Ready for DMARC?

If you use email in your business, including newsletters, email lists, or receipts and invoices sent via email, the Google and Yahoo email security changes on February 1st 2024 are something you need to know about.

This concerns you if:

If you have clients with @gmail addresses

If you have clients with @yahoo addresses

If you use an @yahoo or @gmail address for business purposes

If you own your own domain (.com, .ca, or other self-owned website)

What is this about?

This is great news for anyone who owns a website!

On October 3rd 2023, Google and Yahoo announced that they would start to enforce pre-existing anti-spam rules concerning bulk email senders, in order to prevent the increasing instances of phishing, domain hijacking, spam emails, and other malicious attempts to undermine legitimate domains and businesses.

To accomplish this, Google, Yahoo, and other bulk email hosts including Microsoft servers and local telecom providers, will now filter all incoming mail destined for their email clients on their systems through three major protocols: SPF, DKIM, and DMARC. (More on these below.)

eMail senders must comply with these protocols by February 1st, 2024, or the emails you send to customers may be blocked and prevented from reaching your intended recipients.

In other words…

As a sender of email to clients and subscribers, you must pass the security tests laid out by the email hosts where your recipients have their email addresses. If you don’t, they won’t deliver your mail to those people. The only way to prove to those email hosts that you are not sending spam or phishing emails is to add this security to your domains. This will affect your email newsletters, your purchase receipts that you send to them from your website, and even 1:1 communication emails to clients.

Use our Instant Scanner to find out if your domain name passes the test

No data is saved from this test, and using this does not sign you up for anything. Test all the domains you own at no cost.

Here’s how to interpret your results

If you have a red light on BIMI:

That’s OK. You can still be compliant without BIMI. Without BIMI, the highest anyone will score on this test is 8/10.

If you have red lights on SPF or DKIM:

This must be corrected right away to prevent your emails from being blocked.

If you have yellow or orange lights on SPF, DKIM, or DMARC:

You might still be compliant, but it’s a good idea to create a plan to improve your score.

If you scored less than 5 on this test:

Your emails will likely be blocked. It’s time to take action to prevent interruption to your business.

(Still unclear? More help is below.)

The detailed explanation

What are SPF, DKIM, DMARC, and BIMI?

All of these protocols, SPF, DKIM, and DMARC, are trusted technologies that have been available for some time. These three standards work together to prevent spam, phishing emails, and other security risks.

BIMI is a fourth protocol that enhances this protection with greater recognition and branding control. While not every domain needs BIMI, every domain can definitely benefit from BIMI.

SPF (Sender Protocol Framework)

Makes sure the sender really is who they say they are.

This prevents email spoofing by verifying that the sender’s email server is authorized to send emails on behalf of a specific domain.

DKIM (DomainKeys Identified Mail)

Makes sure the email has not been tampered with, and that it came from your real email server, not an imposter.

This adds a digital signature to email headers, to verify that the message was not altered during transit, and that it genuinely originated from the claimed sender’s domain.

DMARC (Domain-Based Message Authentication, Reporting, And Conformance)

makes sure that the “from” address matches the SPF and DKIM records, alerts the domain owner about any imposters who try to use your domain name, and tells your domain what to do with those imposters.

DMARC covers the shortfalls of SPF and DKIM by verifying that the return-path address and the DKIM signing address matches the “from:” address the recipient sees. This helps organizations protect their email domains by specifying how to handle messages that fail SPF and DKIM checks, reducing phishing and spoofing risks.

BIMI (Brand Indicators for Message Identification)

In certain circumstances, BIMI allows your brand’s logo to be displayed next to your sender email address in the recipient’s inbox, for greater brand recognition and trust.

This protocol helps recipients verify the legitimacy of emails, and enhances brand recognition for customers. Because this involves logo trademarking (which can be expensive and lengthy) and a link to secured certificates, this is generally only used by companies as a “next-level” way of displaying the security of your domain.

“I thought my business was too small to be affected. Now I realize I was even more vulnerable because I didn’t have the resources to track down the problems.”
Private Chef
“I’ve spent so much time building my email list, and I don’t want anything to threaten that.”
“I started my online virtual business during COVID so that I could work from home. If my website goes down, I’m out of business.”
Baby Products Entrepreneur

OK, you’ve got my attention. What do I need to do?

If you have a technical consultant, web designer, or nerdy friend, now is the time to have a clear and focused conversation. Below is our list of suggested talking points.

Talking Points With a technical helper

  1. What domains (aka “.com” or “.ca” or other suffixes) do we currently own? (If you don’t own one, NOW is the time to do this.)
  2. Where is our domain registered? (This is not necessarily the same thing as where your website is hosted.)
  3. Who has access to our DNS (Domain Name System) settings?
  4. Do you feel comfortable making an assessment of our current DNS records? (This is a little tricky and takes specialized knowledge.)
  5. Do we already have SPF, DKIM, or DMARC in place? (Try the tester above to find out.)
  6. Are the current settings sufficient?
  7. Are we checking the reports regularly?
  8. Have we identified any problems, such as someone attempting to impersonate or hijack our domain?
  9. Have we had any complaints from clients who may have received suspicious emails that appear to be from us?
  10. Do we follow good list-management practices, especially the use of a list-management system, mentioned above?
  11. Have we seen any strange emails in our email inboxes, that appear to mean our emails are being rejected?
  12. Have we Googled our own company name or product names to see what comes up? Are there any red flags that suggest we may have a problem with any of our domains?

No tech help?

No problem.

We offer a managed hosted solution, to ensure your domain remains protected, and meets all requirements for safe and reliable email delivery.

One-time domain protection Setup


Includes inspection of your DNS, immediate implementation of SPF, DKIM, and DMARC policies by someone qualified to customize the settings just for YOUR domain.

We offer a 72-hour turnaround from the time you supply us with your website credentials.

Ongoing Monthly Domain monitoring


Includes Monthly reputation monitoring, blacklist monitoring, and reporting.

Buy two years of protection and Save


Purchase One-Time Domain Protection Setup plus 2-years of Monthly Domain Monitoring, and save over $100!

Additional Best Practices

Still have questions?

Use the link below to book a complimentary 20-minute call with us. We can walk you through the basics and determine if we can help.