Skip to the main content.

2 min read

Enhancing Email Security: Navigating Google and Yahoo's New Requirements

Enhancing Email Security: Navigating Google and Yahoo's New Requirements

Discover the new requirements set by Google and Yahoo for bulk senders and learn how to enhance your email security. Find out how these changes will impact schools and the necessary actions to ensure a seamless transition.

What this means

Google and Yahoo are implementing significant changes that will impact bulk senders, including schools, on their platforms. Starting February 2024, bulk senders will be required to configure SPF, DKIM, and DMARC for their email communications. These authentication methods verify the authenticity of the sender, reduce the risk of phishing, and ensure that recipients receive emails from legitimate sources. Failure to make these configuration changes may result in bulk emails being treated as spam or blocked and blacklisted. Configuring SPF, DKIM, and DMARC also helps protect against email spoofing, providing a more secure email environment for schools and their recipients.


How many schools are affected by this change?

A scan conducted by 9ine revealed that out of 67 schools, 52 have either misapplied or not applied the necessary configuration changes. This accounts for a staggering 77% of the schools surveyed.


Actions schools need to take

  1. Evaluate current email infrastructure: Schools should evaluate their current email infrastructure to determine whether SPF, DKIM, and DMARC are already configured. Understanding the existing setup is crucial before making any necessary adjustments.
  2. Configuration: Take the necessary steps to configure SPF, DKIM, and DMARC for your domain. This involves updating DNS records to include the required information for each authentication method.
  3. Implementing DMARC in monitoring mode (p=none) initially allows schools to receive reports on email authentication results without affecting email delivery. Use these reports to identify legitimate sources and adjust configurations as needed.
  4. Consider a phased approach to the transition. Start by configuring SPF, DKIM, and DMARC in monitoring mode to ensure a smooth process. Gradually move to enforcement mode (p=quarantine or p=reject) once you are confident in the authentication setup.


Informing internal stakeholders and recipients

To prevent disruptions, it is crucial to inform internal stakeholders, such as IT teams and administrators, about the changes being implemented. This will ensure their cooperation and understanding throughout the transition process.

Additionally, schools should communicate with recipients to raise awareness about the new email security measures. By informing them about the purpose and benefits of configuring SPF, DKIM, and DMARC, schools can alleviate any concerns and build trust in the secure email environment.


Conclusion

The new requirements set by Google and Yahoo for bulk senders to configure SPF, DKIM, and DMARC are a positive step towards enhancing email security. By embracing these changes, schools can create a safer digital communication environment and protect against phishing and email spoofing attacks.

To navigate this transition seamlessly, schools need to take the necessary actions outlined above. Evaluating the current email infrastructure, configuring SPF, DKIM, and DMARC, and informing internal stakeholders and recipients are crucial steps in ensuring a smooth and secure email communication process.

For schools seeking support in implementing these changes, 9ine offers an implementation quickstart package that provides a step-by-step procedure. Contact 9ine for more details.

Implementing a Zero Trust Architecture: A Practical Guide for Technical Directors

Implementing a Zero Trust Architecture: A Practical Guide for Technical Directors

A comprehensive guide for technology leaders in schools, on how zero trust architectures can benefit the school’s cyber security practices, and what...

Read More
KCSIE 2023 - Easily Manage your Statutory Compliance

KCSIE 2023 - Easily Manage your Statutory Compliance

KCSIE 2023 has been updated, with schools and colleges needing to evidence compliance by September 2023. With 558 unique requirements, having...

Read More
NCSC Alert: Education Targeted by Ransomware Attacks

NCSC Alert: Education Targeted by Ransomware Attacks

The National Centre for Cyber Security recently published an alert for those responsible for IT and Data Protection in education. The alert brings to...

Read More