Google and Yahoo: New Guidelines for Sending Emails in 2024 – Email Authentication

autenticazione delle email

Big changes on the horizon. Google and Yahoo are transforming what were once defined only as “Best Practices” for authenticating sent emails into real “mandatory requirements”.

At the same time, all senders who do not adapt to the new standard will first begin to experience problems in the delivery of their emails and subsequently actual bans on their email inbox.

So, what should we do to avoid making these mistakes which, we repeat, will be heavily sanctioned in the short term?

Google and Yahoo: A Real Change of Direction in Terms of “Email Authentication”

Email authentication has always been a best practice, but not everyone has always used the various tools made available by different authentication services to “protect” their email accounts.

This may seem like a simple oversight or a more serious shortcoming, but the fact is that if the sender does not correctly authenticate their emails, it makes it extremely easy for scammers and malicious people to impersonate the domains used and send phishing emails, thus causing irreversible damage. its reputation.

Google Gmail and Yahoo Mail have integrated various tools to protect their users from malicious emails such as spam and unwanted email filtering systems.

Without proper authentication, senders do not adequately protect their accounts and in doing so risk at best ending up in spam and at worst being banned.

It is for this reason that the big names on the web have decided that correct “Mail Authentication” for outgoing emails and compliance with the so-called “Deliverability Best Practices” will no longer be recommended practices, but truly mandatory practices that must be carried out before sending any work email.

How to Correctly Authenticate your Emails?

If you want to ensure that ALL your emails continue to reach their destination, you will need to comply with the new 2024 procedures and all best practices for email authentication and spam prevention:

  • Use authentication methods such as DMARC, SPF and DKIM;
  • Make sure you do not send an excessive number of emails to the same address so as to maintain a “Spam Complaints” rate of less than 0.3% (i.e. 3 emails with complaints out of every 1000);
  • Allow recipients to easily unsubscribe from their email inbox;
  • Obtain rDNS, RFC 5322 and PTR record certifications;
  • Make sure that all IP addresses of the servers used for sending emails have valid reverse DNS;
  • Use a connection that supports the “TLS – Transport Layer Security” protocol to transmit emails.

These changes are important for all those who send business emails, even if the new standards imposed by Google and Yahoo are mainly aimed at all those users (small, medium and large businesses) who send large volumes of emails, also known as “massive”. sending”; but that doesn’t mean you can ignore the new directives.

That’s why, whether you send one email or a few million, protecting your domain and avoiding spam by following email best practices is key to keeping your users and your domain safe. healthy email.

How to best prepare: The Validation

Regarding validation, there is a double possibility:

  • Validate ONLY your email address through which you send work emails;
  • Validate an entire domain through procedures on your DNS.

It goes without saying that the first option is the simplest and most direct, although at the same time it is the one with a greater risk of error given the tightening of Google and Yaho standards

Validate your Email Address

DKIM – Domainkeys Identified Mail

DKIM is an email authentication method through which the legitimacy and reliability of the sender is confirmed while also verifying that the messages have not been altered during their passage through the various servers.

For now, the DKIM signature is highly recommended, but both Google and Yahoo will soon make it mandatory, thus creating a real precedent that will certainly be followed by all other providers.

SPF – Sender Policy Framework

SPF is an email authentication standard that is used to prevent address spoofing when sending emails.

This system works via the Return Path, which is an address to which “bounces” are sent, i.e. when emails are rejected from the destination inbox.

By replacing the default domain for the Return Path with your own sending domain, we will obtain message authentication via the SPF standard.

This authentication system helps significantly in increasing the reputation of your domain.


DMARC – Domain Based Message Authentication

DMARC is a complex validation system that introduces high security standards for emails.

This system allows domain owners to monitor in real time who sends any type of email using their domain and tells email receivers, such as Gmail, to accept or reject emails not sent from an authenticated source.

Again, email providers such as Gmail and Yahoo will begin to require the DMARC system for all those who send mass emails; although, as already specified, it is very likely that these standards will be imposed on everyone, even those who send a few emails a year.

The Spam Rate, how to know your % of complaints

To keep Spam reports in your emails under control, you will need to equip yourself with dedicated tools and register your domain on them.

A well-known tool that performs this task is Google’s Postmaster Tools.

Domain registration is free and setup takes just a few minutes.

Once all the data has been registered, the system will begin to acquire the domain data until it shows us the various information all aggregated in one place.

As already mentioned, according to recent standards, the Spam rate MUST remain below 0.3%, i.e. 3 emails reported out of 1000 sent.

If you see your Spam rate reported by users growing, it means that you need to start implementing substantial changes to your email sending systems to avoid seeing your email account or, even worse, your domain blocked.


The new authentication standards imposed by the big names of the web at the beginning of 2024 have already become a more than consolidated reality in many companies around the world that want to keep up with the times.

Sending secure emails and protecting your email inbox/domain is one of the most important aspects of the cyber security of your business.

Whether you have an online sales or consultancy business, these new security standards and these new best practices are aimed at you and many other users around the world.

Are you ready to take your business to the next level by staying up to date on all the big changes in Web 4.0?

With Blallo your business will always be up to date thanks to our wide range of services for digital development, design and hosting.

Request a Free Consultation to talk about your needs!