• by Ray Schultz , Columnist, Yesterday

Here’s one more warning about complying with Microsoft’s policy for high-volume senders. 

The new DMARC (Domain-based Message Authentication, Reporting & Conformance) change took effect on May 5. The purpose is to reduce phishing attacks that victimize Outlook account holders, according to an article in Ironscales written by James Savard. 

Send an unauthenticated email, and you will get this return message:  “550; 5.7.515 Access denied, sending domain [SendingDomain] does not meet the required authentication level,” the article states.  

That’s not the only consequence, the advisory warns. Others include:

• Higher bounce rates — non-compliant emails will be rejected outright
• Brand reputation damage — the consequence is increased phishing and spoofing
• Reduced deliverability — even legitimate messages may be flagged
• Regulatory and financial risks

Google has imposed similar rules. But despite constant warnings, only 40% of brands are very familiar with the mew DMARC requirements, and 38% have heard of them and were preparing to comply.

Twenty percent either don’t know much about them or have never heard of them, according to a recent study by EasyDMARC.  

Here's the bottom line: In the unlikely event you have not yet implemented DMARC, the primary email security standard, and other protections, be prepared for delivery problems.  

“With DMARC adoption doubling in 2023 alone and the market tightening this control, businesses cannot afford to ignore this security standard any longer,” Iconscales concludes. “As Microsoft and other major email providers continue heightening their policies, having a proactive DMARC strategy in place is essential for maintaining deliverability, protecting brand reputation, and mitigating your risk.”