The requirements cover three core areas:
1) Authenticated email-sending domains
- Publish a DMARC policy for each domain that sends mail with at least a policy of “none”.
- Set up SPF and DKIM for each domain that sends mail. Note that both SPF and DKIM are required, unlike with alignment which only requires one or the other.
- Aligning the domain in the sender's `From:` header with either the SPF domain or the DKIM domain (for direct mail only).
- Ensure that sending domains or IPs have valid forward and reverse DNS records using a Forward Confirmed DNS (FcrDNS). You can read more about FCrDNS here.
2) Low spam rates
- Google and Yahoo require spam rates to be below 0.3%. To check your rates, consult Google's Postmaster Tools or Yahoo's Complaint Feedback Loop program.
3) One-click unsubscribe
- You must implement support for one-click unsubscribes in commercial, promotional messages.
More information on the requirements, their benefits, and guidance on how to get ready can be found here.
Google and Yahoo have united forces to ensure that global inboxes become safer and less spammy. We are thrilled that they are advocating for these changes as strong email authentication has always played a critical role in email-based business operations.
To get to full enforcement, you can sign up for a 14-day free trial of Red Sift OnDMARC's automated DMARC application. Click here to learn more about OnDMARC.