this post was submitted on 02 Apr 2024
171 points (95.7% liked)

Technology

59374 readers
7409 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Google has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks.

As announced in October, the company now requires those who want to dispatch over 5,000 messages daily to Gmail accounts to set up SPF/DKIM and DMARC email authentication for their domains.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 7 months ago (4 children)

I wonder how Google will define spoofed...

[–] [email protected] 9 points 7 months ago (1 children)

it's in the article. more than 5000 messages to gmail users per day without dkim

[–] [email protected] 0 points 7 months ago (1 children)

I meant if they'll also define mail from competitors as spam, wouldn't surprise me

[–] [email protected] 7 points 7 months ago (1 children)

DKIM is the standard for verification right now. This isn't an anti-competition play. I manage DKIM records for my clients all the time. Yahoo, SB global, and At&t enforced DKIM requirements a few months back and it's been a headache but it has made a huge difference in spam emails.

For anyone who doesn't know what DKIM is, it's a method of an email provider getting a sort of green flag from the host domain name. So if you have an email address [email protected] and your email provider is Microsoft 365 and your domain provider is goDaddy, Microsoft says to goDaddy, "hey I'm sending this email, can you verify that I have permission to send from the domain my business.com?" And go daddy checks for DKIM records from Microsoft and sees it and says "yes sir, this is approved." Then M365 sends the email, and if the recipient requires DKIM to receive the email at [email protected], Yahoo looks at the domain and asks, "hey goDaddy, it says you host this, is this email legit?" And goDaddy says "yep it's all legit, give it to the recipient."

This effectively eliminates messages sent from a domain without DKIM records as well as spoofed emails because those spoofed emails never checked in when sending.

I appreciate the skepticism but this is a security play, not a business one.

[–] [email protected] 2 points 7 months ago

Alright thanks for the clarification, I learned something new today

load more comments (2 replies)