Stop Spoofing Gmail

Stop spoofing Gmail!

Almost everyone has a personal Gmail account, maybe two or three.

But Gmail is not meant to be used for businesses to send email, even small business, even tiny businesses. Gmail obviously doesn’t want you to misuse their service like this. When you send your business email from [email protected], you are claiming to be gmail.com- you’re spoofing Gmail! But there are also reasons you may not be aware of that you don’t want to do this either.

Why you don’t want to to use Gmail for your business

Gmail is big. As we mentioned most people have at least one account. That means there are a ton of people sending email from Gmail every day. That’s not good for businesses that are trying to use it for company email.

1. Many users mean poor domain reputation.

When you share your domain with anyone capable of creating an account, you’re at risk of being groups with spammers and tech-illiterate people. This means that companies who develop spam filters to protect inboxes from spammers have very little means of distinguishing your legitimate business email from all the other noise on email. As a direct result, these filters can’t assign you a high reputation. By misusing Gmail in this manner, you’re grouping yourself in with intentional spammers and other people who don’t know any better.

2. You don’t own the domain, so you can’t control it.

DMARC lets domain owners monitor and control who sends on their domains. But in the case of Gmail, the domain is owned by Google, so you can’t monitor it or control who sends email from it. When you’re using someone else’s domain, you’re going to have zero control over it, and that’s bad for business in several ways

  • It doesn’t allow you to limit who sends, so you’re left wide open to spoofed emails (actually you are spoofing gmail.com). There’s no way for you to stop, or even know that someone is using your email to phish users.
  • Without having control of the domain, you can’t enjoy the deliverability boost that comes with implementing email authentication policies.
3. It’s much more professional to send from your own domain.

Your customers see your email address, and most successful businesses use their own domains to send emails. So using your own domain makes you seem like a better, more successful business to your customers. It also makes it easier for your customers to trust your emails. Which seems more likely to be legitimate- [email protected] or [email protected]?

4. Gmail is just waiting for the day it can secure its domain and block all your emails.

Have you heard of no auth=no entry? It refers to a policy that Google, Microsoft, and other ISPs want to enforce that would mean that any email from domains that don’t use authentication would not get delivered. Currently, there are too many people misusing Gmail for Google to be able to implement a strict DMARC policy. But Google is just waiting until it can enforce a strict policy. You won’t want to be a business misusing Gmail when that happens!

It’s Not Difficult

If you’re sending email for your business, it’s likely that you have a website for your business. It’s not difficult to set up G Suite or any other inbox provider for the domain you already have. It’s also not difficult to buy a domain to use for emails, in case you don’t already have a domain.

All of this applies to all of the free inbox providers such as yahoo.com, hotmail.com, comcast.com, etc.

So do the right thing! Stop spoofing Gmail and start building and protecting your own domain reputation. Once you do, Fraudmac can help you protect your domain against spoofed emails. We have a variety of plans to choose from, including a free option. 

(Note: we’re only talking about using Gmail to send email for your business- if you want to use a Gmail account to log in to Fraudmarc and manage the domain you use to send email, go ahead! )

Menu