Google’s email service, Gmail, turns 20 years old on April Fool’s Day. Along with celebrating this significant milestone, Google is also initiating new security measures that will benefit Gmail users globally. However, marketers trying to reach Gmail users must take note of these changes, or they may face consequences that are no laughing matter.
“If A Google User Has A Problem With Email, Well, So Do We” – Sergey Brin
On April 1st, 2004, Google announced that it was launching an email service. At the time, it may have seemed like a joke, as the press release stated that email and not search was the number one online activity, and Google was creating a search-based webmail service in response to a user complaint. However, fast forward 20 years, and Gmail is now the undisputed king of email, with an estimated 1.2 billion users.
That original Gmail press release quoted Google co-founder Sergey Brin as saying, “If a Google user has a problem with email, well, so do we.”
In 2024, perhaps the biggest problem that Google users have with email is the number of unwanted messages that come their way. Be they marketing messages from otherwise long-forgotten mailing lists or newsletter subscriptions, to unadulterated spam and even emails that come replete with malicious content designed to scam and steal. So, it seems only appropriate that Google should address that problem. This is where the new security rules for bulk senders of emails to personal Gmail accounts come into play.
New Bulk Sender Gmail Security Rules Taking Effect 1 April
Google defines bulk senders as those who have sent “close to 5,000 messages” to Gmail accounts in any 24-hour period. Email marketers need to pay close attention to this definition, as their messages will be bounced right back to them unless strict new authentication requirements are adhered to. Not least as the bulk sender classification, once applied, is permanent. Hit the threshold just once, and you are deemed a bulk sender forever. Some might think they can get around the new rules by sending their emails from a multitude of nefarious subdomains, but Google has that covered: all messages from the same primary domain are counted regardless of the subdomains implemented.
The new authentication requirements that have been put in place are actually just mandating something that any genuine and professional marketer should already be doing. This includes using Domain-based Message Authentication, Reporting & Conformance, DomainKeys Identified Mail and Sender Policy Framework to validate that their messages are originating from the source as claimed. According to Gmail group product manager, Neil Kumaran, this step will help eliminate loopholes that attackers use to threaten everyone who uses email. Though it’s not a guaranteed solution to preventing spam and malicious email content, it goes a long way in making our Gmail inboxes safer and less spammy. However, there is still a threat to watch out for, called SubdoMailing, which should be considered.
While the introduction of these new security rules is akin to the icing on Gmail’s 20th birthday cake, it should be noted that they only apply to emails sent to personal Gmail account holders and not Google Workspace accounts. Anything that helps reduce email scams and spam is to be applauded.
Source : https://www.forbes.com/sites/daveywinder/2024/03/31/gmail-celebrates-20th-birthday-and-enforces-new-security-rules-1-april/?sh=4a58b7e92c6d
