Google DMARC Policy Changes?

32 pointsposted a day ago
by flajr

Item id: 44158209

9 Comments

jeroenhd

a day ago

It looks like this started all the way back in the beginning of last year: https://www.mimecast.com/blog/guide-to-google-dmarc-setup/

This overview also shows other requirements you may have missed: https://www.proofpoint.com/us/blog/email-and-cloud-threats/g...

As for DMARC in the headers, I'm pretty sure Google has done that for years when DMARC is being checked (i.e. when it's being offered by the sending domain).

appreciatorBus

a day ago

As long as I can remember there have been 3 lines in “Show Original”: SPF, DKIM, DMRARC.

Google does have newish (early 2024) policy regarding messages purporting to be from domains which lack a DMARC policy statement. But this is about mail delivery, not the Show Original UI feature. It’s possible they have been only slowly ramping up implementation or perhaps your domain was previously under the threshold but is now over.

https://blog.google/products/gmail/gmail-security-authentica...

macintux

a day ago

This should have an “Ask HN: ” prefix in the title, although that rule is not strictly enforced.

https://news.ycombinator.com/ask for other examples.

flajr

a day ago

Well, thought it is added automatically, sorry about that.

paulschreiber

a day ago

I've seen "DMARC: 'PASS'" on Show Original for a long time (years?).

flajr

a day ago

Maybe when the record for that domain existed, it showed up even then. But I checked this for few emails older than May, and it is not there until 1st of May, where it is failing, if record does not exist.

Brajeshwar

a day ago

Is this new? Some time back (a year back or so), CloudFlare pushed setting up SPF, DKIM, DMRARC the right way and I did so for a lot of my domains. That was the time I read about Google and others being more strict about email deliveries.