Google says it's getting the better of spam & phishing mail


Prime VIP
Staff member
Google has announced that after a decade-long battle with phishing emails, its efforts are finally paying off. In an Online Security blog post, the company has said that 91.4 percent of the authenticated non-spam emails sent to Gmail users come from senders that have adopted either DomainKey Identified Email (DKIM) or Sender Policy Framework (SPF) email authentication standards.

Google has revealed some figures to show that the strategy is working. It says about 76.9 percent of the emails Gmail receives are signed according to the DKIM standard. More than half a million domains (weekly active) have adopted the standard. 89.1 percent of incoming emails Gmail receives come from SMTP servers that are authenticated using the SPF standard, and more than 3.5 million domains (weekly active) have adopted the SPF standard.

Unauthenticated emails are a tiny portion

74.7 percent of incoming emails Gmail receives are protected by both DKIM and SPF standards. It means over 80,000 domains have deployed domain-wide policies that allows Google to reject hundreds of millions of unauthenticated emails every week via the DMARC standard.

While these figures appear to be good, phishers can yet easily target domains that are not yet protected. It further says that those domains that are never used to send email can still help prevent abuse by creating a Domain-based Message Authentication, Reporting & Conformance (DMARC) policy that describes the domains as non-senders.