Incident

Google and Yahoo DMARC Enforcement: What Changed in February 2024

In February 2024, Google and Yahoo began rejecting bulk email from senders without DMARC, SPF, and DKIM properly configured. This was the biggest change to email deliverability in years — and it caught thousands of senders off guard.

Published March 19, 2026

In February 2024, Google and Yahoo turned on strict authentication for bulk traffic to their users — and overnight, senders without DMARC (and aligned SPF/DKIM) started seeing hard bounces and spam placement at scale. If you send marketing or transactional mail at volume, this was the line in the sand.

What happened

Google and Yahoo announced new requirements for bulk senders (5,000+ emails/day to Gmail):

Valid SPF or DKIM authentication required
DMARC record required (p=none is sufficient)
One-click unsubscribe required for marketing email
Spam rate must stay below 0.3%

The deadline was February 1, 2024. Senders who didn't comply saw emails rejected or routed to spam.

Why it mattered

Before this, many businesses sent email with no DMARC record and minimal SPF configuration. It worked because major providers were lenient. February 2024 ended that leniency. Google's 550 5.7.26 error code started appearing in bounce logs worldwide — "Unauthenticated email from [domain] is not accepted due to domain's DMARC policy."

Who was affected

Marketing platforms without domain authentication configured
Transactional email senders without DMARC
Self-hosted mail servers with weak SPF
Anyone using shared hosting email with default configuration

The 5.7.26 error

550-5.7.26 This message does not have authentication information or fails to pass authentication checks. To best protect our users from spam, the message has been blocked.

This error means no DMARC record exists or the DMARC record has no policy that satisfies Google's requirements.

What to do now

Add a DMARC record if you don't have one — even p=none satisfies Google's requirement
Verify SPF covers all your sending IPs
Enable DKIM for your sending domain
Run DNS Preflight to check all three

Minimum DMARC to satisfy Google:

_dmarc TXT "v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com"

Check your DMARC compliance

Open DNS Preflight →

Related: DMARC · DMARC policy · DMARC record guide

FAQ

What did Google change in February 2024?

Google started rejecting bulk email from senders without a DMARC record, valid SPF, and DKIM. The change affected anyone sending 5,000+ emails/day to Gmail addresses.

What is the 550 5.7.26 error?

Google's rejection code for email failing authentication requirements. Usually means no DMARC record or DMARC failing on the sending domain.

Does p=none DMARC satisfy Google's requirement?

Yes — Google requires a DMARC record to exist, not p=reject. Even p=none satisfies the February 2024 requirement.

Does this affect low-volume senders?

The 5,000/day threshold applies to bulk requirements. But Google applies authentication checks to all senders — low-volume senders should still have SPF, DKIM, and DMARC.

How do I check if I'm compliant?

Run DNS Preflight — it checks SPF, DKIM, and DMARC in one pass and shows exactly what's missing.

← All incidents

Open DomainPreflight →