• by Ray Schultz , Columnist, February 6, 2024

It has begun. Gmail is temporarily rejecting messages that fail its new authentication rules.  

There are many more stages before the requirements take full effect. Here is the schedule: 

• February 2024: Regardless of volume, all senders must comply with the general email-sending practices outlined in the guidelines.  
• February 2024: Bulk email senders must start implementing enhanced requirements, including email authentication. 
• April 2024: Messages that are not compliant will start getting rejected.  
• June 2024: Senders must implement one-click unsubscribe in all commercial and promotional messages.  

Gmail states that it requires all senders to authenticate with either SPF or DKIM.  

“Proper email authentication can be a complicated, cumbersome, and error-prone project, but it does not need to be,” writes Seth Blank, CTO, Valimail. “By partnering with a trusted email service provider together with the implementation of the right DMARC solution you will be able to navigate this essential process and ensure that your legitimate emails reach their intended inboxes without interruption." 

Blank adds that no email marketing or data security expert has said, “It’s as easily as apple pie.”

Yahoo is also implementing such provisions.

For the record, Valimail is offering a new automated product called Align to help senders authenticate their emails. 

Gmail requires that bulk senders — those sending more than 5,000 messages to Gmail per day — authenticate their email using well-established best practices.

The goal? To “close loopholes exploited by attackers that threaten everyone who uses email.”