As of May 5, if you send more than 5,000 emails per day to recipients using Microsoft Outlook.com, Hotmail or Live.com, and these emails do not meet the DMARC, SPF and DKIM authentication requirements, they will be rejected by Microsoft, and no longer sent to the spam folder.
Source: Microsoft Outlook’s New Requirements for High‐Volume Senders
Similar requirements are already in place at Google and Yahoo! since mid-2024, going beyond the DMARC standards to strengthen the fight against identity theft and cyber attacks.
Two types of sender domains are concerned:
- If you send emails to Yahoo, Google or Outlook, Hotmail, you must comply with these requirements
- If you send more than 5,000 emails over 24 hours, additional requirements are required
Impact:
Unauthenticated legitimate emails may not reach their recipients, resulting in communication losses and consequences on business activities.
Microsoft will generate error returns with "550; 5.7.15 Access denied, sending domain does meet the required authentication level."
Exigences et Solutions :
- The SPF (Sender Policy Framework) test must pass for the sending domain.
The domain DNS record must contain the authorization for the originating IP address.
DKIM (DomainKeys Identified Mail) authentication must be successful to validate the integrity and authenticity of the email
The DMARC (Domain-based Message Authentication, Reporting, and Conformance) record must be published
minimum with "p=none" and align with SPF or DKIM (preferably both).
Major senders should also adopt these practices to maintain quality and confidence:
- Compliant Sender Address: Ensure that the “From” or “Reply to” address is valid, reflects the true sending domain and can receive responses
- Functional unsubscribe links: Provide an easy and clearly visible way for recipients to unsubscribe from future messages, especially for marketing or mailing lists
- Good list hygiene and bounce management (opt-out): Regularly delete invalid addresses to reduce spam complaints, bounces and unnecessary messages
- Transparent sending practices (opt-in): Use accurate subject lines, avoid misleading headers and make sure your recipients have consented to receive your messages.
- Outlook reserves the right to take negative action, including filtering or blocking, against non-compliant senders, especially for critical authentication or hygiene violations.
What to do?
Set up DMARC by modifying the DNS records and configuring the sending services.
Check your DNS records (SPF, DKIM, DMARC) and verify that you meet all the requirements with our free checker.
How?
With our expert email consultants at our partners and our Merox platform facilitating the deployment and mastery of DMARC, consolidate your communication strategy and ensure the complete deliverability of your email communications.
Cet article a-t-il été utile ?
C'est super !
Merci pour votre commentaire
Désolé ! Nous n'avons pas pu vous être utile
Merci pour votre commentaire
Commentaires envoyés
Nous apprécions vos efforts et nous allons corriger l'article