DMARC requirement from major email providers

Google, Microsoft, Yahoo, and other major email service providers are increasingly requiring stronger security practices from email senders. They are doing this to help cut down on the amount of spam and malicious emails their users are receiving, and that their systems need to try and filter out.

For example, Google is requiring that all senders who want Gmail users to be able to receive their messages authenticate their messages with SPF or DKIM, along with several other requirements. Google is requiring senders who are sending more than 5,000 emails per day to enable SPF, DKIM, and DMARC for their domain.

Our recommendation is to always go above and beyond the bare minimum. Even if you aren't a bulk sender, follow all best practices (yes, even those only required for bulk senders). It'll help protect your domain from malicious actors - no fish is too small for the automated attacks out there. Malicious actors are constantly doing automated scans of the Internet to find vulnerabilities they can exploit, including unprotected email domains which they can use to send malicious email so the blame gets deflected to you.

We suggest you read through sender requirements for the major email providers to ensure you're in compliance:

• Google: https://support.google.com/a/answer/81126
• Yahoo: https://senders.yahooinc.com/best-practices/
• Microsoft: https://sendersupport.olc.protection.outlook.com/pm/JunkEmail and https://sendersupport.olc.protection.outlook.com/pm/Policies

If you're a customer on one of our paid plans and need some help to ensure your domain is compliant, please feel free to reach out!