Microsoft 365 admins warned of new Google anti-spam rules

By Sergiu Gatlan October 8, 2023 11:09 AM

After you read this article you will understand why I do not carry O365 nor Google products in my security lines.
To all MSP’s/ Vars get ready you work load is about to get very heavy supporting you clients

Microsoft 365 email senders were warned by Microsoft this week to authenticate outbound messages, a move prompted by Google’s recent announcement of stricter anti-spam rules for bulk senders.

“By setting up email authentication for your domain, you can ensure that your messages are less likely to be rejected or marked as spam by email providers like Gmail, Yahoo, AOL, Outlook.com,” the Microsoft Defender for Office 365 team said.

“This is especially important when sending bulk email (large volume email), as it helps maintain the deliverability and reputation of your email campaigns.”

Failure to follow newly announced email authentication standards might lead to emails being rejected or tagged as spam.

Microsoft also warned that the Microsoft 365 service should not be used for bulk emailing, as emails not following sending limits will be blocked or sent to special high-risk delivery pools by outbound spam controls built within Exchange Online Protection (EOP).

Those who want to send bulk emails should use their own on-premises email servers or third-party mass mailing providers, which will help ensure good email-sending practices.

Organizations that want to deliver bulk emails through EOP will have to abide by this outbound spam protection guidance:

Exercise caution not to exceed the sending limits in the service by sending emails at a high rate or volume. This includes refraining from sending emails to a large list of BCC recipients.
Refrain from using addresses in your primary email domain as senders for bulk emails, as it may impact the delivery of regular emails from senders within the domain. Instead, consider utilizing a custom subdomain exclusively for bulk email.
Ensure that any custom subdomains are configured with email authentication records in DNS, including SPF, DKIM, and DMARC.
However, Microsoft cautioned that even “following these recommendations does not guarantee delivery. If your email is rejected as bulk, send it through on-premises or a third-party provider instead.”

Redmond’s warning was prompted by Google’s announcement regarding the introduction of new anti-spam guidelines targeting senders of over 5,000 daily emails to Gmail users.

Starting February 1st, 2024, Google will mandate senders exceeding this threshold to implement SPF/DKIM and DMARC email authentication for their domains. This measure aims to bolster defenses against email spoofing and phishing attempts.

Furthermore, bulk senders must provide Gmail recipients with a one-click option to unsubscribe from commercial emails and promptly address unsubscription requests within two days.

As part of these efforts to combat spam, Google said it will also closely monitor spam thresholds and, in cases where abusive bulk senders are identified, it will mark their emails as spam to protect users from unsolicited and potentially harmful messages.

“If you don’t meet the requirements [..], your email might not be delivered as expected, or might be marked as spam,” Google warned.

Article (https://www.bleepingcomputer.com/news/security/microsoft-365-admins-warned-of-new-google-anti-spam-rules/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”