---
title: "Google’s New DMARC Compliance Requires You to Stop Impersonating Gmail From: Headers | DMARC Report"
description: "Google"
image: "https://dmarcreport.com/og/blog/googles-new-dmarc-compliance-stop-impersonating-gmail-from-headers.png"
canonical: "https://dmarcreport.com/blog/googles-new-dmarc-compliance-stop-impersonating-gmail-from-headers/"
---
Quick Answer
DMARC (RFC 7489) ties SPF and DKIM together by requiring alignment between the envelope sender and the visible \`From\` header. According to Google's February 2024 bulk sender requirements, a DMARC policy of at least \`p=none\` is now mandatory for any domain sending 5,000+ messages per day to Gmail users. DMARC Report
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fgoogles-new-dmarc-compliance-stop-impersonating-gmail-from-headers%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Google%E2%80%99s%20New%20DMARC%20Compliance%20Requires%20You%20to%20Stop%20Impersonating%20Gmail%20From%3A%20Headers&url=undefined%2Fblog%2Fgoogles-new-dmarc-compliance-stop-impersonating-gmail-from-headers%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fgoogles-new-dmarc-compliance-stop-impersonating-gmail-from-headers%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fgoogles-new-dmarc-compliance-stop-impersonating-gmail-from-headers%2F&title=Google%E2%80%99s%20New%20DMARC%20Compliance%20Requires%20You%20to%20Stop%20Impersonating%20Gmail%20From%3A%20Headers "Share on Reddit") [ ](mailto:?subject=Google%E2%80%99s%20New%20DMARC%20Compliance%20Requires%20You%20to%20Stop%20Impersonating%20Gmail%20From%3A%20Headers&body=Check out this article: undefined%2Fblog%2Fgoogles-new-dmarc-compliance-stop-impersonating-gmail-from-headers%2F "Share via Email")
## Try Our Free DMARC Checker
Validate your DMARC policy, check alignment settings, and verify reporting configuration.
[ Check DMARC Record → ](/tools/dmarc-checker/)
> Google’s February 2024 requirements were a turning point, says Brad Slavin, General Manager of DuoCircle. Before that, DMARC was a recommendation. Now it’s a gate - if your DMARC record is missing or set to p=none without a plan to enforce, your email deliverability to Gmail is at risk.
DMARC ([RFC 7489](https://datatracker.ietf.org/doc/html/rfc7489)) ties SPF and DKIM together by requiring alignment between the envelope sender and the visible `From` header. According to Google’s February 2024 bulk sender requirements, a DMARC policy of at least `p=none` is now mandatory for any domain sending 5,000+ messages per day to Gmail users. DMARC Report
Google’s New DMARC Compliance Requires You to Stop Impersonating Gmail From: Headers
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-10697” readonly/>
```
```
As of January 16, 2023 , the United States led globally in the daily volume of spam emails sent, totaling approximately [8 billion](https://www.statista.com/statistics/1270488/spam-emails-sent-daily-by-country/). Czechia and the Netherlands followed closely, ranking second and third with 7.7 billion and **7.6 billion spam emails**, respectively.
To combat such uncontrollable numbers of \*\*phishing and spamming instances, [Google and Yahoo rolled out new policies](https://dmarcreport.com/blog/google-and-yahoos-new-email-authentication-policy-for-2024/) necessitating [DMARC adoption](https://dmarcreport.com/blog/why-you-should-take-dmarc-adoption-seriously/) for domains used for sending more than 5,000 emails per day. _Google laid down a few pointers for bulk and regular email senders, and one of them was the prohibition from impersonating Gmail From: headers_.
Although the news has been well adopted across industries and more companies have started deploying [SPF](https://dmarcreport.com/what-is-spf/), DKIM, and DMARC, there’s still a \*\*lack of comprehension and practice of not impersonating the Gmail From: header.
So, we have curated a blog explaining what it means and how it can impact your domain’s email deliverability if you practice it.
