Summary
When emails from your domain are sent through a third-party ESP and marked as spam by Office 365 (O365), it's often due to a combination of factors. These include authentication issues (SPF, DKIM, DMARC misconfigurations or failures), poor IP and sender reputation stemming from shared IP usage, blocklisting, or low engagement. Email content can trigger spam filters if it contains trigger words, has a high image-to-text ratio, or includes suspicious links. Internal configurations in O365, such as Advanced Threat Protection (ATP) or anti-forgery settings, and external services like Mimecast can also play a role. Furthermore, practices like failing to register with feedback loops, poor list hygiene, missing reverse DNS records, and a lack of email placement testing can all negatively impact deliverability. Microsoft's SmartScreen filter, learning from user interactions, can also filter emails independently of authentication results. Proper domain verification is another essential element for O365 to accept emails from third-party senders.
Key findings
- Authentication failures: Incorrect/missing SPF, DKIM, or overly strict DMARC records are common culprits.
- Reputation Issues: Poor IP/sender reputation stemming from shared IPs, spam complaints, or low engagement can lead to spam filtering.
- Content-based triggers: Spam trigger words, high image ratios, and suspicious links can trigger spam filters.
- Internal O365 Settings: Advanced Threat Protection (ATP) and local anti-forgery configurations might misclassify emails.
- Feedback Loop Neglect: Failure to register with feedback loops hinders the removal of subscribers marking emails as spam.
- SmartScreen influence: Microsoft's SmartScreen filter learns from user behavior and can filter legitimate emails even if authentication passes.
- Poor sending practices: Poor list hygiene, missing reverse DNS records, and lack of email placement testing can hurt deliverability.
- Domain Ownership: Lack of proper domain ownership verification can cause issues with authentication protocols like SPF and DKIM.
- External Services: External services like Mimecast (if in use) can be the source of the email being marked as spam because of impersonation rules.
Key considerations
- Authentication Tuning: Ensure SPF, DKIM, and DMARC are correctly configured and aligned with your ESP; monitor for authentication failures.
- Reputation Monitoring: Monitor IP and sender reputation and address any issues; consider a dedicated IP if using a shared one.
- Content Optimization: Optimize email content to avoid spam triggers and ensure a balanced image-to-text ratio.
- Feedback Loop Implementation: Register with feedback loops to identify and remove problem subscribers.
- List Hygiene Practices: Maintain a clean email list by removing inactive/unengaged subscribers.
- Technical Setup: Verify correct reverse DNS record setup; perform email placement testing before campaigns.
- O365 Configuration Review: Check internal O365 settings and external services like Mimecast for configurations that might be interfering with deliverability.
- Domain Verification: Properly verify domain ownership to ensure authentication protocols function correctly.
- SmartScreen optimization: Encourage recipients to mark legitimate emails as 'not junk' to improve future delivery through SmartScreen.
What email marketers say
12 marketer opinions
When emails from your domain are sent through a third-party ESP and marked as spam by Office 365 (O365), several factors can be at play. These include issues with email authentication (SPF, DKIM, DMARC), the sending IP's reputation, the content of the email itself, and configurations within O365. Other factors include the ESP's sending practices (shared IPs, feedback loops, list hygiene), and technical elements like reverse DNS records. Even accessibility issues in the email design and a lack of email placement testing can indirectly contribute to deliverability problems.
Key opinions
- Authentication Issues: Incorrect or missing SPF, DKIM, and DMARC records can cause O365 to flag emails as spam.
- IP Reputation: A poor IP reputation of the sending server, often due to shared IPs with other senders engaging in spammy activities, can lead to deliverability issues.
- Content Triggers: Spam trigger words, high image-to-text ratio, and suspicious links in email content can trigger O365's spam filters.
- Feedback Loops (FBLs): Lack of registration with feedback loops prevents the identification and removal of subscribers who mark emails as spam, hurting sender reputation.
- Sender Reputation: Low engagement rates and high complaint rates negatively impact sender reputation, increasing the likelihood of emails landing in the spam folder.
- Reverse DNS Records: Missing or incorrect reverse DNS (PTR) records make it harder for O365 to verify the legitimacy of the sending server.
- List Hygiene: Poor list hygiene practices, such as sending to old or unengaged addresses, lead to bounces and spam complaints.
- Blocklisting: If your sending IP or domain is on a blocklist, O365 is likely to mark your emails as spam.
- ATP/Mimecast: Advanced Threat Protection (ATP) settings in O365 or impersonation rules in Mimecast (if in use) can mistakenly flag legitimate emails.
Key considerations
- Authentication Configuration: Ensure SPF, DKIM, and DMARC records are correctly configured and aligned with your ESP's sending practices.
- IP Reputation Monitoring: Monitor the IP reputation of your sending server and take steps to improve it if necessary. Consider dedicated IP addresses if using shared IPs.
- Content Optimization: Optimize email content to avoid spam trigger words and ensure a balanced image-to-text ratio. Use clear and trustworthy links.
- Feedback Loop Implementation: Register with feedback loops to identify and remove subscribers who mark emails as spam.
- List Hygiene Practices: Regularly clean your email list to remove inactive subscribers and reduce bounce and complaint rates.
- Reverse DNS Record Setup: Verify that your reverse DNS (PTR) records are correctly set up to map your IP address to your domain name.
- Accessibility Improvement: Improve email accessibility by adding alt text to images and ensuring sufficient color contrast.
- Placement Testing: Conduct email placement testing before sending campaigns to identify potential deliverability issues.
