Nearly a year has passed since Google and Yahoo tightened their requirements for bulk email senders. According to fresh data from Red Sift, 2.3 million organizations have adopted DMARC policies over this period, significantly enhancing email security against phishing and spoofing attacks.
As of February 2024, 91.38% of global domains lacked a DMARC record, leaving them highly vulnerable to cyber threats. However, by December 2024, DMARC adoption had surged, doubling its growth rate compared to 2023. In total, 2.32 million additional domains out of 72.85 million analyzed had implemented DMARC.
The most notable progress was observed among publicly traded corporations. In February 2024, Germany, Japan, and Spain led the charge in DMARC readiness for Google’s and Yahoo’s new policies, with an increase of 35%. By the end of the year, Austria emerged as the frontrunner, achieving a 28.31% increase, followed by Japan (+19.44%) and Spain (+16.5%).
Beyond DMARC, businesses are increasingly adopting BIMI—a standard that enables brand logos to be displayed in authenticated emails. Over the past year, leading public companies have significantly improved their BIMI compliance, with Austria witnessing a 17.1% increase, Spain 15.5%, and Germany 15.15%. This shift reflects a broader transition from a basic DMARC policy (p=none) to a strict protection policy (p=reject), a prerequisite for BIMI implementation.
Despite these advancements, 86.62% of domains remain unprotected, leaving them susceptible to cyberattacks. Implementing DMARC, DKIM, and SPF remains a critical priority for businesses, especially amid stricter email security requirements imposed by major providers.
Red Sift continues to support companies in fortifying their email security posture. Compliance with Google’s and Yahoo’s new standards necessitates proper configuration of DMARC, DKIM, SPF, and FcrDNS, ensuring reduced attack risks and improved email deliverability.
