" google Archives - LuxSci

Posts Tagged ‘google’

New Email Authentication Requirements from Google and Yahoo: What You Need to Know

Tuesday, December 12th, 2023

Google and Yahoo have recently announced their latest updates aimed at reducing spam and spoofed emails.

These updates affect everyone sending emails to Google or Yahoo users. They apply fundamental authentication requirements to regular email, and further requirements apply to those sending higher volumes of bulk emails. These new requirements apply to all email platforms and service providers.

Please note: Many of these new requirements are technical in nature and will require access to your DNS management. You may learn more about these DNS concepts in this LuxSci blog: Understanding DNS Configurations for Email Security: A Guide to SPF, DKIM, and DMARC Records.

As a reminder, it is imperative that you adhere to strong email best practices. Here’s what you need to continue doing on top of your email game:

All senders emailing Yahoo or Gmail:

  • Add DNS SPF records for every domain you use to send emails to authenticate your emails.
  • Add DNS DKIM Records for every domain you use to send emails to further authenticate your emails.

While many have added SPF records in 2023, it’s now crucial to also have DKIM records in place.

For those sending large volumes of emails to Google or Yahoo users (over 5,000 messages on some days)

  • Complete the requirements required for all senders.
  • Implement DNS DMARC: Set up a DNS DMARC email authentication policy for your domains. You can set your DMARC enforcement policy to “none.”
  • Align Your Domains: Ensure the domain used for bounce processing (i.e., the “Return-Path”) matches/is aligned with your From domain in every email.
  • Include Easy Unsubscribe Options: Include a one-click unsubscribe option for marketing and subscription emails.

 

Google’s new requirements begin on February 1st, 2024, and Yahoo will follow in the first quarter of 2024. Aim to make these changes by the end of January 2024.

LuxSci customers will need to:

  • Ensure a DNS Sender Policy Framework (SPF) record.
  • Ensure a DNS DKIM record is in place.
  • Implement a DNS DMARC record.
  • For marketing and subscription emails, enable and use LuxSci’s “Unsubscribe Links” feature.
  • For those using LuxSci Bounce Processing, enable the user of a Custom Bounce Processing domain for every sending domain to ensure that these domains are aligned.

These steps will help ensure your emails continue to reach your audience effectively and responsibly. Without them, messages to Google and Yahoo! recipients may go directly to their Spam folders or be rejected.

As always, your LuxSci team is here to help clarify or provide further guidance. We are happy to support you and help you successfully navigate through these changes.

You may read more about these requirements at the following links:

Outbound Email Encryption for Google Workspace

Tuesday, October 5th, 2021

Google Workspace is one of the world’s most popular email platforms. Although it is more than adequate for basic email correspondence, Gmail does not come configured to meet HIPAA email security requirements. To use Google Workspace in a HIPAA-compliant manner, you need to use a third-party connector to secure your communications.

outbound email encryption for google

Read the rest of this post »

A Comparison of Email Backup Policy of Popular Email Services

Wednesday, November 1st, 2017

Do you use email backup in your practice? Make a smart choice by comparing the backup policies of popular email solution providers.

Privacy concerns are constantly rising especially following the revelations by Edward Snowden. Now, the big question is “Do the popular email services in the US retain your data forever?” In order to find an appropriate answer, we examined the email backup policies of 7 popular providers.

Data breaches and privacy concerns make headlines for they have a direct impact on an individual’s private life. Going by the news of mass surveillance by government authorities, it is natural for you to be extra cautious about protecting your privacy. After all, nobody wants to get exposed although a bit of exhibitionism resides in each of us.

The US government is pressing technology giants to reveal what they have in their “box” (or your inbox). Apple reported that it received the highest number of security requests for data from the US government this year.

Considering the “attacks” from both the government and hackers, it is imperative for you to learn how these email services ensure that your data remain safe.

Read the rest of this post »

What’s the latest with HTTPS and SSL/TLS Certificates?

Wednesday, August 2nd, 2017

We’ve written quite a lot in past FYI Blog posts about SSL/TLS certificates, the critical building block to secure communication on the Internet. We described what such certificates were, their use in securing the communications channel between a client (browser) and a server, different types of certificates and the pros and cons of using each.

Given the changes in the Internet landscape over the past five years, we feel it is time to revisit these topics. The technical details described in the earlier posts remain unchanged. What has changed, though, are the traffic patterns for HTTPS-based communications, additional vulnerabilities arising as a consequence and ways to mitigate these. This post will provide a general overview of certain changes in the Internet landscape over the past few years, while subsequent blog posts will describe some of the topics identified here in greater detail.SSL TLS Certificates

Read the rest of this post »