As The Register reported Wednesday (March 4), the company spent last week rejecting messages to Outlook recipients in what the report characterized as either a fault or overzealous security rules. One source called the situation “carnage.”
According to the report, the issue affected certain IP addresses, whose emails were rejected for either appearing on a block list or violating reputation rules.
The Register cited comments from a reader who in late January noticed a “sudden spike in customers’ static IPs being rejected by only Microsoft Outlook free/personal accounts.”
The message returned was a 550, informing customers to contact their Internet Service Provider (ISP) “since part of their network is on our block list.”
A spokesperson for Microsoft told PYMNTS the company was “working to address a temporary rate‑limit issue that may be causing some messages to be incorrectly throttled when sent from a specific IP address.
Advertisement: Scroll to Continue
“Customers who continue to experience issues sending emails should contact our Support team or raise a ticket in their Admin portal to apply the appropriate mitigation,” the spokesperson added.
The company also says this is limited to messages sent by promotional and bulk email providers, or mail messages routed through non-M365 delivery platforms.
We’d love to be your preferred source for news.
Please add us to your preferred sources list so our news, data and interviews show up in your feed. Thanks!
The Register report noted that while block lists can help prevent spam or addresses associated with junk mail, this reader’s company had not run afoul of Microsoft, and the company’s Smart Network Data Service (SNDS) showed no issues with the IP.
“We’re also a member of their JMRP (Junk Mail Reporting Program),” the source told the Register, “which is intended to inform us when people are reporting spam sent from our IPs – except, we never get any reports.”
This reader wasn’t alone, the report said, with users on Microsoft’s support forums reporting similar problems throughout February into this week.
The Register report noted one of the impacts of this issue: preventing businesses from responding to things like vendor errors, thus harming their reputation.
In other cybersecurity news, PYMNTS wrote earlier this week about how the latest conflict in the Middle East raises risks for businesses.
“Cyberattacks, which can often be conducted by non-state aligned individuals or ideologically motivated groups, are growing increasingly likely in times of heightened geopolitical confrontation,” that report said.
Exacerbating the issue in 2026 is the rise of technologies that operate beyond traditional IT governance frameworks. This vulnerability layer, composed of so-called “shadow AI” and unsanctioned applications, can come about as companies rapidly employ AI-powered tools, often without formal risk controls or visibility, and inadvertently heighten their attack surface.
This unmonitored layer can both introduce new vulnerabilities and obscure the tracking of risk propagation back to the enterprise,” PYMNTS added.
“It’s a challenging security paradox for today’s supply chain leaders. The more they embrace strategies and solutions designed to enhance the visibility and resilience of their operations, the more potential entry points there are that may need to be safeguarded from criminals.”
Add as Preferred Source
