Why All Your Emails Sent to Google Accounts are Suddenly Being Rejected
If you send emails to Gmail accounts using any account other than another Gmail account, you may have recently experienced an issue where your emails were not being received. This problem has been happening to people sending from many different domains, but the issue has nothing to do with the subject or type of email being sent. While email being rejected is often because it is seen as SPAM, that is not the case with this issue.
This post discusses what is causing emails sent to Gmail accounts to suddenly be rejected as well as how to go about fixing the issue.
Why All Your Emails Sent to Google Accounts are Suddenly Being Rejected
The reason emails being sent to Google email accounts are being rejected by domains outside of Google, is due to a change implemented by Google without most users being aware. The purpose of the change was to reduce email phishing. More specifically, the change helps ensure the email being received was in fact generated by the person it says it was sent from. However, this small change has had a large impact on sending email to Gmail accounts, and many users have had no idea what was causing the issue or how to fix it.
Luckily, there is a one-time fix you can implement to have your emails accepted by Gmail again. Before setting out to fix the issue, you will need access to your email provider records AND the DNS records for the domain you are sending email from. Alternatively, you will need to have access to someone who has this access on your behalf and can make the necessary changes.
What's causing the issue
Google implemented a change that requires every domain sending email to Gmail accounts to add a record to their DNS (Domain Name Service) called a DKIM (Domain Keys Identified Mail) record. Any emails sent from domains without this are rejected.
What a DKIM is
In general terms, DKIMs are a way to authenticate emails to verify no part of them has been changed after being received by the mail server of origin, and before arriving at its destination mail server. To make this happen, both servers compare a hash of the message, which was created when it was received by the sending mail server.
By hashing the original message with the key from DNS, the receiving mail server can also hash the message using the same process to validate the keys match. All of this processing happens in the background so end users are not aware of it.
A DKIM is nothing more than a string of text like the image below:
The purpose of using a DKIM
Requiring external domains to verify themselves in this way works towards lowering phishing scams. Phishing scams are often targeted at users making them think someone else in the company sent the email and in hopes of getting them to click on malicious links or initiate secure payments, etc.
Fixing the issue
Fixing the issue requires a few steps that only have to be done once and include:
- Enabling the DKIM service on your mail service to generate text records that are then added to the DNS records for the same domain.
- Adding the text records to the DNS records for the domain.
- Sending a test email to a Gmail account and verifying it was received.
For an overview of how to handle this process, the links below share how to configure several different types of email services:
Other info
One other item worth mentioning is that using a DKIM does not mean the email messages are encrypted. Rather it signs the email messages so changes made to the message after it was sent can be detected, and the recipient email server can deny the message.
Most people send email to Gmail accounts on a regular basis. This is often true for both personal email accounts in addition to businesses that use Gmail to communicate with their customers. This makes it extremely important for everyone to be able to send email to Gmail accounts and for Gmail users to be able to receive all legitimate email sent to them. If you recently began having issues sending emails to Gmail accounts, or if your Gmail account does not seem to be receiving all the emails you expect, a missing DKIM record may be the cause.
As always, being aware of recent changes can help smooth out the bumps when it comes to technology!