AOL Follows Yahoo in DMARC Policy Change

By: Chris Reibold
Senior Email Analyst

A couple weeks ago I wrote about how Yahoo’s DMARC change would be a new trend and that we would see it going forward with other email providers. No, I’m not psychic, but I was right.  Yesterday AOL announced the same change.

For more details, click here to read my first post.

Like the Yahoo change, this only affects messages with the From address of AOL.com. If you are sending from AOL.com to AOL.com through JangoMail (or any other email provider), then your message will never be delivered.

The domino effect is clearly in play here. You can expect Hotmail and Gmail to follow suit accordingly in the near future.  Keep it here for the latest.

Bottom line: Do not use an @aol.com, @yahoo.com, @gmail.com, @hotmail.com, or other free email provider address to send your emails. Instead, set up and send from your own domain. Learn how to here.

Yahoo Policy Change Impacts Delivery

By: Chris Reibold

Senior Email Analyst

While I did put considerable thought into titling this blog post “Yahoo breaks the internet!”, I thought that might be a little dramatic, but it was tempting.

Within the last 48 hours, Yahoo made a bold move in updating their DMARC policy setting to "p=reject." Therefore, mail containing a Yahoo from address is no longer considered legitimate if it does not contain an authentication signature, or if it did not come from properly identified Yahoo infrastructure.

What does this mean? If you are sending from a Yahoo address, to Yahoo users, your emails will always be bounced. Essentially, if the from address is @yahoo.com, and your message is not originating from Yahoo infrastructure (using their web interface, or sending with your Yahoo account from outlook, your iPhone, android, etc), it will never make it to the recipient.

If you look inside the SMTP logs of a message sent to Yahoo, it will look like this:

Message+not+accepted+for+policy+reasons.++See+http://postmaster.yahoo.com/errors/postmaster-28.html - - 0 0 0 SMTP - -

At JangoMail, we discourage our users from sending with a from address of major free email providers like Yahoo, Gmail, and Hotmail.  With the new change, however, users will be flat out blocked if they try to send from a provider. While this move seems drastic, it will limit the amount of spoofed email to Yahoo accounts to zero.

Since Yahoo is a major source of email on the web, you can expect Hotmail and Gmail to follow suit. Do not think of this as some security experiment that Yahoo is performing, but a real and secure change in the way email is handled on the internet today.

Bottom line: Do not use a @yahoo.com, @gmail.com, @hotmail.com, or other free email provider address to send your emails. Instead, set up and send from your own domain. Learn how to here.