Today, Microsoft shared a forthcoming groundbreaking change to its email policy that will significantly impact the entire email ecosystem, following the news from Google and Yahoo in October of last year. Microsoft is joining the charge for a safer and more trustworthy inbox, announcing that they will implement similar requirements for Microsoft email services, with a date to be announced in the future.
Seth Blank, CTO of Valimail, supports the addition of Microsoft in leading the industry forward:
“Your email should be trusted and safe. Everyone’s email should be. This is Valimail’s mission: restore trust to email. We believe that authentication is foundational, and doing it the right way is critical. We applaud Microsoft in underscoring the need for strong email authentication done well, along with Google and Yahoo, and elevating these new requirements into a truly global initiative to protect not just consumer but also enterprise mailboxes at scale.”
Seth Blank, CTO of Valimail
The goal: A safer, more trustworthy email for everyone
Microsoft’s, along with Google’s and Yahoo’s, moves are designed to combat the rampant phishing, spoofing, and other fraudulent activities that have plagued email for years. By mandating stronger authentication measures, the collective goal is to restore trust in email as an essential communication channel and improve the delivery of emails recipients actually want.
What you need to know now
- Microsoft will be adopting requirements similar to Google and Yahoo. This brings near global adoption of email requirements to both consumer and enterprise mailboxes. Microsoft has not yet announced a specific timeline, but they have said it’s a “when, not an if.” If you are sending consumer email, these requirements will impact you.
- Authentication is Mandatory: Ensuring messages meet the requirements, all emails must pass SPF, DKIM, and DMARC to be successfully delivered.
- DMARC is the Standard; p=quarantine and/or reject enforcement is coming. While a specific timeline for this has not been shared, all inbox providers have indicated that enforcement is the goal for all email. We encourage all senders to adopt DMARC and move to enforcement as quickly as possible to avoid blocking messages.
- Technical Best Practices: Ensure your email systems have valid DNS records and follow recommended configurations.
- Low Spam Rate: Maintain a good sender reputation by keeping spam complaints to a minimum.
The impact on your business
These changes are particularly significant for businesses that rely on email communication. It was discussed during the webinar that DMARC compliance and meeting these requirements is a great starting point. And then to give senders a chance to truly have their emails “shine,” taking control of the emails a brand sends is achieved by reaching enforcement. Furthering a brand’s ability to send email to the people that have given them permission to, all while having spam and phishing emails impersonating a brand removed.
The future of email
During the webinar, Valimail’s CTO asked if the future of email will be getting to enforcement, and Google, Yahoo, and Microsoft collectively agreed that they are invested in security and will continue to do what it takes to protect users. The aim is to give people the chance to take the opportunity to get there and learn, knowing true protection is achieving enforcement.
Now with Microsoft joining the fold, the policy shifts are major steps towards a more secure and trustworthy email ecosystem. By embracing these changes, businesses can protect their brand, their customers, and the integrity of email communication.
Valimail is here to help
Meeting these requirements doesn’t have to be overwhelming. Most of these are already email best practices. As the industry leader in DMARC, Valimail is committed to helping businesses navigate these changes. Our platform makes it easy to implement and manage DMARC, ensuring your emails reach their intended recipients.
Sign up for Valimail today to check if you are compliant:
Need More Information?
For a deeper dive into each requirement and step-by-step guidance on how to comply, here are a few additional resources: