Blog Manager

Universal Article/Blog/News module

First Yahoo, and Now AOL. What Do You Need to Change to Be DMARC Compliant?

Like Up:
Like Down:
06 Jan 2021

Domain-based Message Authentication, Reporting, and Conformance (DMARC) is essentially an added layer of security for both the senders and receivers of email messages. Not only does it improve the security of your business email, but it also heightens the legitimacy of your emails.

Running email marketing might bring significant returns on investment. However, there’s an added risk of getting scammed. Scammers often tend to spoof your emails to trick people into believing that these are branded emails and often end up getting scammed for money or give away their personal information, either via phishing or other malicious attacks.

Having said that, Email Service Providers such as Yahoo and AOL made it necessary to have DMARC compliance prior to sending out emails for businesses. Without any further ado, here’s a detailed insight into DMARC and what you need to change to be DMARC compliant.

DMARC Compliance – An Introduction

Before we dive into how Yahoo and AOL updated their policies, let’s help you understand what DMARC really is.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is essentially a security protocol with the primary aim of authenticating outbound emails from business entities. It prevents scammers from using your emails for fraudulent activities by implementing both the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) protocols.

With DMARC, each outbound email is sent with an indicator that shows whether it is secured with DMARC or not. In case DMARC is set up, the email message proceeds to be delivered. In contrast, if it isn’t sent with DMARC certification, the receiving server rejects or discards it simply.

In an attempt to prevent attempted phishing or spoofing emails and stop the delivery of fraudulent emails, many ESPs, including Yahoo and AOL, made specific changes in their DMARC policy. With the new updated policy, outbound mail from Yahoo and AOL servers will be rejected if it isn’t sent from a Yahoo or AOL server.

Within the DMARC policy, domain owners can make use of a setting referred to as “p=.” The primary aim of this command is to tell precisely what the receiving email server should do in case the DMARC check fails.

Now that there have been several updates in Yahoo and AOL’s DMARC policies, it looks something like this “p=reject.” This clearly hints the receiving server to reject any outbound email messages with a different “from address” and “sender domain.” Here’s how it can affect you as a business owner.

DMARC Compliance – How Does It Affect You As A Business Owner?

Irrespective of whether you’re a small business owner or the owner of a chain of businesses, DMARC compliance has drastically affected the email marketing campaigns.

With the new updated DMARC policy, receiving servers reject “from” addresses with either or if they didn’t originate from the Yahoo or AOL servers, respectively. While it can prevent spammers from spoofing your emails, it can create certain problems for you.

You can no longer use Yahoo or AOL addresses as “From Email” if you intend to send email marketing campaigns or system emails such as “auto-reply” targeted action-based mails.

If you’re wondering why, here’s a short answer for you. If you send emails with yahoo or AOL in the “from” address, those emails will automatically be rejected by any DMARC compliant receiving email server. While there is no workaround for this, instead, here’s what you could do if you intend to send marketing emails.

DMARC Compliance – What do you need to change as a business owner?

To ensure the delivery of your email messages, here’s how to be DMARC compliant.

“If you’re intending on running an email marketing campaign, you should use a domain that you own, rather than sending marketing or system emails directly from your Yahoo or AOL account.”

Not only will it prevent your marketing emails from getting bounced or blocked, but it will also ensure your emails are delivered to your potential clientele or leads – thus resulting in improved B2C interaction.

With digital business and e-commerce advancing each day, phishing emails aren’t stopping any time soon. While at the moment, only Yahoo and AOL users are affected by the new updated policy.

However, with the security breaches that email services providers (ESPs) face, it will not take long before other email service providers such as Gmail and Hotmail make the switch. This is why you need to send marketing emails from a domain controlled by you.

Apart from owning a domain, to get the most out of your email marketing campaigns, you can have a look into CBT Mass Email Sender. With CBT Mass Email Sender, you can send out thousands of emails using multiple SMTP accounts. It can effectively empower your subscriber list and send out emails with the click of a button.

Key Takeaways:

DMARC is essentially a security protocol implemented with the primary aim of preventing spammers from spoofing your emails.

With the new updates to yahoo and AOL’s DMARC policy, you can no longer send emails with a different “from address” and “sender domain.”

Buying a domain of your own is one way to work around the newly updated DMARC policy by Yahoo and AOL.

A personal domain will not only prevent your marketing emails from getting bounced, but it will also improve your email deliverability rates.


With the significant return on investment (ROI) by running digital marketing campaigns, scammers are keen to exploit this situation and spoof your business domains. Scammers send out phishing emails disguised under your business name to trick people into believing that these emails are indeed sent from your business. This results in them giving away sensitive information and, in worst cases, money.

In an attempt to protect its users against phishing and malicious attacks, yahoo and AOL updated their DMARC policies. But, at the same time, it affected legitimate mail from being delivered, too.

No comments yet...
Leave your comment

Character Limit 400