In a world where email continues to remain a cornerstone of digital communication, the battle against spam and malicious emails continues to be a top priority. Spam is (unfortunately) nothing new to Gmail users – after all, few things are as frustrating as struggling to unsubscribe from unwanted emails. And while the world’s most used email service has had decent spam protection for even its free users, these are set to get even stricter with a new set of changes.
These changes, set to take effect by February 2024, will primarily impact bulk email senders, or those who dispatch over 5,000 messages to Gmail accounts daily. Google’s initiative is aimed at reducing unwanted emails, ensuring senders’ authenticity, and simplifying the unsubscribe process, starting next year.
Gmail defences reportedly block over 99.9% of spam, phishing, and malware-laden emails. However, as technology evolves, so do the tactics of spammers. Google’s new requirements are designed to stay one step ahead of these evolving threats.
One of the core components of these new requirements is the enforcement of a clear spam rate threshold for bulk email senders. Currently, Gmail advises senders to maintain their spam output below 0.3%, but this is merely a recommendation. Under the new rules, this will become a stringent requirement, effectively curbing the inundation of Gmail inboxes with spam. Those who send more than 5,000 messages daily to Gmail users will be asked to offer a one-click unsubscribe button in their messages. All the requests to unsubscribe from such emails must then be processed within two days, Google noted.
To bolster email sender authenticity, Google will mandate bulk senders to “strongly authenticate” their emails by adhering to Google’s established best practices. This move is particularly important as many bulk senders fail to appropriately secure and configure their email systems, creating opportunities for attackers to infiltrate and misuse email channels. By enforcing authentication, Google aims to close these vulnerabilities, making it harder for malicious actors to deceive email recipients.
“Many bulk senders don’t appropriately secure and configure their systems, allowing attackers to easily hide in their midst,” said Neil Kumaran, group product manager for Gmail security and trust, in a blog post. “To help fix that, we’ve focused on a crucial aspect of email security: the validation that a sender is who they claim to be.”
Google is not acting alone in this endeavour. The company is actively collaborating with industry partners to implement these new policies effectively. Yahoo, among others, has already joined this effort to enhance email security and user experience. Marcel Becker, Senior Director of Product at Yahoo, emphasized the need for collective action in the email community, stating, “No matter who their email provider is, all users deserve the safest, most secure experience possible. In the interconnected world of email, that takes all of us working together.”