Submitted via IRC for TheMightyBuzzard
Google announced back in February 2016 that it planned to improve Gmail security by adding new security indicators to the service.
One of the improvements was the introduction of a new red question mark icon in place of the profile photo, avatar or blank icon to highlight unauthenticated emails.
Google announced yesterday that the roll out of the feature started, and that Gmail users on the web and on Android will soon notice the new red question mark icon for unauthenticated messages.
[...]
Google's method for determining the authenticity of a message is the following one: if a message can't be authenticated using DKIM or Sender Policy Framework (SPF), it is marked as unauthenticated.
Gmail, on the web, displays profile icons only when an email is selected, but not in the email listing itself. This means that you will have to click on a message to find out if it is authenticated or not.
Source: http://www.ghacks.net/2016/08/11/gmail-question-marks-unauthenticated-senders/
(Score: 2) by deimios on Saturday August 13 2016, @04:46AM
I've set up SPF, DKIM and DMARC until it hit me: all the nice automated bash and php scripts send unsigned mail and if I enforce a reject policy, never get to their destination. Got to find an aliasing wizardry that takes an internal address, signs and forwards the mail, not going to rewrite scripts I wrote a decade ago.
Overall a good thing but not necessarily easy to implement on braindead systems.