Following the changes introduced by Gmail and Yahoo last year, Microsoft has announced that it will begin enforcing new email authentication and deliverability standards for Outlook.com accounts starting 5th May 2025. These changes will apply to all consumer email addresses ending in:

• @outlook.com
• @hotmail.com
• @msn.com
• @live.com

From this date, email that does not comply with the new standards will be marked as spam. At a later, yet-to-be-announced date, Microsoft will escalate enforcement by outright rejecting non-compliant emails.

What’s changing?

If you're already compliant with Gmail and Yahoo’s standards, it’s likely not much will need to change. However, from the 5th May 2025, Microsoft will require all senders sending over 5,000 emails per day to have: 

1. SPF (Sender Policy Framework)

SPF confirms that a domain is authorized to send mail from the specified email infrastructure. According to Microsoft’s recent documentation, the return-path domain must pass SPF, though this is not a requirement for the sending domain itself. If you’re using Ometria, SPF is already configured through the return-path domain by default, meaning no further action should be required. 

1. DKIM (DomainKeys Identified Mail)

DKIM is a widely adopted authentication standard. It uses cryptographic signatures to ensure message integrity. Ometria requires all clients to have valid DKIM records in place, so this will already be in place if you’re an Ometria user. 

1. DMARC (Domain-based Message Authentication, Reporting & Conformance)

DMARC is an email authentication protocol designed to help domain owners protect against unauthorized use, such as phishing. Microsoft requires at least a policy of p=none, with alignment to either SPF or DKIM. Ometria doesn't provide DMARC services, but we can provide guidance on the implementation.

Other recommendations from Microsoft

Beyond technical compliance, Microsoft also reiterates a number of recommendations in their announcement. While not strictly required, failure to follow these recommendations may impact your deliverability, with Microsoft stating that, “Outlook reserves the right to take negative action, including filtering or blocking against non‐compliant senders, especially for critical breaches of authentication or hygiene.” 

These recommendations are:

• Compliant Sender Addresses: Ensure the “From” or “Reply‐To” address is valid, and can receive replies. 
• Unsubscribe Links: Provide an easy, clearly visible way for recipients to opt out of further messages. Ometria already includes the list-unsubscribe header in your campaigns for you, so no action is required. 
• List Hygiene & Bounce Management: Remove invalid addresses regularly to reduce spam complaints, bounces, and wasted messages. 
• Transparent Mailing Practices: Use accurate subject lines, avoid deceptive headers, and ensure your recipients have consented to receive your messages.

What do senders need to do?

Here’s a quick checklist to help you prepare for Microsoft’s new standards:

1. Audit your DNS records

Make sure SPF, DKIM, and DMARC are all correctly configured. You may need to work with your IT or DNS team to verify each record.

1. Set up DMARC if you haven’t already

If your sending domains don’t have a DMARC policy, it’s time to implement one. At a minimum, your policy should be set to p=none and include a valid rua tag to receive reporting data.

Unsure where to start? We’re happy to provide recommendations for DMARC specialists.

1. Maintain list hygiene

• Clean your lists regularly to remove inactive or bouncing addresses

• Ensure you have plans in place for inactive contacts including re-engagement campaigns and rules on when to stop contacting them altogether.

• Don’t purchase mailing lists or subscribe users by having an opt-in checkbox automatically checked on your website.

Want further support in fine-tuning your segmentation and engagement strategies? Get in touch with your Ometria Customer Success Representative to explore the possibilities.

Final thoughts

At Ometria, our expert team is always on hand to support you. If you have any questions on this upcoming update, deliverability, or your wider customer engagement strategy, don’t hesitate to get in touch with your Customer Success Representative for personalized assistance.

Not yet with Ometria? Why not book a demo with our team and start exploring the possibilities.