Ready for DMARC?

If you use email in your business, including newsletters, email lists, or receipts and invoices sent via email, the Google and Yahoo email security changes on February 1st 2024 are something you need to know about.

This concerns you if:

If you have clients with @gmail addresses

If you have clients with @yahoo addresses

If you use an @yahoo or @gmail address for business purposes

If you own your own domain (.com, .ca, or other self-owned website)

What is this about?

This is great news for anyone who owns a website!

On October 3rd 2023, Google and Yahoo announced that they would start to enforce pre-existing anti-spam rules concerning bulk email senders, in order to prevent the increasing instances of phishing, domain hijacking, spam emails, and other malicious attempts to undermine legitimate domains and businesses.

To accomplish this, Google, Yahoo, and other bulk email hosts including Microsoft servers and local telecom providers, will now filter all incoming mail destined for their email clients on their systems through three major protocols: SPF, DKIM, and DMARC. (More on these below.)

eMail senders must comply with these protocols by February 1st, 2024, or the emails you send to customers may be blocked and prevented from reaching your intended recipients.

In other words…

As a sender of email to clients and subscribers, you must pass the security tests laid out by the email hosts where your recipients have their email addresses. If you don’t, they won’t deliver your mail to those people. The only way to prove to those email hosts that you are not sending spam or phishing emails is to add this security to your domains. This will affect your email newsletters, your purchase receipts that you send to them from your website, and even 1:1 communication emails to clients.

Use our Instant Scanner to find out if your domain name passes the test

No data is saved from this test, and using this does not sign you up for anything. Test all the domains you own at no cost.

Here’s how to interpret your results

If you have a red light on BIMI:

That’s OK. You can still be compliant without BIMI. Without BIMI, the highest anyone will score on this test is 8/10.

If you have red lights on SPF or DKIM:

This must be corrected right away to prevent your emails from being blocked.

If you have yellow or orange lights on SPF, DKIM, or DMARC:

You might still be compliant, but it’s a good idea to create a plan to improve your score.

If you scored less than 5 on this test:

Your emails will likely be blocked. It’s time to take action to prevent interruption to your business.

(Still unclear? More help is below.)

The detailed explanation

What are SPF, DKIM, DMARC, and BIMI?

All of these protocols, SPF, DKIM, and DMARC, are trusted technologies that have been available for some time. These three standards work together to prevent spam, phishing emails, and other security risks.

BIMI is a fourth protocol that enhances this protection with greater recognition and branding control. While not every domain needs BIMI, every domain can definitely benefit from BIMI.

SPF (Sender Protocol Framework)

Makes sure the sender really is who they say they are.

This prevents email spoofing by verifying that the sender’s email server is authorized to send emails on behalf of a specific domain.

DKIM (DomainKeys Identified Mail)

Makes sure the email has not been tampered with, and that it came from your real email server, not an imposter.

This adds a digital signature to email headers, to verify that the message was not altered during transit, and that it genuinely originated from the claimed sender’s domain.

DMARC (Domain-Based Message Authentication, Reporting, And Conformance)

makes sure that the “from” address matches the SPF and DKIM records, alerts the domain owner about any imposters who try to use your domain name, and tells your domain what to do with those imposters.

DMARC covers the shortfalls of SPF and DKIM by verifying that the return-path address and the DKIM signing address matches the “from:” address the recipient sees. This helps organizations protect their email domains by specifying how to handle messages that fail SPF and DKIM checks, reducing phishing and spoofing risks.

BIMI (Brand Indicators for Message Identification)

In certain circumstances, BIMI allows your brand’s logo to be displayed next to your sender email address in the recipient’s inbox, for greater brand recognition and trust.

This protocol helps recipients verify the legitimacy of emails, and enhances brand recognition for customers. Because this involves logo trademarking (which can be expensive and lengthy) and a link to secured certificates, this is generally only used by companies as a “next-level” way of displaying the security of your domain.

“I thought my business was too small to be affected. Now I realize I was even more vulnerable because I didn’t have the resources to track down the problems.”
Nav
Private Chef
“I’ve spent so much time building my email list, and I don’t want anything to threaten that.”
Grace
Realtor
“I started my online virtual business during COVID so that I could work from home. If my website goes down, I’m out of business.”
Shelby
Baby Products Entrepreneur

OK, you’ve got my attention. What do I need to do?

