file"); <variableName> = <FormLinkName>[ID == input.ID];

    • TArgets To Accounts (Modules)

      How can i set sale target to Customers (Accounts Module)

    • Breaking barriers with multilingual WhatsApp templates in IM

      Ever wondered what it feels like to be greeted in your own language by a brand you love? A “Welcome!” feels nice, but a “¡Bienvenido!” or “स्वागत है!” feels personal. In today’s global world, conversations often need to cross both time zones and cross

    • Super Admin Logging in as another User

      How can a Super Admin login as another user. For example, I have a sales rep that is having issues with their Accounts and I want to view their Zoho Account with out having to do a GTM and sharing screens. Moderation Update (8th Aug 2025): We are working

    • Next Page