January 26 2024

DMARC and the new email delivery requirements for Google and Yahoo

New Google and Yahoo Requirements from February 24: The Vital Importance of DMARC for Email Security and Authentication.


In an increasingly interconnected world, the security of email communications has become a crucial aspect for businesses of all sizes. With the announcement of new delivery policies by giants like Google and Yahoo, a new chapter opens in the field of email authentication and security. Starting from the beginning of 2024, Google and Yahoo will require senders of newsletters and mass emails to comply with specific requirements to guarantee the reliability of email and effectively combat the phenomenon of Spam.

The Context of the Evolution of Mail Delivery Policies

Every day, billions of emails are exchanged globally, and a significant percentage of these are spam, phishing and other forms of unwanted or malicious communications. To combat this, email service providers have implemented various authentication tools and protocols. The introduction of the DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocol represents a further step forward in the fight against Spam and phishing.

What is the DMARC Protocol and Its Fundamental Importance

The DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocol represents a milestone in the field of email communications security. In the digital age, where phishing and spoofing have become daily problems for individuals and businesses, DMARC emerges as an essential tool for ensuring the integrity and authenticity of email communications.

Definition and Functionality of DMARC

DMARC is an email authentication framework that allows domain owners to exercise tighter control over emails sent from their domains. This protocol builds on and integrates with existing SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) standards, to provide a three-tier approach to email authentication.

  • SPF allows domain owners to specify which servers are authorized to send email on behalf of their domain.
  • DKIM provides a method to validate a domain through digital signature, ensuring that the contents of a message have not been altered during transfer.

DMARC comes into play by merging these two protocols and adding an extra layer of security: it defines how ISPs (Internet Service Providers) should treat emails that don't pass these authentication checks. In practice, the domain owner can set DMARC policies to require ISPs to reject, quarantine, or simply monitor emails that fail SPF or DKIM checks.

The New Requirements of Google and Yahoo

With the advent of 2024, Google and Yahoo will require the adoption of the DMARC protocol for all senders of newsletters and mass emails directed to their users. This means that if your company sends large volumes of emails to contacts with Gmail or Yahoo addresses, you'll need to make sure your domain is authenticated through DMARC. Additionally, other requirements will be imposed such as allowing users to unsubscribe from mailing lists with a single click and keeping Spam reports below 0,1%.

Steps to Follow for Implementation of DMARC

  1. Verification of Current Authentication Tools: Before implementing DMARC, it is essential to ensure that your domain is already configured with SPF and DKIM. These protocols are the basis for good email authentication.
  2. Publication of the DMARC Record: This involves adding a DMARC record to your domain's DNS. This record defines your domain's DMARC policy and provides instructions to ISPs on how to handle emails that fail authentication checks.
  3. Monitoring and Analysis: Once DMARC is implemented, it is important to monitor the reports generated and analyze the data to identify any email authentication issues.
  4. Adaptation and Optimization: Based on monitoring results, you may need to make changes to your SPF, DKIM, and DMARC configurations to improve email deliverability and security.

Benefits of Adopting DMARC

  1. Prevention of Phishing and Spoofing: As online fraud increases, DMARC helps prevent company domains from being misused in phishing and spoofing attacks. This is vital to protect both consumers and businesses from fraud attempts and identity theft.
  2. Improvement of Sender Reputation and Deliverability: Using DMARC improves sender reputation with ISPs, increasing the chances that legitimate emails will actually reach users' inboxes, rather than being mistakenly marked as Spam.
  3. Feedback and Reporting: One of the distinguishing features of DMARC is its ability to provide detailed reports to domain owners. These reports provide valuable insights into how emails sent from their domain are handled, allowing them to identify and resolve email deliverability issues.
  4. Compliance and Standardization: In an era where data protection and cyber security are increasingly in focus, the adoption of DMARC becomes a key element for compliance with global security standards. Companies that implement DMARC demonstrate a commitment to security and data protection, which is increasingly valued by customers and business partners.

Final considerations

Adopting DMARC is more than just complying with Google and Yahoo's new policies; represents a fundamental step towards greater security and reliability in the world of electronic communications. Companies that adapt to these new demands not only improve their image and the trust of their customers, but also contribute to the creation of a more secure digital ecosystem.

In conclusion, implementing DMARC, along with SPF and DKIM, should be viewed not just as a requirement, but as an opportunity to improve the security, reputation and effectiveness of your email communications. With the right approach and careful planning, adapting to these new policies can lead to long-term benefits for businesses of all sizes.

If you are having difficulty implementing DMARC please contact us.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.


Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.


Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

Back to top