Google and Yahoo raise the bar: A great opportunity for service providers

After all these years, email is still the primary method for business communication. Yet it is the everyday, mundane qualities of email that spell the greatest danger. Email has been around for so long that it has to be secure, right? Wrong. There are some fundamental changes coming that are designed to secure transit and improve the deliverability levels of legitimate communications.

It’s worth noting that 96% of social engineering attacks start with a phishing email. Human error is what cybercriminals rely on to do their dirty work. Spoofing a popular domain is one of the most common ways to trick both existing customers and potential new clients alike, but industry leaders are taking some major steps to secure our everyday email lives.

Email protocols, such as DKIM and SPF, have been around for some time, and if your business relies on email, these protocols are designed to prove your online credentials to clients’ email inboxes.

This provides some protection, but it doesn’t alter the fact that up to 21% of legitimate emails are landing in spam folders. Something additional is required. Now, two of the largest names in email provision, Google and Yahoo, are implementing plans to improve email safety and deliverability.

From February 1, 2024, along with new guidelines on easy unsubscribing and acceptable spam rates, Google will require senders of bulk email to personal accounts to have three levels of authentication: SPF, DKIM and DMARC. Yahoo is implementing similar policies, too.

With the introduction of stricter email authentication measures, MSPs have a prime opportunity to enhance their services and reinforce client relationships by guiding businesses through compliance and offering comprehensive cybersecurity solutions. 

By establishing partnerships with industry leaders like EasyDMARC, which offers full sales and marketing enablement, MSPs can capitalize on this evolution in email security to boost revenue and solidify their role as trusted advisors in the digital landscape.

As a third check, DMARC provides a framework for domain owners on how an email should be handled if it fails SPF or DKIM authentication checks. This can lead to emails being quarantined in a spam folder or rejected outright.

DMARC also includes reporting into authentication failures, thereby helping to protect the legitimate domain owner against spoofing attempts and other potential misuse.

What this means is if a business has a history of sending more than 5,000 emails daily — including both marketing and transactional — they will need to comply with these new rules. 

The bad news for companies that do not comply is that they risk doing serious damage to their online reputation as more of their communications become classified as spam.

The good news for anyone with one of Google’s listed domains is that starting this February, they should be able to note a gradual improvement in the relevance of the messages coming into their personal email box as unsubscribing becomes easier and companies whose messages they do need or value benefit from clearer targeting and trusted domain status.

It’s probably one of the most significant changes to happen to email since the very first “Press to send.”

While nothing can replace daily vigilance in managing your inbox, these changes will help you remove the clutter and see more of the communications that are relevant to you.

EasyDMARC has partnered with Acronis to simplify DMARC For MSPs, and you can find more details about the integrated solution in the Acronis Integration Catalog and within the Acronis Cyber Protect application.