How to meet Microsoft’s new email security requirements

Microsoft sets new email security requirements for Outlook compliance

new email security requirements

Last year, Google, Yahoo and other tech giants established new rules for email sender authentication. Now it’s Microsoft’s turn to get tough on spammers, with Outlook introducing new email security requirements for high-volume senders on May 5 2025.

May 5 is the deadline for Microsoft’s new rules

Domains sending over 5,000 emails a day via Outlook must now comply with SPF, DKIM and DMARC, otherwise they risk their messages being routed to Junk or rejected altogether. SPF, DKIM, and DMARC are interdependent email authentication standards that play a key part in fighting against email forgery and impersonation.

  • SPF (sender policy framework) must pass for the sending domain, and the domain DNS record should accurately list authorized IP addresses/hosts
  • DKIM (domainkeys identified mail) must pass to validate email integrity and authenticity
  • DMARC (domain-based message authentication, reporting, and conformance) should be specified at least p=none and align with either SPF or DKIM (preferably both).

“Outlook reserves the right to take negative action, including filtering or blocking, against non‐compliant senders, especially for critical breaches of authentication or hygiene.”

Microsoft Defender for Office 365 Blog, April 02, 2025

Libraesva LetsDMARC makes Outlook compliance simple

Fortunately, Libraesva LetsDMARC makes it quick and easy to configure and manage your DMARC, DKIM and SPF settings.

LetsDMARC identifies and authenticates valid senders (such as the email marketing, CRM, HR, and other third-party services you use) and blocks unauthorized use of your brand. Using LetsDMARC means you’ll be complying with Microsoft’s new email security requirements while preventing cybercriminals from impersonating your domains and sending fraudulent emails to your business partners, employees, and customers.

It’s simple to set up, and you don’t need DNS expertise – simply follow its on-screen prompts and explanations. The single intuitive portal gives you an at-a-glance view of message flow, including pass, quarantine and reject rates.

  • Identifies email origin
  • Smart alignment analysis identifies errors
  • Explanations to help fix configurations
  • SPF flattening (no 10-record limit)
  • Tracks every DMARC, DKIM and SPF change
  • Pinpoints alignment and configuration errors

LetsDMARC gives you at-a-glance dashboards and summaries, and you can easily drill down into the detail. Even better, it guides you through the data and recommends any actions you should take, if needed.

  • Effortlessly take control of your email reputation and secure the delivery of messages with complete DMARC protection
  • Prevent cybercriminals from impersonating your domains by recognizing and authenticating legitimate senders
  • Block emails that spoof your “from” address to reduce fraud and improve your brand reputation with ISPs

Take control of your email reputation and secure the delivery of your messages,
while ensuring compliance with Microsoft’s new email security requirements.