Suped

What was the issue with Hotmail's DMARC record and how did it affect email deliverability?

Summary

The Hotmail (Microsoft) DMARC incident involved the simultaneous publication of two conflicting DMARC TXT records for the _dmarc.hotmail.com subdomain. One record specified a p=reject policy, while the other indicated p=none. This misconfiguration, which violates DMARC RFC specifications, led to unpredictable email deliverability outcomes for messages spoofing Hotmail.com addresses.

Suped DMARC monitor
Free forever, no credit card required
Get started for free
Trusted by teams securing millions of inboxes
Company logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logoCompany logo

What email marketers say

Email marketers keenly observed the unfolding Hotmail DMARC issue, recognizing its potential to disrupt ongoing campaigns and impact sender reputation. Their immediate concerns revolved around message delivery failures and the inconsistent application of DMARC policies by various email service providers, necessitating quick adaptation and vigilance.

Marketer view

Marketer from Email Geeks observes the Hotmail DMARC situation with keen interest, noting the potential for significant disruption given the unexpected dual policy publication. They expressed concern over how this might unfold for everyday email operations.

20 Aug 2020 - Email Geeks

Marketer view

Marketer from Email Geeks warns that a large volume of mail that previously appeared legitimate might now resemble spoofing, creating confusion and potential delivery issues. This highlights the immediate, negative visual impact on recipients.

20 Aug 2020 - Email Geeks

What the experts say

Email deliverability experts provided critical insights into the Hotmail DMARC misconfiguration, focusing on the technical specifics and their broader implications for email authentication standards. Their discussions highlighted the tension between RFC adherence and the real-world behaviors of major mailbox providers, offering valuable lessons for DMARC implementation and compliance.

Expert view

Expert from Email Geeks explains that the situation is clearly defined: the presence of multiple DMARC records implies that Hotmail is not effectively publishing any DMARC policy. This directly impacts how recipient servers process mail from that domain.

20 Aug 2020 - Email Geeks

Expert view

Expert from Email Geeks notes that the primary consequence of this DMARC misconfiguration is that the intended policy will likely not be enforced by most email service providers. This means the domain's spoofing protection is effectively disabled.

20 Aug 2020 - Email Geeks

What the documentation says

Official documentation and industry technical standards provide clear guidance on DMARC implementation and behavior. They underscore that DMARC is a critical component of modern email authentication, designed to prevent spoofing and ensure message integrity. Deviations from these documented standards, such as publishing multiple DMARC records, inevitably lead to unpredictable or adverse deliverability outcomes.

Technical article

BleepingComputer reported that Hotmail users globally experienced issues with email delivery, including messages being flagged as spam or not delivered. This occurred after Microsoft misconfigured the domain's DNS SPF record, highlighting how DNS errors directly impact deliverability.

22 Mar 2025 - BleepingComputer

Technical article

Postmastery documents that when a domain has multiple DMARC records present, Outlook will disregard them entirely, effectively treating the domain as if it lacks any DMARC policy. This explains a key aspect of how conflicting records are handled by a major provider.

22 Mar 2025 - Postmastery

9 resources

Start improving your email deliverability today

Get started