Microsoft is cracking down on high-volume email senders that are using its Outlook.com email service, saying it “is stepping up its commitment to protect inboxes.”

Spam continues to be one of the biggest problems plaguing email use, with an 160 billion spam emails sent eve𒅌ry single day. With one of the most popular email services, Microsoft is taking steps to address unwanted emails sent via Outlook.

The company announced the changes in .

In an era where email remains one of the most widely used tools for personal and business communications, Outlook is stepping up its commitment to protect inboxes and ꧟preserve trust in the digital ecosystem. Today, we’re announcing new requirements and best practices designed t♒o strengthen email authentication for domains sending more than 5,000 emails per day.

These new requirements will enforce stricter standards by including mandatory SPF, DKIM, DMARC settin♑gs. Outlook is pushing the broader industry toward best practices and safeguarding the millions of individuals and small businesses that rely on us every day. These measures will help reduce spoofing, phishing, and spam activity, empowering legitimate senders with stronger brand protection and better deliverability.

The New Requirements

Domains that send more than 5,000 emails per day will need to comply with SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting and Conformance). SPF, DKIM, and D🎃MARC are a collection of email authentication methods designed to cut down on spam and improve the trust and legitimacy of sent emails. In particular, they are designed to comb🌃at efforts to spoof domains, making emails look as if they originated from a different domain than they really did.

Microsoft says companie𝓡s should immediately begin complying with the new rules to ensure their emails continue to reach the🐟ir destinations.

Starting today, we encourage all senders and particularly those that send at high volume to review and update their SPF, DKIM, and DMARC records, in preparation for when the enforcement begins, stꦯarting in May.

After careful consideration and to ensure the protection of users and remove any confusion on why a message was in the junk folder for both the recipient and sender, we have made a decision to reject messages that don’t pass the required authentication requirements detailed above. The rejected messages will be designated as “550; 5.7.515 Access denied, sending domain [SendingDomain] does not meet the required authentication level.” This change will state taking effect on May 5th as originally stated.

It’s good to see Microsoft cracking down on one of the biggest issues plaguing modern email.