## What Does Impersonating Gmail From: Header Mean?
Gmail’s [list of ‘sending practices to avoid](https://support.google.com/a/answer/81126?hl=en)’ mentions not to impersonate other \*\*domains or senders without permission. _This practice is called spoofing, and Gmail is likely to tag such messages as ‘spam,’ risking even genuine communications_.
In simpler words, it says that \*\*senders should not use any other platform to send emails if they use gmail.com as their domain. This practice is identified as an instance of [domain spoofing](https://perception-point.io/guides/cybersecurity/domain-spoofing-how-does-it-work/).
_So, if you own a small business and use a platform like Mailchimp to dispatch emails from an address like [yourbusinessname@gmail.com](mailto:yourbusinessname@gmail.com), your messages will \*\*fail DMARC authentication checks._ Such emails will be counted as illegitimate or unauthorized as the platform’s servers would neither be included in the [SPF record](https://dmarcreport.com/tools/spf-record-generator/) for gmail.com nor get DKIM signed.
This will impact your domain’s email deliverability and \*\*email-based communications at different levels.
## Changes Made By Google
Previously, the [DMARC policy](https://dmarcreport.com/dmarc-policy/) for gmail.com was set to p=none, which directed recipients’ mailboxes to take no action against messages that **failed DMARC authentication checks**. So, if you were a **regular gmail.com user** (not having a customized domain), then it didn’t really matter if you impersonated the Gmail From: headers because a failed DMARC check had no impact on these messages and their placement in recipients’ mailboxes.
However, Google has changed the scenario now.
Starting from February 1, 2024, Google has shifted the [DMARC](https://dmarcreport.com/what-is-dmarc/) policy for gmail.com from p=none to [p=quarantine](https://dmarcreport.com/blog/dmarc-enforcement-timeline-none-to-reject-roadmap/). As per p=quarantine, recipients’ email servers have to place emails impersonating Gmail From: headers in the \*\*spam folders instead of primary inboxes.
This will \*\*bring a reduction in the [engagement rate for outgoing emails](https://www.lifesight.io/glossary/email-engagement-rate) for your domain, impacting sales, operations, customer services, internal communications, [marketing campaigns](https://www.investopedia.com/terms/m/marketing-campaign.asp), PR strategies, etc.
## Who Will Be Affected?
_Any domain owner using an external platform for sending emails but using gmail.com as the domain will be tagged as an impersonator and be affected by this new change_.
Your emails will land in the spam or [promotions folder](https://www.wisestamp.com/blog/gmail-promotions-tab/#:~:text=The%20promotion%20tab%20or%20category,are%20not%20labeled%20as%20Spam.), and your domain will lose its **good reputation**. Let’s see how you can save yourself from this problem.
## What’s the Solution?
You can \*\*stop using an external platform to send emails if you want to continue using the gmail.com domain.
If you can’t do this (and most businesses can’t), then get a [customized domain](https://www.namecheap.com/guru-guides/what-is-a-custom-domain/) that can properly authenticate on that platform, so you don’t \*\*impersonate Gmail From: Headers. _Most businesses have their own domain, which they can use for sending emails_.
So, set up your domain for email, deploy SPF, [DKIM](https://dmarcreport.com/what-is-dkim/), and DMARC, and start sending out emails from an email address like- [marketing@yourbusinessname.com](mailto:marketing@yourbusinessname.com).
If you don’t own a domain, then you need to **buy it immediately**; otherwise, your [email deliverability](https://dmarcreport.com/blog/why-is-email-deliverability-important-for-online-businesses/) will be impacted. Buying a domain is easy and only costs a few dollars per year. Apart from being a \*\*genuine sender in the eyes of Google, having a domain for your business \*\*creates trust and credibility among customers and prospects, thus driving more business towards you. _Avoid buying a domain name that doesn’t match your business name or isn’t clearly recognizable_.
