What new standards are emerging?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
Email's technical standards don't change fast, but several new ones are gaining traction. Here's what's actually moving.
On the authentication side, BIMI (Brand Indicators for Message Identification) lets senders display their logo in supported inboxes when they have proper authentication. It requires a verified mark certificate from a trademark office. It's not a deliverability boost on its own, but it signals brand trust. Gmail and Yahoo support it. ARC (Authenticated Received Chain) is a less visible but important standard for forwarding. When an email is forwarded and the original authentication breaks, ARC preserves a record that the message was legitimately authenticated at an earlier point. It matters most to mailing list operators and forwarding services.
On the encryption side, MTA-STS and DANE are both about enforcing TLS encryption between mail servers, preventing downgrade attacks that force plain-text delivery. MTA-STS uses a policy file on your website. DANE uses DNSSEC. Both are still optional but increasingly expected by security-conscious organizations.
Privacy is the third front. As open tracking becomes less reliable (Apple's Mail Privacy Protection being the biggest factor), there's growing pressure for standardized ways to measure engagement without individual tracking. Nothing is finalized there yet.
If you want to check where your current setup stands, our free authentication tools can verify your SPF, DKIM, and DMARC before you start looking at BIMI or the newer standards.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.