Bulk email senders are running out of time to comply with the new
rules from Gmail and Yahoo Mail. But they shouldn’t view them as a punitive exercise.
“We want to create a better environment and ecosystem for senders and users alike,” said
Marcel Becker, senior director, product management at Yahoo, speaking at Beyond the Basics: An Email Requirements Roundtable with Google, Yahoo and Valimail, a webinar presented by Valimail on
Thursday, moderated by Warren Duff from Valimail.
Why now?
“The amount of threats is increasing, and with GenAI it will continue to accelerate,” said Neil
Kumaran, product lead at Google. “This is a good opportunity to leverage great standards to increase people’s safety and also achieve clarity over the ecosystem.”
To recap,
Gmail and Yahoo Mail now require that bulk senders authenticate their emails.
advertisement
advertisement
“When you don’t authenticate, anyone can send email as you,” said Seth Blank, chief
technology officer, Valimail. “There has been an enormous acceleration in spam and phishing since Covid started.”
Why focus on bulk senders?
“To us, a bulk sender is
someone who sends a lot of email, and perhaps the same copy to multiple people,” Kumaran explained. “There are two reasons: A., they are larger targets of impersonation. B., Large senders
are also potential servers of spam. We’re (starting with) that portion of the mailstream, but these are best practices for everyone.”
Indeed, smaller senders
shouldn’t think, “Nobody’s using this for phishing, I’m not important,” Becker said. ”If you’re not protecting your domain, someone will abuse
it.”
And don't forget that senders must have an unsubscribe button by April 1 and promptly honor all opt-out requests.
Nobody denies that the spam
problem is critical.
“To put in perspective, there’s not just a little spam out there,” Kumaran said. “It’s the opposite: Most emails are spam, it could be
90% of all email attempts: they are garbage. Identifying the 10% which are actually good, which our viewers want, can let you in.”
What should people know about the
tools—namely, DKIM (DomainKeys Identified Mail), SPF (sender policy framework) and the self-protective device DMARC (domain-based message authentication, reporting, and
conformance)?
“Each piece of the requirements exists for a reason,” Kumaran said. “Nothing is a panacea, but together they’re straightforward, based on open standards.
Many senders do them already.”
What’s the takeaway?
“We’re encouraged by the data we’re seeing with adoption,” Kumaran continues.
“If we raise the bar here, every one of our users benefits.”
“We don't want people not to focus on the details in some weird way, but to zoom out a little bit: What is the
spirit of this?” Becker added.
In the end, the goal is to “make the world safer for everyone,” Blank said.