Early in January 2024, Google and Yahoo updated their email requirements for continued support of 3rd party email mailers. This includes CU*Answers. These updated requirements include requiring DMARC records for all domains that are processed by what they determine as a “Bulk Provider”. CU*Answers is considered a bulk provider, and so each domain we send on behalf of must have a DMARC record.
A DMARC record is a DNS entry that tells recipient email providers how to enforce DKIM and SPF failures and successes. Credit unions using Member Reach, or the default domain of creditunion-notifications.com have been updated accordingly.
For credit unions utilizing a custom domain:
To continue sending email on your behalf, CU*Answers will require a DMARC record to be in place by 3/1/2024. All non-compliant clients on 3/1 will be migrated to the @creditunion-notifications.com domain as a FROM email address for all emails that are sent out of CU*BASE.
The minimum entry that can be added to DNS is:
Name: “_dmarc”
Type: “TXT”
Value: “v=DMARC1; p=none;”
This is an addition that will allow you to be compliant. (notice the underscore in dmarc, that is required)
To see an example of a similar entry for CU*Answers, please view the following:
https://mxtoolbox.com/SuperTool.aspx?action=txt:_dmarc.cuanswers.com
Long term, CU*Answers suggests that clients enroll in a DMARC monitoring service. ValiMail is a free provider that CU*Answers uses for our own DMARC monitoring:
https://app.valimail.com/
After verifying all of your 3rd party email providers are compliant with DKIM and SPF via DMARC reporting, we recommend that following DMARC record:
Name: “_dmarc”
Type: “TXT”
Value: “v=DMARC1; p= reject;
CU*Answers Network Services offers professional services as a project to assist clients in setting this up if needed, but is not required.