Summary: Microsoft plans to impose a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025 to prevent abuse and unfair usage of resources.
Threat Actor: N/A
Victim: N/A
Key Point :
- Microsoft will introduce a new External Recipient Rate (ERR) limit of 2,000 external recipients within the existing Recipient Rate limit of 10,000 recipients.
- The limit will be implemented in two phases, starting with newly created tenants in January 2025 and then existing tenants between July and December 2025.
- Exchange Online customers exceeding the ERR limit can switch to Azure Communication Services for Email.
- Google has also implemented stricter spam thresholds and authentication guidelines for bulk email senders to strengthen defenses against spam and phishing attacks.
Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025.
Exchange Online doesn’t support sending bulk or high volumes of emails from a single account, and until now, Microsoft has not placed any restrictions on bulk emails.
However, with its plans for new External Recipient Rate (ERR) limits, the company wants to prevent customers from abusing Exchange Online resources and restricting unfair usage.
“Exchange Online enforces a Recipient Rate limit of 10,000 recipients. The 2,000 ERR limit will become a sub-limit within this 10,000 Recipient Rate limit,” the Exchange Team said on Monday.
“There is no change to the Recipient Rate limit. If you send to less than 2,000 external recipients in a 24 hour period, you will still be able to send to 10,000 total recipients.”
The new bulk email rate limiting will be introduced in two phases:
- Phase 1: The limit will apply to cloud-hosted mailboxes of all newly created tenants starting January 1st, 2025
- Phase 2: Between July and December 2025, Microsoft will start enforcing the limit on cloud-hosted mailboxes of existing tenants.
Exchange Online customers with cloud-hosted mailboxes who need to exceed the ERR limit will have to switch to Azure Communication Services for Email, a service specifically designed for business-to-consumer communication via high-volume email sent to external recipients.
Starting April 1st, Google has also implemented stricter spam thresholds and authentication guidelines for bulk email senders to strengthen defenses against spam and phishing attacks.
As announced in October, those wishing to dispatch over 5,000 messages daily to Gmail accounts must set up SPF/DKIM and DMARC email authentication for their domains.
Bulk email senders must also avoid sending unwanted or unsolicited messages, provide one-click unsubscribe options, and respond to unsubscription requests within two days. Failure to comply will result in Gmail rejecting the offending emails.
“An interesting youtube video that may be related to the article above”