Major ESPs to start enforcing email authentication

At Cumulo9 we have been helping our customers achieve authentication excellence for more than a decade, providing advice and assistance on best practices to ensure optimum email deliverability. We have implemented opportunistic TLS in the early days of C9 Transact and have provided TLS reporting in the C9 Transact dashboard since 2017. We began actively monitoring their clients use of SPF on a per mail out basis in 2020 and issued warning notifications when SPF record changes impacted their compliance.

With the vast majority of C9 clients meeting the requirements for SPF long before the major ESPs began insisting on the standard's use, We turned our attention to DKIM. We have been deeply involved in generating the necessary public/private key pairs and assisting with their publication to ensure all C9 Transact emails authenticate correctly.  We have been encouraging the uptake of DKIM in earnest since 2017 when we advised that while SPF validation of your domain(s) was critical, and the time was fast approaching where DKIM would be mandatory to avoid placement in spam folders or outright rejection. 

You may have heard talk about changes in the wings at Gmail and Yahoo in relation to email delivery, particularly with regards 'bulk senders' - those who send more than 5,000 emails a day. At Cumulo9, we are constantly reviewing any proposed changes and in this case are pleased to advise that in most instances our clients already meet the requirements and will enjoy uninterrupted delivery.

While we have prepared for this day, it is no time to be complacent, this is the perfect opportunity to review what else you can do to ensure your domains' reputational health. If you rely on email for essential or transactional communications, then complying with these requirements is no different that maintaining a good password for your internet banking logon.  It is an essential part of email security. 

DMARC

One interpretation of the new requirements, which will be phased in between February and June this year, is that Gmail and Yahoo will require SPF and DKIM compliance and are looking to enforce at least the presence of a DMARC record on a domain before they will accept mail into the inbox for their users. Emails which do not meet those requirements may be delayed or placed in a filtered folder (eg junk).

If you do not have a DMARC record in place currently, you can create your own placeholder by using the DMARC wizard at Dmarcian.com. At the very least we suggest you publish the following placeholder TXT record until such time as you can implement DMARC fully: v=DMARC1; p=none; rua=mailto:dmarc@mailpost.co.nz; ruf=mailto:dmarc@mailpost.co.nz; fo=1; pct=50; 

Feel free to replace the email address (dmarc@mailpost.co.nz) with one you own (a mailbox on your domain).  

Unsubscribe

There is also discussion around one click unsubscribe options, however we have received confirmation from the major ESPs that this is not a requirement on transactional or essential emails.

Postmaster tools

Part of the criteria for acceptance of email by Gmail and Yahoo from February 24 onwards will be for senders' domain(s) to maintain low spam complaint rates - that is, if your recipients report your emails are being spam, this will impact the number of emails Gmail or Yahoo might accept from you. So it is vital to monitor these levels. We will be doing this for all Cumulo9 clients impacted by this, if you are unsure if or how this will impact your organisation feel free to get in touch with the team at Cumulo9. If you wish to monitor this yourself, you can do so by visiting https://postmaster.google.com/ and following the instructions provided (you will require a Google account login).

Additional domains and subdomains - If you send emails from multiple domains, you will need to ensure each of these meets the requirements detailed above. 

If you would like to talk to us about any aspect of this news article, please feel free to call the Cumulo9 Solution Support team on +64 9 377 8885 and/or email: support@cumulo9.com