If you have a technical consultant, web designer, or nerdy friend, now is the time to have a clear and focused conversation. Below is our list of suggested talking points.

Talking Points With a technical helper

  1. What domains (aka “.com” or “.ca” or other suffixes) do we currently own? (If you don’t own one, NOW is the time to do this.)
  2. Where is our domain registered? (This is not necessarily the same thing as where your website is hosted.)
  3. Who has access to our DNS (Domain Name System) settings?
  4. Do you feel comfortable making an assessment of our current DNS records? (This is a little tricky and takes specialized knowledge.)
  5. Do we already have SPF, DKIM, or DMARC in place? (Try the tester above to find out.)
  6. Are the current settings sufficient?
  7. Are we checking the reports regularly?
  8. Have we identified any problems, such as someone attempting to impersonate or hijack our domain?
  9. Have we had any complaints from clients who may have received suspicious emails that appear to be from us?
  10. Do we follow good list-management practices, especially the use of a list-management system, mentioned above?
  11. Have we seen any strange emails in our email inboxes, that appear to mean our emails are being rejected?
  12. Have we Googled our own company name or product names to see what comes up? Are there any red flags that suggest we may have a problem with any of our domains?

No tech help?

No problem.

We offer a managed hosted solution, to ensure your domain remains protected, and meets all requirements for safe and reliable email delivery.

One-time domain protection Setup

$449

Includes inspection of your DNS, immediate implementation of SPF, DKIM, and DMARC policies by someone qualified to customize the settings just for YOUR domain.

We offer a 72-hour turnaround from the time you supply us with your website credentials.

Learn More

Ongoing Monthly Domain monitoring

$24

Includes Monthly reputation monitoring, blacklist monitoring, and reporting.

Learn More

Buy two years of protection and Save

$999

Purchase One-Time Domain Protection Setup plus 2-years of Monthly Domain Monitoring, and save over $100!

Learn More

Additional Best Practices

Be sure to Use a Legal List-Management System

If you have ever used a standard email program such as Outlook, Apple Mail, Windows Mail, or Gmail to send to a list* using BCC or CC, now is the time to stop. You will certainly be blocked, or worse, blacklisted, even if you are sending from your own domain. Be sure to use a list-management system such as MailChimp, Drip, GetResponse, Active Campaign, Constant Contact, MailerLite, or a variety of others. eMail sent from a standard email program to a list of subscribers and customers definitely does not comply with basic anti-spam rules. (* 1:1 direct emails may still be affected, even though the regulations specify bulk email such as newsletters, receipts, shipping advisories, and other business emails to clients from automated systems such as online shopping carts.)

Stop using @Yahoo, @Gmail, @Comcast, @Shaw, etc. to communicate for your business

Because this is a common tool for spammers and other bad actors, addresses like these will be blocked, and will keep your email marketing and sales messages from reaching your clients. It’s also often a red flag for clients who want to do business with companies who are fully committed and serious about what they do.

Practice Good List Hygiene

If you have a list of 10,000 subscribers, but only 1000 of them ever open your emails, it’s time to trim the fat. Having a large list that is not engaged raises even more red flags for servers on the lookout for spammers. Besides, you are probably paying for subscribers that do not make you money. Better to send to fewer people who are truly engaged, and get better overall results, while not attracting attention from blacklist services.

Be sure to use an automated self-unsubscribe, and get clear permission from subscribers

When you use a purpose-built list-management application like those previously mentioned, these two items are typically taken care of for you. If a subscriber doesn’t want to stay on your list, they can click on a simple link, and be automatically unsubscribed right away. For subscribers to join your list, these systems have sign-up forms that make getting legal permission easy and instant, with what is known as a double opt-in method. Signing people up from a clipboard is risky without digital confirmation of their desire to subscribe. The power must be with the subscriber.

Still have questions?

Use the link below to book a complimentary 20-minute call with us. We can walk you through the basics and determine if we can help.

Book a call