Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods.

“These Domain Name Service (DNS) email authentication records verify that you are the legitimate sender of your email and prevent spoofing and phishing attacks,” Microsoft noted.

Google’s upcoming spam-fighting measures

In February 2024, Google will introduce a number of new requirements for bulks senders, i.e., those that send over 5,000 messages to Gmail accounts per day.

Among other things, bulk senders will be required to keep spam rates below 0.3% and make sure that users can unsubscribe with just one click of the mouse, lest their emails end up blocked by Google or redirected to users’ spam folder.

Sending bulk email via Microsoft 365

To make sure their emails are delivered and not rejected or marked as spam by email service providers such as Gmail, Yahoo, AOL,, Microsoft 365 email senders should authenticate their emails with SPF, DKIM and DMARC domain authentication tools.

But, Microsoft made sure to note, using Microsoft 365 to send bulk (mass) email is not a supported use of the service.

“[Exchange Online Protection (EOP)] has strict outbound spam controls that can block or segregate your email to a special high-risk delivery pool if it exceeds sending limits,” the company explained.

There are strict outbound spam protection recommendations for those who want to send bulk email through EOP:

  • Avoid sending a large quantity of emails and including a large list of Bcc recipients
  • Use custom, dedicated subdomains for sending out bulk email
  • Make sure these subdomains meet email authentication standards (SPF, DKIM and DMARC).

“Following these recommendations does not guarantee delivery. If your email is rejected as bulk, send it through on-premises or a third-party provider instead,” Microsoft concluded.

Don't miss