- Blocklist Monitoring: Monitor blocklists to ensure your sending IP or domain is not listed. If listed, take immediate action to be removed.
- Internal Configurations: Consider that the recipient/customer has internal configurations of ATP and Mimecast which you may have no control over that are blocking or flagging your emails as spam
Marketer view
Marketer from Email Geeks suggests that Advanced Threat Protection (ATP) add-on could be the cause, as it's designed to counter phishing and may behave in the described manner without specific tweaking, reinforcing the idea of a site-specific issue.
30 Apr 2023 - Email Geeks
Marketer view
Email marketer from GlockApps shares that not performing email placement testing before sending campaigns can lead to deliverability issues. Testing helps identify potential problems with content or authentication that might cause emails to be marked as spam by O365.
3 May 2024 - GlockApps
What the experts say
4 expert opinions
Office 365 (O365) marks emails from domains using third-party ESPs as spam due to a combination of factors. These include authentication issues where O365 is particularly strict about SPF, DKIM, and DMARC configuration. Even minor misconfigurations or failures to align these records correctly can lead to filtering. Additionally, O365 employs its SmartScreen filter, which learns from user interactions and can filter emails based on collective user behavior, regardless of whether authentication passes. Local configuration issues that treat externally sent emails as forged can also be a cause.
Key opinions
- Authentication Sensitivity: O365 is particularly strict regarding SPF, DKIM, and DMARC authentication; misconfigurations are a common cause.
- SmartScreen Filtering: Microsoft's SmartScreen filter learns from user behavior and can filter emails even if authentication is technically correct.
- Local Configuration: Local configurations might be set to treat emails from outside SMTP servers as forged, leading to spam classification.
- Internal processing: Microsoft processes emails differently when the domain is hosted by them but emails are sent by a third party.
Key considerations
- Authentication Alignment: Verify that SPF, DKIM, and DMARC records are correctly configured, aligned, and validated to ensure they are passing O365's strict authentication checks.
- User Engagement: Encourage recipients to mark legitimate emails as 'not junk' to positively influence the SmartScreen filter's learning.
- Configuration Review: Check local O365 configurations for settings that might be treating externally sent emails as forged or spam.
- Domain setup: Ensure you have correctly configured your domain with O365 to allow sending from third parties.
Expert view
Expert from Word to the Wise, Steve Jones, explains Microsoft utilizes its SmartScreen filter which adapts and learns based on user interactions and data signals. If enough recipients mark emails from a particular sender or ESP as junk, SmartScreen learns to filter those emails automatically for other users. This can happen even if authentication is technically correct.
7 Aug 2023 - Word to the Wise
Expert view
Expert from Word to the Wise, Laura Atkins, responds that Office 365/Microsoft is particularly picky about authentication. Issues often arise when organizations move to O365 and fail to ensure their SPF, DKIM, and DMARC records are correctly configured and aligned, especially when using a third-party ESP. Even small misconfigurations can lead to deliverability problems. Microsoft may also have internal reputation metrics that trigger filtering based on volume or content, even if authentication passes.
9 Dec 2024 - Word to the Wise
What the documentation says
4 technical articles
Microsoft Office 365 (O365) often marks emails from domains using third-party ESPs as spam due to issues with email authentication. Incorrect or missing SPF records, lack of DKIM implementation, and overly strict DMARC policies can all cause O365 to flag emails as spam. Proper verification of domain ownership is also crucial for authentication protocols like SPF and DKIM to function correctly. Therefore, correct configuration is critical.
Key findings
- SPF Record: Incorrect or missing SPF records cause O365 to mark emails as spam, particularly from third-party ESPs.
- DKIM Implementation: Lack of proper DKIM setup for the domain with the third-party ESP results in O365 flagging emails as spam.
- DMARC Policy: Overly strict DMARC policies (e.g., 'reject') cause legitimate emails to be marked as spam if SPF and DKIM checks fail.
- Domain Ownership Verification: Failure to properly verify domain ownership leads to issues with SPF and DKIM authentication.
Key considerations
- SPF Configuration: Ensure the SPF record is correctly configured to include the sending sources (ESP servers) to authenticate emails.
- DKIM Setup: Implement DKIM to ensure emails are signed and verified as legitimate, especially when using a third-party ESP.
- DMARC Policy Review: Review and adjust the DMARC policy to avoid being overly strict and causing legitimate emails to be rejected.
- Domain Verification: Properly verify domain ownership to ensure the sender is authorized to send emails on behalf of the domain.
Technical article
Documentation from Microsoft Learn details that DMARC policies dictate how receiving mail servers (like O365) should handle emails that fail SPF and DKIM checks. A DMARC policy that is too strict (e.g., set to reject) can cause legitimate emails sent through a third-party ESP to be marked as spam if they don't pass authentication.
5 Aug 2021 - Microsoft Learn
Technical article
Documentation from Microsoft Learn explains that an incorrect or missing SPF record can cause O365 to mark emails as spam, especially when sent from a third-party ESP. It is crucial to properly configure the SPF record to include the sending sources (ESP servers) to authenticate the emails correctly.
12 Oct 2022 - Microsoft Learn
Does UCE Protect Level 3 at an ESP affect delivery to major ISPs like Hotmail or Office 365?
Does UCEPROTECTL3 listing impact email deliverability, especially with Microsoft Office 365?
Does using Microsoft O365 for business email affect email deliverability?
How can I improve email deliverability with Microsoft and avoid spam filters?
Why are emails to O365 recipients getting quarantined and how to fix?
Why are my IPs listed on Proofpoint and how to resolve it?
