New Mass Gmail Rejections To Start April 2024, Google Says | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Starting April 2024, senders of unwanted mass emails to Gmail users will begin to see message rejections increasing unless they abide by new Gmail email sender guidelines, Google warns.

New Rules For Sending Mass Email To Gmail Accounts

As a Forbes article published on February 6 made clear, new rules are coming into place to protect Gmail users from unwanted mass emails. At the time, it was reported that some senders of mass marketing emails had started to receive error messages relating to some messages sent to Gmail accounts. However, a Google spokesperson has told me that those specific errors, 550-5.7.56, were not new but “a product of pre-existing authentication requirements.”

MORE FROM FORBESNew Google Report Warns Of ‘Real And Significant Threat’ To User Privacy

Google has also confirmed that, from April 2024, it will “start rejecting a percentage of non-compliant email traffic, and we’ll gradually increase the rejection rate.” Google says that, for example, if 75% of the traffic meets the new email sender authentication guidelines, then “a percentage” of the remaining non-compliant 25% will be rejected. It isn’t yet clear what that percentage will be. Google does say that when it comes to enforcement of the new rules, it will be “gradual and progressive.” This slow and steady approach appears to have already started, with temporary errors on a “ small percentage of their non-compliant email traffic” coming into play this month. Google also says that bulk senders will have until June 1 to “implement one-click unsubscribe in all commercial, promotional messages.”

Only Email Sent To Personal Gmail Accounts Will Be Rejected

These changes will only impact bulk emails sent to personal Gmail accounts. Senders of mass email to those accounts, those sending at least 5,000 messages a day to Gmail accounts, will be required to authenticate the outgoing email as well as “avoid sending unwanted or unsolicited email.” The 5000 message limit is calculated on emails sent from the same primary domain, regardless of how many subdomains are used. The limit only has to be reached once for the domain to be considered a permanent bulk sender.

These guidelines do not apply to messages sent to Google Workspace accounts, but all senders, including those using Google Workspace, must meet the new requirements.

MORE FROM FORBESBig Game Hackers Smash $1 Billion Ransomware Barrier

Improved Security And More Control For Gmail Users

A Google spokesperson told me that the requirements are being implemented to “boost sender-side security and increase the control users have over what gets into their inbox even more.” For the recipient, it should mean that they can trust the sender of the email they receive to actually be that person or organization, reducing the phishing risk to them as malicious actors commonly exploit authentication loopholes. “If anything,” the spokesperson concludes, “meeting these requirements should help senders reach those who want their messages more effectively, with diminished risk of spoofing and hijacking from bad actors.”


Click Here For The Original Source.

National Cyber Security