AOL announced earlier today that they have updated their DMARC policy to “reject”. This is the same email security and brand-protection strategy that Yahoo! recently adopted, aimed at reducing any chances of unauthorized emails sent from their company domains.
Yahoo! and AOL just updated their use of DMARC as “senders” of email. They are also users of DMARC on the receiving side. Royally confused yet?
These two companies both send and receive a ton of email as millions of people use @yahoo and @AOL email addresses. On the receiving side, they are among the many ISPs that check the sender’s DMARC policy to see whether a message should be accepted or not. On the sender side, they have implemented DMARC to prevent unauthorized use of their domains. See below for more on this.
With today’s change, AOL is now telling all ISPs (i.e. large receivers of email) that have adopted DMARC (including itself) to reject email sent from a @aol.com address unless that message was sent through an authorized AOL email server.
Just like you can no longer send a bulk message from a @yahoo.com account, you can now no longer send a bulk message from a @aol.com email address. If you do, any recipient that uses an email account provider that has adopted DMARC will not receive it. ISPs that have adopted DMARC on the receving end include Gmail, Outlook.com, Yahoo!, AOL, Comcast, and others.
Why large ISPs are using DMARC
Yahoo!, AOL and many other companies are adopting an email security protocol called DMARC, which allows them to say: “don’t accept emails that come from my domain unless they are indeed sent through my email servers”.
The objective is to minimize or stop unauthorized messages, especially phishing and spoofing attacks.
What makes things a bit trickier here is that large Internet Service Providers like AOL and Yahoo! are also email account providers. Because of that, they are both senders of email (themsevels as companies, and because of all the users of the email accounts they provide) and receivers of email (billions of emails are sent to @aol and @yahoo accounts).
On the sending side, until now, there was no rule – other than email marketing best practices – that prohibited you from sending a bulk message from an AOL email account.
The adoption of DMARC “reject” policy changes this. Now Yahoo! and AOL are saying: “you cannot use your @aol.com or @yahoo.com email account for anything other than sending a personal message through our mail servers”.
What it all means for you
See our article about Yahoo!’s adoption of a DMARC reject policy for details on what this means for you as an email marketer.
The same concepts remain true here:
- Do not use @AOL addresses for bulk email
- For personal email, make sure you use an AOL SMTP server (see how)
- For mailing lists, see the recommendations by the AOL Postmaster
The safer the email world, the better
The changes that these large ISPs are making make sense. It’s not just about phishing and spoofing: spammers often use free email addresses as they are quick to create and hard to track (who’s behind them).
In fact, you will not even be approved to use MailUp if you are using a free email address. It’s been part of our Customer Approval process for quite some time, and these moves by Yahoo! and AOL simply confirm the validity of that requirement.
Anything that improves the overall safety and trustworthiness of email as a communication tool makes sense to us. In fact, we expect many more ISPs to follow AOL and Yahoo! and implement a strict DMARC policy.
The safer the email world, the better for all email marketers.
We’re all for it.