Thursday, January 18, 2024

Google making major changes to email acceptance requirements

Will your email be blocked by Google, or are you ready for the changes they are making? Google will be blocking emails from weakly configured systems as of February 1st, 2024. Make sure your system isn’t one of them that will be blocked.

Starting February 1st, Google will be imposing requirements on any emails being sent to a Gmail account.  They are asking for you to have some basic email system hygiene in place for your mail system.  If you are at all responsible for your own domain (the part after the @ symbol, such as, then you must pay attention, whether you have an email server in your own data centre, or your email is hosted such as with 365 or Google.

Two other large email systems (Yahoo! and AOL) have already stated they are following in Google's footsteps, Microsoft is expected to follow before long.

These are Googles new requirements as of February 1st, 2024, and your email administrators need to make sure they are in place:

  • All your outbound email servers must now do TLS encryption.  Without this, your email can be intercepted and read, or worse. There are still so many systems running without this, as it is Not a default on most of the ones you setup yourself.  Most hosted solutions do have this already, but not a bad thing to check.
  • For systems with lower send rate, you need at least one of SPF and/or DKIM setup and working correctly.
  • For systems that sometimes send more than 5,000 messages a day to Google Mail servers (including their customer domains they are hosting), then you must have both SPF AND DKIM working correctly AND DMARC setup.

 The most basic SPF and DMARC records you can setup for you domain is (in standard BIND notation):

@ TXT "v=spf1 a mx ~all"

_dmarc TXT "v=DMARC1; p=none; rua=mailto:{emailAddress2processReports}"

That SPF record is NOT guaranteed to work, as it must identify your email server(s). That DMARC record is very safe with an email address that does accept mail. Checking DKIM requires a proper analysis of those DMARC reports, though some spot checking can be done looking at the source header of received messages. 

For more details of Google’s current requirements, including the other 'little' details, read their "Email sender guidelines."

Expect Google and others to increase their requirements in the future, such as the number of messages per day trigger point to be reduced, as well as requiring DMARC enforcement (not just reporting).

Yes, this can seem overwhelming. If you would like some assistance checking to see if your email system is ready for this major change, we may be able to assist you. Please reach out to us and we can discuss this with you.

No comments:

Post a Comment