Reach out to your [email service provider (ESP)](https://www.benchmarkemail.com/blog/email-service-provider/) to support you in setting up the new domain for sending emails and planning a \*\*smooth transition in switching from gmail.com to yourbusinessname.com.
We at [DMARCreport.com](https://dmarcreport.com/) can help with the intricacies of [email authentication](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/), **reporting, and monitoring**. So, _once your domain is all set to be used for sending messages, reach out to us, and we’ll take care of DMARC_.
By [deploying DMARC](https://dmarcreport.com/blog/why-dmarc-fails-troubleshooting-guide-2026/), you would not only be compliant with Google’s new policy but also \*\*shield your business from phishing and [spoofing attacks](https://www.computerweekly.com/news/366546952/Rise-in-fraudsters-spoofing-the-websites-of-leading-UK-banks) directed towards you, your employees, and your customers.
## Sources
- [Google Email Sender Guidelines 2024](https://support.google.com/a/answer/81126) (2024)
- [RFC 7489 - Domain-based Message Authentication, Reporting, and Conformance (DMARC)](https://datatracker.ietf.org/doc/html/rfc7489)
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ dmarc record ](/tags/dmarc-record/)[ email security ](/tags/email-security/)[ SPF ](/tags/spf/)
[ Vishal Lamba ](/authors/vishal-lamba/)
Content Specialist
Content Specialist at DMARC Report. Writes vendor-specific email authentication guides and troubleshooting walkthroughs.
[LinkedIn Profile →](https://www.linkedin.com/in/vishal-lamba/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 7m 4 sectors that need email authentication the most and why Oct 15, 2024 ](/blog/4-sectors-that-need-email-authentication-the-most-and-why/)[ Foundational 4m 8 Misconceptions About DMARC and its Deployment for Businesses Dec 4, 2023 ](/blog/8-misconceptions-about-dmarc-and-its-deployment-for-businesses/)[ Foundational 8m 9 technologies to protect your emails from cyber actors Dec 10, 2024 ](/blog/9-technologies-to-protect-your-emails-from-cyber-actors/)[ Foundational 14m Add TXT Record on Namecheap: A Complete DNS Guide Mar 5, 2025 ](/blog/add-txt-record-on-namecheap-a-complete-dns-guide/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Google’s New DMARC Compliance Requires You to Stop Impersonating Gmail From: Headers","description":"Google's February 2024 requirements were a turning point, says Brad Slavin, General Manager of DuoCircle. Before that, DMARC was a recommendation.","url":"https://dmarcreport.com/blog/googles-new-dmarc-compliance-stop-impersonating-gmail-from-headers/","datePublished":"2024-02-06T11:52:03.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-02-06T11:52:03.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vishal-lamba/#person","name":"Vishal Lamba","url":"https://dmarcreport.com/authors/vishal-lamba/","jobTitle":"Content Specialist","description":"Vishal Lamba writes DMARC Report's how-to guides and vendor-specific configuration walkthroughs. His work focuses on step-by-step implementation guides for major email platforms (Google Workspace, Microsoft 365, SendGrid, Mimecast, Proofpoint, Brevo, and others), troubleshooting common SPF and DMARC errors, and translating RFC-level specifications into practical deployment procedures for IT administrators.","image":"https://media.mailhop.org/dmarcreport/images/team/vishal-lamba.jpg","knowsAbout":["SPF Vendor Configuration","Email Platform Integrations","SPF Troubleshooting","Technical Documentation","Step-by-Step Guides"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vishal-lamba/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/googles-new-dmarc-compliance-stop-impersonating-gmail-from-headers/"},"articleSection":"foundational","keywords":"dkim, DMARC, dmarc record, email security, SPF","wordCount":1119,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Google’s New DMARC Compliance Requires You to Stop Impersonating Gmail From: Headers","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Google’s New DMARC Compliance Requires You to Stop Impersonating Gmail From: Headers","item":"https://dmarcreport.com/blog/googles-new-dmarc-compliance-stop-impersonating-gmail-from-headers/"}]}
```