Trends Changes to Yahoo & AOL’s DMARC Policy By Ken Simpson | 2 minute read Yahoo & AOL Mail recently updated their DMARC (Domain-based Message Authentication, Reporting and Conformance) policy to “reject”. The new policy means that messages from Yahoo! and AOL addresses will be rejected by email receivers unless they originate from a Yahoo! or AOL mail server. This change makes it impossible for spammers and fraudsters to impersonate Yahoo! and AOL users when sending email through systems not owned by the companies. At the same time, it makes forwarding and other legitimate uses of Yahoo! and AOL addresses much more difficult. Why was the change made? Both Yahoo! and AOL have acknowledged that the change was made in order to reduce the use of Yahoo! and AOL addresses by spammers and fraudsters. Before the change, it was commonplace for nefarious actors to send email Help! What should I do? It is recommended to change the FROM address to a non-AOL or non-Yahoo! email address. It is best to change it to your own custom domain. If necessary, you can also set the Reply-To field to be the original Yahoo! or AOL address that previously was used in the From field. For mailing lists, also known as listservs, we recommend configuring reply behavior to fill the From line with the mailing list’s address rather than the sender’s and put the actual user / sender address into the Reply-To: line. Read the Yahoo & AOL Mail announcements.