Important Changes of Microsoft’s Email Sending Policy Effective May 5, 2025

Home Page » Professional information » Important Changes of Microsoft’s Email Sending Policy Effective May 5, 2025

Dear Customers, We would like to inform you about significant changes to Microsoft’s email sending policies that took effect on May 5, 2025. These changes may impact your ability to send emails, especially if you send a high volume of messages.

What’s Changing?

Microsoft is implementing new requirements for high-volume email senders (over 5,000 emails per day) as part of its efforts to protect users from spam, phishing, and other security threats:

Immediate Message Rejection: As of May 5, 2025, high-volume email messages that do not meet the new authentication standards will be outright rejected (they will no longer be routed to the junk folder as previously planned).
Error Message: Rejected emails will return the following error:
"550 5.7.15 Access denied, sending domain does not meet the required authentication level."
Stricter Enforcement Ahead: Microsoft is expected to further tighten enforcement later in 2025.

New Authentication Requirements

If you send more than 5,000 emails per day, you must ensure that:

SPF (Sender Policy Framework): You have a valid SPF record specifying which servers are authorized to send email from your domain.
DKIM (DomainKeys Identified Mail): You are using DKIM to sign your emails to verify their authenticity.
DMARC (Domain-based Message Authentication, Reporting, and Conformance): You have a DMARC policy in place—at minimum, p=none—that aligns with either your SPF or DKIM (preferably both).

Additional Sending Restrictions

Alongside the authentication requirements, Microsoft is introducing new volume-based sending limits:

Tenant-Wide Sending Limits: Beginning April 2025, Microsoft is enforcing a cap on the number of external recipients that an entire Microsoft 365 tenant can send to within a 24-hour period.
Per-User Limits: Starting October 2025, Exchange Online will limit each mailbox to sending emails to a maximum of 2,000 external recipients per 24 hours.

What You Should Do

Review Your Email Authentication Settings: Ensure your SPF, DKIM, and DMARC records are properly configured.
Prepare for Sending Limits: Assess your current email sending habits and adjust to comply with the new limitations.
Consult with Experts: If your organization sends a large volume of emails, consider consulting your IT team or email deliverability specialists.

Our team is available to assist you in preparing for these changes.
Don’t hesitate to contact us with any questions. contact us

Didn't Find What You
Were Looking For?
Contact Us!

The First Step Starts Here

Professionalism

Our primary asset lies in our human capital, delivering real-time solutions on-site. Therefore, our IT technicians undergo continuous training and certification to ensure top-quality service.

Quality Assurance and Reliability

We implement high-standard quality processes that include clear procedures, documented monitoring, extensive control systems, and thorough inspections.

Availability and Teamwork

We understand the importance of maintaining the continuous operation of our clients' computer systems. Our team ensures full availability to support you whenever needed.

Integrity and Reliability

Integrity and reliability are our guiding principles, serving as a solid foundation for productive and successful collaboration.

Data Protection

T.O.M is committed to maintaining the confidentiality of information and utilizing advanced technological means to safeguard the assets of the organization and, of course, all its clients.