Google now automatically blocks emails from bulk senders who fail to meet stricter spam thresholds and authentication requirements, enhancing its spam defenses.
What happened
Google has implemented stricter measures to combat spam and phishing attacks by automatically blocking emails from bulk senders that don't meet new guidelines. These guidelines require senders to authenticate messages using SPF/DKIM and DMARC, avoid sending unsolicited messages, provide an easy unsubscribe option, and maintain low spam rates. Non-compliance may result in email delivery issues, including rejection or placement in spam folders. Google will start rejecting non-compliant traffic gradually, with enforcement beginning in April and accelerated for domains sending bulk emails since January 1, 2024. Google's AI defenses aim to block nearly all unwanted emails, enhancing email security for users.
See also: HIPAA Compliant Email: The Definitive Guide
What are they saying?
According to Google, "bulk senders who don't meet our sender requirements will start getting temporary errors with error codes on a small portion of messages that don't meet the requirements." These temporary errors will help senders identify emails that do not meet Google’s guidelines so they can resolve issues that prevent compliance. With non-compliant traffic rejection starting in April 2024, Google recommends that “senders use the temporary failure enforcement period to make any changes required to become compliant."
Neil Kumaran, Group Product Manager for Gmail Security & Trust, told BleepingComputer in October that senders shouldn't "worry about the intricacies of email security standards, but you should be able to confidently rely on an email's source."
In the know
Spoofing is a deceptive method cybercriminals use to pose as reliable organizations or devices to trick and manipulate their targets. It involves forging the sender's address to make it appear as if the email originated from a different source than it actually did. This can be done by manipulating email header information or using techniques such as "From" address spoofing, where the sender's email address is falsified to appear as if it came from a trusted or legitimate source.
Go deeper: What is spoofing?
Why it matters
Google aims to verify the authenticity of emails and detect spoofed messages by implementing measures such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance). This will enhance email security for users of Gmail and other Google services. Furthermore, Google's spoofing defense contributes to building trust and confidence among users, ensuring that they can rely on the authenticity of emails received through Google's platforms. This defense mechanism safeguards users' sensitive information, privacy, and overall online security.
Learn more:
FAQs
What happens if an email fails authentication under Google's spoofing defense?
If an email fails authentication under Google's spoofing defense, it may be marked as spam, moved to the recipient's spam folder, or rejected outright. This helps prevent potentially harmful emails from reaching users' inboxes.
How do SPF, DKIM, and DMARC work together to combat spoofing?
SPF checks if the sender's IP address is authorized to send emails on behalf of the specified domain. DKIM adds a digital signature to the email, verifying its authenticity. DMARC builds on SPF and DKIM to provide additional policy and reporting capabilities, allowing domain owners to specify how they want email from their domain to be handled if it fails authentication.
Can email users detect spoofing?
In some cases, email spoofing can be detected by examining email headers for inconsistencies or unusual patterns. However, relying solely on manual inspection may not always be reliable, so email service providers like Google implement automated spoofing detection mechanisms.
Tshedimoso Makhene
