Nigel Wilkinson
Managing Director of Daneswood. Nigel has been in sales and marketing since the 1980's and run digital marketing agencies since 2000.
In the ever-evolving landscape of email communication, recent changes to Gmail, Yahoo, and Outlook’s email policy have brought to light the importance of strengthening your business’s email security. As an SME owner, it’s crucial to understand these changes and how they impact your email communications. Fortunately, there are measures you can take to ensure your emails remain secure and trustworthy in light of these developments.
Policy Changes: A Brief Overview
Most of the world’s most popular email providers recently implemented stricter email authentication policies to combat phishing attacks and email fraud. These changes affect how most email providers handle incoming emails and prioritise those with proper authentication mechanisms in place, such as DKIM, SPF, and DMARC. Emails lacking these authentication measures may face delivery issues or be flagged as potentially suspicious, impacting your business’s ability to reach customers’ inboxes effectively.
Now, obviously, as email recipients, this is a good thing. Less spam and phishing emails will get through, making our inboxes cleaner and our lives safer. However, if you are looking to talk to your customers and contact them via email – and if you aren’t, you should be – then it just got a whole heap harder.
Understanding the Trio: DMARC, DKIM, and SPF
Sorry, but this is a bit of a techie subject, so we need to understand the principles here. To navigate these changes successfully, let’s revisit the trio of email security protocols: DMARC, DKIM, and SPF. (Don’t you love an acronym!)
DKIM (DomainKeys Identified Mail): DKIM adds a digital signature to your outgoing emails, verifying their authenticity and ensuring they haven’t been tampered with. It acts like a seal of approval, assuring recipients that the email indeed came from your domain.
SPF (Sender Policy Framework): SPF specifies which email servers are authorised to send emails on behalf of your domain. It acts as a gatekeeper, preventing unauthorised senders from impersonating your business and safeguarding your domain’s reputation.
DMARC (Domain-based Message Authentication, Reporting, and Conformance): DMARC acts as the ultimate guardian, enforcing alignment between DKIM and SPF authentication results and your specified policies. It provides valuable insights into email authentication failures and allows you to take action to protect your domain from unauthorised usage.
Embracing Proactive Measures
In light of the email giants’ policy changes, it’s essential for SME owners to proactively implement and maintain robust email authentication practices:
Configure DKIM, SPF, and DMARC: Ensure that your domain has DKIM, SPF, and DMARC records correctly configured. If you are using Office 365, for example, you don’t need to do this. If you are using things like CRMs to send outbound emails, you will. And, of course, each one has its own settings and rules, so I can’t tell you exactly how to do this. Other than contacting your provider and getting support for them, of course!
These protocols provide Gmail and other email providers with the necessary authentication to identify legitimate emails from your domain.
If you don’t take action where needed, your emails will either not get delivered or will come with big warning messages that make it look like you are a spammer. The more negative signals the email providers get, the harder it will be to get your emails delivered.
Regular Monitoring and Reporting: Regularly monitor DMARC reports to identify any authentication failures or unauthorised usage of your domain. These insights can help you identify and address potential security threats promptly.
Stay Informed: Stay updated on the latest email policy changes and best practices for email authentication. Being informed allows you to adapt your email security measures effectively and maintain reliable communication channels with your customers.
Conclusion: Fortifying Your Email Armour
Safeguarding your business emails is paramount in maintaining trust with your customers and protecting your brand’s reputation. By understanding and implementing robust email authentication measures such as DKIM, SPF, and DMARC, you can navigate Gmail’s recent policy changes with confidence, ensuring your emails reach your customers’ inboxes securely and reliably.
Remember, in the ever-evolving digital landscape, staying proactive and informed is key to maintaining a strong defence against email fraud and phishing attacks.
Stay secure, stay vigilant, and keep your business emails safe!