Many of you will have heard about the new policies which Google and Yahoo have recently implemented to help prevent email address spoofing.
These new policies require all emails sent to a gmail or yahoo server to be authorised by the domain they claim to be from, as this is controlled by the receiving server, this impacts everyone that sends emails.
Click to see an example of how this process works
Using this Forum’s automated notifications as an example:
- You receive an email from noreply@ecomcommunity.online
- Your mail server will check the domain host (123reg in this case) to see if the sender has been authorised to use the “ecomcommunity.online” domain name.
- Your mail provider will see the domain’s DNS records allow emails from both the ip address: 159.223.244.219 (the IP address of this website) and from the domain: spf.protection.outlook.com
- Your mail provider will then check to see where the email came from and see that the IP address matches, so it will allow the mail through to your inbox, it will also usually give it bonus points towards “not spam” for its own internal anti-spam filtering.
While the setup needed to accomadate these new rules can become very technically and in-depth for larger setups with multiple interconnected domain names, for small businesses that send emails from a handful of unconnected domain names the process is simple enough for anyone to complete with a guide.