Email best practices
Big news for email marketers and senders: Starting May 5, 2025, Microsoft Outlook will begin enforcing stricter email authentication requirements for high-volume senders –people sending more than 5,000 emails per day. If your messages land in Outlook.com inboxes (including hotmail.com, live.com, and outlook.com addresses), you’ll need to comply with new standards or risk ending up in the spam folder or worse, getting blocked altogether.
Here’s what’s changing, why it matters, and what you should be doing right now to stay compliant.
Microsoft is following in the footsteps of Google and Yahoo by requiring bulk senders (5,000 + daily emails) to fully implement three key email authentication protocols:
Non‐compliant messages will first be routed to spam folders. If the issues persist, senders will find their emails eventually rejected altogether – something you’ll want to avoid!
It seems Microsoft has finally joined the party in keeping our inboxes safe and junk free. The new email authentication requirements for brands sending bulk email will reduce the risk of email spoofing, phishing attacks, and improve overall security and email deliverability.
But why now? Why the sudden need for action?
Well, it’s probably worth mentioning that these new requirements are simply best practices that have existed for well over 10+ years now. There’s nothing particularly new or revolutionary about what Microsoft, Yahoo and Google are doing. In fact, many email senders already meet these authentication standards. The difference is they will now be enforced.
Microsoft also made it clear it will be clamping down on list hygiene best practices, too. Here are some of those best practices they recommend adopting:
Again, Microsoft has said it will take action if these requirements are not met, including filtering or blocking non‐compliant senders.
Here’s the timeframe we’ve been given for compliance:
With Microsoft’s sending requirements largely falling in line with what we saw from Google and Yahoo in 2024, the good news is (if you already implemented the email authentication protocols) no additional action needs to be taken.
However, if that’s not your case, here’s a list of action items along with some documentation on how to get ready:
| What you’ll need | How to get there |
|---|---|
SPF and DKIM | If you’re a Mailjet user, just follow our detailed guide to get your domains authenticated with SPF and DKIM. If you’re not, we’ve outlined the processes for obtaining these authentications in these posts: How to handle SPF and DKIM setup. For DMARC you will need to set up at minimum a p=none policy. |
DMARC | Implementing DMARC takes a bit more time, as DMARC allows you to make choices regarding your policy based on your email program. Get started now by checking out our article What is DMARC and how it works. |
Email list hygiene | Email list hygiene involves removing unsubscribed or unengaged contacts to improve your email deliverability and conversion rates. We’ve put together some tips and best practices for cleaning your email lists. |
At Sinch, email deliverability excellence is always at the core of our product offering for all our email solutions. We’re constantly striving to set up our users for deliverability success and making sure you get the help you need to achieve it.
Sinch Mailjet users can use our detailed documentation to set up the SPF and DKIM email authentication protocols required by Microsoft. If you’re looking for even more tailored support, check out our Deliverability Services. We have a dedicated team of experts ready to help your company navigate these evolving industry standards and implement the tailored strategy that best fits your email needs.
