As a strategic email partner for financial institutions, it is crucial to keep Core iQ customers ahead of the curve on the latest email security standards to ensure your email deliverability and sender reputation are safeguarded against digital threats. Recently, industry giants like Google and Yahoo announced significant changes to their email requirements that will be enforced beginning in February 2024.

What are the new DMARC requirements by Google and Yahoo?

Beginning February 1, 2024, email providers Google and Yahoo will begin enforcing Domain-based Message Authentication Reporting and Conformance (DMARC) authentication for email sends from bulk senders (i.e. those that might send 5,000+ emails per day). DMARC is a standard that builds on Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) email authentication methods. DMARC communicates a policy to mailbox providers letting them know what they should do when they receive an email that fails an SPF, DKIM, or SPF and DKIM check purporting to be from your domain (possibly spoofed).

Why does this impact Onovative’s Core iQ users?

To date, Onovative has ensured high deliverability rates by leveraging automated security from our email API, SendGrid, for both SPF and DKIM, requiring our clients to have the proper DNS entries published on their side and validated on our side. To be clear, that level of security is still in place and will not require any additional action on your part.

However, DMARC is a higher level of authentication which some of our clients may not currently have in place. In anticipation of this change, the email API Core iQ utilizes, SendGrid, made a change to their authentication configuration by adding a DMARC protocol with baseline restrictions in order to satisfy the new ESP requirements.

Because of this change, we are alerting Core iQ users so that you continue to have high volume deliverability to Google and Yahoo email service providers.

What do Core iQ users need to do?

Set up DMARC email authentication for your sending domain. If your financial institution does not yet have a DMARC policy in place, you will need to create one and add the requisite and supplied entries for validation. If you aren’t sure if you already have DMARC in place, you can check for free through Valimail.

Below are some resources to help your financial institution implement DMARC effectively. Once these changes have been implemented, please create a support ticket by emailing your DMARC confirmation to su*****@on*******.com to re-authenticate on our end.

We’re Here To Help

We understand these new requirements can be confusing and we’re here to assist you however we can. If you have questions or concerns about these changes and how they will impact your email communications, please don’t hesitate to contact our support team.

More Resources & Information on DMARC