Honouring DMARC: Microsoft Announces Enhanced Email Safety Measures!

microsoft new dmarc policy - godmarc

In a groundbreaking move, Microsoft has recently unveiled significant revisions to their DMARC policy handling, with far-reaching implications for both consumer and enterprise customers. For users of their consumer services such as live.com, outlook.com, and hotmail.com, Microsoft has taken a significant step forward by embracing the sender’s DMARC policy.

Enhanced Email Security with Microsoft’s DMARC Validation

Under this new policy, any incoming email will undergo DMARC validation. If an email fails this validation and the sender’s policy is set to “p=reject” or “p=quarantine,” Microsoft will take decisive action and reject the email outright. This robust approach to DMARC implementation promises to bolster email security, protecting users from potentially harmful or malicious messages.

By respecting and enforcing DMARC policies set by email senders, Microsoft aims to create a safer digital environment for its vast consumer base. This proactive measure will prevent email spoofing and phishing attacks, ensuring that only genuine and authorized emails reach users’ inboxes.

Is Microsoft Increasing Email Security for Enterprise Customers?

Yes, for enterprise customers relying on Microsoft’s email services, these enhancements translate into elevated email security. With DMARC validation playing a central role, businesses can have increased confidence that their communications remain protected against cyber threats.

In a momentous declaration, Microsoft is making strides in honouring DMARC policies and ushering in a new era of email security for its vast customer base. As one of the most significant announcements to date, this move is poised to enhance the safety and integrity of email communications.

Steps to Tailor DMARC Handling for Enterprise Customers:

  • Customization Power 

Microsoft’s commitment to enhancing email security includes empowering enterprise customers with the ability to customize DMARC handling for their email communications.

  • Different Actions, Different Policies

Enterprise users can now choose different actions based on the policies set by domain owners, such as “p=reject” or “p=quarantine,” tailoring their email security approach to their specific needs.

  • Default Behavior with Office 365 

For enterprise recipients whose domain is configured with Office 365 as the mail exchange (MX) record, Microsoft will, by default, uphold the sender’s DMARC policy.

  • Decisive Action on Failed DMARC Validation 

Any incoming email will undergo DMARC validation. If an email fails this validation and the sender’s policy is set to “p=reject” or “p=quarantine,” Microsoft will take decisive action and reject the email outright, ensuring robust email security.

  • Protection Against Harmful Messages 

With this proactive approach, Microsoft enhances email security by protecting users from potentially harmful or malicious messages.

  • Enhanced Confidence for Businesses 

By centralizing DMARC validation, businesses can have increased confidence that their communications remain protected against cyber threats.

  • Optimized Protection

Customizable DMARC handling allows organizations to align their email security approach with their unique requirements, optimizing protection against phishing and other threats.

Is Microsoft Revolutionizing Email Security Worldwide?

Beginning July 19, 2023, Microsoft has initiated the rollout of these groundbreaking policies. The first wave encompasses their widespread worldwide customer base, as well as government and 21Vianet clouds. This proactive approach demonstrates Microsoft’s dedication to safeguarding its users’ digital experiences across various sectors and industries.

As highlighted in Message Center posts MC640228 (for worldwide and government clouds) and MC640225 (for 21Vianet), customers are provided with an essential window of opportunity. Until mid-August, they can make necessary adjustments to their policies before the new regulations are fully enforced. This flexibility enables users to align their email practices seamlessly with the DMARC standards set by Microsoft, ensuring a smooth transition to enhanced security.

How Do Alternate Email Security Solutions Impact DMARC?

It is essential to note that the “Honor DMARC” behaviour will not be applied if the recipient domain’s MX record points to an alternative email security solution that sits in front of Office 365. In such cases, the intricacies of mail flow routing may impact the information about the sending infrastructure, making the application of DMARC policies more complex.


In conclusion, Microsoft’s dedication to enhancing enterprise email security is exemplified by its customizable DMARC handling. With a diverse set of options for managing failed DMARC validation, organizations can now tailor their email security to precisely align with their unique requirements, bolstering protection against phishing and other potential threats.

For a comprehensive email security solution and seamless DMARC implementation, consider partnering with GoDMARC. With GoDMARC as your security partner, you gain access to advanced technologies and expertise that ensure your email communications remain safe and protected. Sign up for a free trial of 10 days to experience the full range of benefits. 


Q 1. What is DMARC, and how does it enhance email protection?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that helps prevent email spoofing and phishing attacks. By aligning the sender’s domain with its authentication and encryption policies, DMARC ensures that incoming emails are genuine, thus enhancing email security.

Q 2. How does Microsoft’s new DMARC policy handling benefit users?

Microsoft’s new DMARC policy handling defaults give users added control over their email security. By honouring the sender’s DMARC policy, emails that fail DMARC validation with “p=reject” or “p=quarantine” will be rejected or quarantined, providing robust protection against potentially harmful messages.

Explore Our More Tools:


Look Up and validate SPF Record

Learn More

Look Up DKIM Record

Learn More

Look Up DMARC Record

Learn More

Look Up BIMI Record

Learn More