Emails are still a major threat to IT security.
SPF, DKIM, and DMARC are now mandatory for sending to Outlook, Live, and Hotmail.
For domains sending over 5,000 emails per day, Outlook will soon require compliance with SPF, DKIM, and DMARC. Non‐compliant messages will first be routed to Junk. If issues remain unresolved, they may eventually be rejected.
𝟏. 𝐒𝐏𝐅 (𝐒𝐞𝐧𝐝𝐞𝐫 𝐏𝐨𝐥𝐢𝐜𝐲 𝐅𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤)
- Must Pass for the sending domain.
- Your domain's DNS record should accurately list authorized IP addresses/hosts.
𝟐. 𝐃𝐊𝐈𝐌 (𝐃𝐨𝐦𝐚𝐢𝐧𝐊𝐞𝐲𝐬 𝐈𝐝𝐞𝐧𝐭𝐢𝐟𝐢𝐞𝐝 𝐌𝐚𝐢𝐥)
- Must pass to validate email integrity and authenticity.
𝟑. 𝐃𝐌𝐀𝐑𝐂 (𝐃𝐨𝐦𝐚𝐢𝐧-𝐛𝐚𝐬𝐞𝐝 𝐌𝐞𝐬𝐬𝐚𝐠𝐞 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧, 𝐑𝐞𝐩𝐨𝐫𝐭𝐢𝐧𝐠, 𝐚𝐧𝐝 𝐂𝐨𝐧𝐟𝐨𝐫𝐦𝐚𝐧𝐜𝐞)
- At least p=none and align with either SPF or DKIM (preferably both).
More Email_Security
Microsoft encourages all senders, and particularly those that send at high volume, to review and update their SPF, DKIM, and DMARC records in preparation for when the enforcement begins, starting in May.