Email phishing schemes have a powerful new enemy on their hands in DMARC, or Domain-based Message Authentication, Reporting & Conformance. It will also be an enemy to email marketers – even the white hat ones – because it will filter out any email message that cannot be verified as being sent from an owned domain. DMARC uses Sender Policy Framework (SPF) and DomainKeys Identified mail, or DKIM authentication tools to prove that an email is coming from exactly where it claims to be. If not used correctly, even email marketers who do send their messages from a verifiably owned domain will end up with their emails returned “undeliverable”.
Microsoft and Gmail are slated to update their email sending policies later this year, which will adversely affect how email marketers do business. The new policies will make it so that no one other than Gmail can send from an @gmail.com address, and likewise for Microsoft @outlook.com, @hotmail, @live.com, or @msn.com email addresses. Yahoo is already on board with the new verification policy.
What Email Marketers Need to Know
You can no longer send either unsolicited or solicited emails through a Gmail, Microsoft, or Yahoo proxy address. You will have to send all your emails from a brand-owned email address, or it will be returned as undeliverable. It will no longer be delivered to that email list you’ve been using even if it is a wanted email. By complying with the new DMARC standards, however, you will be able to control your sending reputation, and establish better consistency and credibility by implementing the safeguarding measure of authentication. This will also help to weed out the chaff and better identify truly harmful (not just bothersome), unauthenticated emails that also prove to be a cyber threat or attack.
The Benefits of DMARC Compliance
In the short term, this is a big headache for email marketers who have been coasting along, used to being able to use free and open email domains to send out both unsolicited junk as well as client management email blasts and the like. But, in the long run, the new DMARC policy will benefit all who legitimately use Gmail, Microsoft, and Yahoo mail services. The bad guys will then have their own “phishy” and malicious emails returned to sender, and the rest of us can get on with our authenticated, verified email communications, and will be the better for it.