It has begun. Gmail is temporarily rejecting messages that fail its new authentication rules.
There are many more stages before the requirements take full effect. Here is the schedule:
Gmail states that it requires all senders to authenticate with either SPF or DKIM.
“Proper email authentication can be a complicated, cumbersome, and error-prone project, but it does not need to be,” writes Seth Blank, CTO, Valimail. “By partnering with a trusted email service provider together with the implementation of the right DMARC solution you will be able to navigate this essential process and ensure that your legitimate emails reach their intended inboxes without interruption."
Blank adds that no email marketing or data security expert has said, “It’s as easily as apple pie.”
Yahoo is also implementing such provisions.
For the record, Valimail is offering a new automated product called Align to help senders authenticate their emails.
Gmail requires that bulk senders — those sending more than 5,000 messages to Gmail per day — authenticate their email using well-established best practices.
The goal? To “close loopholes exploited by attackers that threaten everyone who uses email.”