Email Authentication: One Year After Google Tightens Security


The safety of email is a hot topic right now. Recent headlines have shown how cyber criminals can hack email or send scams to unknowing victims. Because of these growing problems, there’s more focus on the safety and validity of emails.

To protect emails users, Google tightened its authentication process last year and started notifying users about potential problems.

Not much has changed since the internet giant made these changes, but it does point to a growing safety need. In the future, you will likely hear a lot about email authentication and it’s important to take it seriously.

How Google’s authentication warnings work
When you send an email, Google works some magic to encrypt the information inside. Think of it like sealing a package shut and keeping others from reading what’s inside.

In some cases, the encryption can’t take place, meaning the safety and validity of the information inside could be compromised. Google started warning customers when problems like this occurred.

Anytime you receive a message that wasn’t encrypted, email users see a red question mark where the sender’s profile picture usually is, like this:

Google’s Authentication Warning for Email

If you are about to send an email to an address that couldn’t be encrypted, Google notifies its customers by showing this broken lock:

Google’s Authentication for Emails

If Google users see either of these features, they’re advised not open or send the email.

Authentication technologies: SPF, DKIM and DMARC
Special email authentication technologies work behind the scenes to examine emails to ensure the email comes from a reputable person, is sent from a known IP address, and checks for red flags that could indicate a scam.

There are three authentication technologies that do this kind of work: SPF, DKIM and DMARC. If you’re curious about how each one work, check out this previous post on the Juvlon blog.

To prove that your email is safe, you need to use these authentication technologies. How does it work? You’ll need to make changes in your DNS provider. If this sounds confusing, you should talk with your network administrator for help.

Tips to send authenticate emails
To help marketers send and receive authentic emails, here is a list of tips to follow:

  • Use an email service provider
    It’s best to use an email service provider that can help authenticate your emails. Reputable providers support the technologies mentioned above and can even help you make changes to your DNS provider to ensure your emails won’t raise red flags.
  • Don’t send bulk emails
    Bulk emails are often considered suspicious because scammers often send emails to everyone on their list hoping to take advantage of as many people as possible. Avoid this problem by segmenting your email list and sending specific messages to specific groups of customers.
  • Allow subscribers to leave
    If your email doesn’t give subscribers a way to opt-out of your messages, it will cause problems. Cyber criminals don’t often include an unsubscribe option so it calls the email’s authenticity into question. Make the unsubscribe process easy for every customers to access and complete.

While the authentication process can seem a little difficult, it’s important to take it seriously to ensure that your emails are delivered to the intended inboxes. If your emails aren’t authenticated, they’ll be ignored, land in the spam folder, or land your company on an email blacklist that hurts your reputation and sending power. Know how Juvlon supports email authentication best practices to ensure safe email delivery.