Understanding the new email authentication changes

We all know how important it is that people receive the emails you send them! Otherwise, what’s the point of sending them at all? But there’s also a risk – cyber criminals are developing increasingly clever ways of making spam or dangerous emails look like the real deal, and that puts your business and data at risk! That’s why some of the major email platforms, like Microsoft and Google, are shaking up the landscape. They’re making email safer, but the changes they are making could impact how your businesses’ emails are handled. Let’s take a closer look at these changes and what they mean for you as a business owner – and how the team here at Black Nova Designs can help!

What’s changing?

Starting from March 2024, Microsoft and Google will roll out a policy that requires business emails to have a properly configured professional Sender Policy Framework (SPF). Essentially, this means that if your emails aren’t compliant with SPF standards, they may be rejected or quarantined when you send them to businesses and customers. Obviously, you don’t want that!

This policy change may cause inconvenience and necessitate UK businesses to ensure their SPF records are correctly set.

Yahoo has already begun outright rejection of emails without valid DomainKeys Identified Mail (DKIM), particularly those originating from Microsoft.

Therefore, it is crucial for your SPF/DKIM/DMARC settings to be in complete order in order to avoid any delivery issues.

This will ensure the uninterrupted functioning of your business email and significantly reduce the amount of spam and phishing emails you receive, enhancing your protection.

What exactly is SPF?

Put simply, SPF is an email authentication method designed to detect forged sender addresses during email delivery. It allows receiving mail servers to verify that emails coming from a specific domain were sent through an IP address that’s authorised by that domain’s administrators. OK, we know that’s complicated, but bear with us….! Yahoo has already started rejecting emails that lack valid DomainKeys Identified Mail (DKIM), particularly those originating from Microsoft emails.

And what is DKIM?!

DKIM acts as a digital signature that’s added to the header of an email and it helps to further verify the identity of the sender. The server of the receiving email account can then verify that the DKIM signature matches that of the associated sending domain.

Finally, let’s quickly look at DMARC…

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a protocol that uses both SPF and DKIM to determine the authenticity of an email, allowing domain owners to protect their domain from unauthorised use.

Why does it matter?

These three authentication protocols – SPF, DKIM, and DMARC – play a crucial role in enhancing email security. Yes, the tech behind it is complicated, but together they help verify the legitimacy of senders, mitigating the risk of phishing and spoofing attempts.

What do the changes mean for you?

Ensuring your SPF, DKIM, and DMARC settings are correctly configured is an essential step to avoid delivery issues and at the same time protect your business from potential threats. Proper authentication not only safeguards your brand reputation but also improves deliverability by confirming the identity of the sender. So, it’s well worth you taking some time to sort this one out!

How can you take action?

Given how important this is, it’s worth making sure any changes are done right – and that’s why we’re here to help! Our team can work with you to make sure your DNS records are ready for these changes and implementing necessary email security measures. The good news is that it doesn’t have to take long – just drop us a line to get started.

We totally understand that some of this might have sounded like techy gobbledegook, so we want to remind you that here at Black Nova Designs our mantra is that no question is ever too small or silly. Ever. We want to demystify technology and while in this case, we’ve done our best, we know that sometimes it is inherently confusing. So, if you’d like to make your emails as safe as possible and make sure they reach the sender, don’t hesitate to get in touch for help! 

If you manage these settings yourself, please be aware that you will need to access your DNS records to make the necessary edits and therefore require your domain login details.

These new settings are likely to affect to affect your email marketing systems as well, eg mail chimp, active campaign, campaign monitor and many more.

Some useful links on this subject can also be found here:

February 1, 2024: A Date All Email Senders Should Care About – Cisco Blogs

Gmail introduces new requirements to fight spam (