Gmail just rolled out new security rules — what you need to know

Gmail app on iPhone in woman's hand
(Image credit: Shutterstock)

Google's email service has turned 20. Because it launched on April 1, many thought it was an April Fool's joke at the time. All these years later, Gmail has taken over the world of email and proved to be anything but a laughing matter.

To mark the occasion, Google is officially enforcing a set of previously announced security rules for its email platform. While security rules don't sound fun and exciting, they are designed to make using Gmail a safer, more pleasant experience. 

New bulk sender rules for Gmail starting April 1 and beyond

Several new rules will be enforced on Gmail starting yesterday (April 1). These are actual rules that you'll need to follow if you wish to keep using Gmail.

Basically, Google is now enforcing Bulk Sender Rules, designed to crack down on the amount of spam sent through the email service. All bulk senders must authenticate their email using "well-established best practices." These include Domain-based Message Authentication, Reporting and Conformance, DomainKeys Identified Mail, and Sender Policy Framework. Google's Neil Kumaran states this will "close loopholes exploited by attackers that threaten everyone who uses email." 


(Image credit: Shutterstock)

For legitimate marketers, these should all be done as a matter of fact, so it shouldn't change anything for them. For a sketchy spammer, though, these checks rarely happen, which means their emails will be stopped before they're sent, thus never reaching your inbox (or even spam folder, for that matter).

There are ways around these protections, as there are ways around most security measures, but anything that can help stop the spread of spam and malicious emails is good.

Starting on June 1, Google will make the one-click unsubscribe option mandatory for all bulk senders. This will save you time, as you will no longer have to click 15 different options to remove yourself from an email list.

Other Gmail security changes

According to The Signal, Google is enforcing some other rules that apply to non-bulk senders. For example, the company enhances email encryption when emails are sent through different providers. With Transport Layer Security (TLS), email content will remain encrypted regardless of what email provider the recipient uses. 

Two-step verification will also be the default for Gmail. With this change, phishing attacks, unauthorized access and impersonation attempts will be more complex. 

The Password Alert feature and Security Checkup Tool are also part of Google's further push into security and will help all Gmail users stay safe.

More from Tom's Guide

Dave LeClair
Senior News Editor

Dave LeClair is the Senior News Editor for Tom's Guide, keeping his finger on the pulse of all things technology. He loves taking the complicated happenings in the tech world and explaining why they matter. Whether Apple is announcing the next big thing in the mobile space or a small startup advancing generative AI, Dave will apply his experience to help you figure out what's happening and why it's relevant to your life.