As of May 5th 2025, Microsoft are now mandating that any Microsoft 365/Outlook users who:
Use a Domain linked to their Microsoft 365 account for sending emails (i.e. @yourbusinessname.com), and
Send 5,000+ emails per day (Bulk Email Senders)
Must implement new Email Authentication records in your Domain’s DNS (Domain Name System).
The new DNS records required for Authentication are:
1x MX record
1x SPF (TXT record)
3x CNAME records
2x DKIM (Domain Key) records
1x Autodiscover record
These records must be implemented as soon as possible, exceeding the 5,000 per day cap without these records in place will result in Outlook users (@outlook, @live, @hotmail email users) not receiving your Emails, even to their Junk box.
To implement these DNS records, you will also need the following:
Logins for your Microsoft 365 Admin Center
Logins for your Domain Hosting service (Cloudflare, CrazyDomains, GoDaddy etc.)
This guide provides a broad overview of how to retrieve these new DNS records, not how to implement them. Implementing new DNS records varies broadly across the almost infinite number of Domain Hosting services. These records should be implemented only by someone who has access to your Microsoft 365 Admin Center and has previous experience in editing and implementing DNS records.
Conflicting DNS Records Warning – Your DNS will more than likely contain records for Mandrill (1x SPF “include:" value and 2x DKIM TXT records), as required by us for your domain to successfully send emails to your Bidders (from the Webtron Dashboard). Do not modify or delete these existing records, doing so may cause your Bidders not to receive Outbid Notifications, Verification Requirements etc. until rectified.
Accessing the new Email Authentication records in Microsoft 365 Admin Center
First things first, log in to the Microsoft 365 Admin Center by following this link:
If you do not have valid logins or the necessary Microsoft User privileges to access the Microsoft 365 Admin Center, contact your Domain Host immediately.
Step 1 – Open the Settings dropdown and click Domains
Once you’re logged in to the Microsoft 365 Admin Center, you’ll land on the Home page. Look to the left-hand side of your screen for the Navigation Menu and click on the downward arrow for Settings (usually the 9th option from the top):
If you cannot see the Settings option, click on the “Show all “option at the bottom of the list to expose the full Navigation Menu:
Clicking on Settings will expose another list of options, click on the top option labelled Domains:
Step 2 – Select your Domain and open the DNS Records tab
Once the Domains menu appears, you’ll see a list of Domains that you have linked to your Microsoft 365 account (if you are using multiple domains you will have to implement these records per-Domain, but for now focus on the Domain that matches your primary Email Address domain), click on your Domain Name to open the Overview menu for that domain:
You’ll land inside the Overview tab, which will give you a brief rundown on your Domain’s status. If you have not implemented the new Email Authentication records or there is an issue with your existing DNS records, this tab will contain a “Possible service issues” error message.
Beneath the Domain Name heading, click on the tab labelled “DNS records“:
Step 3 – Export or Copy the DNS Records listed for Microsoft Exchange and DomainKeys Identified Mail
You’ll now see the DNS Records menu, containing 2 tables beneath 2 download buttons and 1 print button.
DomainKeys Identified Mail (DKIM) – If the DKIM table does not appear for you in this menu, you have not configured your Domain correctly when linking it to your Microsoft 365 account. Contact your host for further advice, but most likely your Domain will need to be removed and set up again in the 365 Admin Center with DKIM enabled.
Across the top of the DNS Records menu you’ll find two download options, “Download CSV file” and “Download zone file“:
“Download zone file” can be used with more modern Domain Hosting services such as Cloudflare, but more than likely you or your Domain Manager must now copy and paste each of the Records listed below and implement them manually in your Domain’s DNS records:
Click on any of the DNS record names to open the Query panel, this will display the Expected record and your Current record:
Use both as a guide when implementing your new records, with the exception of the SPF TXT record (see below):
Existing SPF Record Notice – If you have implemented our required Mandrill DNS records, your pre-existing SPF Record will look like or at least similar to this:
v=spf1 include:spf.mandrillapp.com -all
Do not remove or replace any pre-existing “include:” values in your SPF Record, edit it and add the required Microsoft SPF value, i.e. your SPF Record should look like this:
Microsoft Outlook Domain Authentication
As of May 5th 2025, Microsoft are now mandating that any Microsoft 365/Outlook users who:
Must implement new Email Authentication records in your Domain’s DNS (Domain Name System).
The new DNS records required for Authentication are:
These records must be implemented as soon as possible, exceeding the 5,000 per day cap without these records in place will result in Outlook users (@outlook, @live, @hotmail email users) not receiving your Emails, even to their Junk box.
To implement these DNS records, you will also need the following:
This guide provides a broad overview of how to retrieve these new DNS records, not how to implement them. Implementing new DNS records varies broadly across the almost infinite number of Domain Hosting services. These records should be implemented only by someone who has access to your Microsoft 365 Admin Center and has previous experience in editing and implementing DNS records.
Conflicting DNS Records Warning – Your DNS will more than likely contain records for Mandrill (1x SPF “
include:"value and 2x DKIM TXT records), as required by us for your domain to successfully send emails to your Bidders (from the Webtron Dashboard). Do not modify or delete these existing records, doing so may cause your Bidders not to receive Outbid Notifications, Verification Requirements etc. until rectified.Accessing the new Email Authentication records in Microsoft 365 Admin Center
First things first, log in to the Microsoft 365 Admin Center by following this link:
admin.microsoft.com
If you do not have valid logins or the necessary Microsoft User privileges to access the Microsoft 365 Admin Center, contact your Domain Host immediately.
Step 1 – Open the Settings dropdown and click Domains
Once you’re logged in to the Microsoft 365 Admin Center, you’ll land on the Home page. Look to the left-hand side of your screen for the Navigation Menu and click on the downward arrow for Settings (usually the 9th option from the top):
If you cannot see the Settings option, click on the “Show all “option at the bottom of the list to expose the full Navigation Menu:
Clicking on Settings will expose another list of options, click on the top option labelled Domains:
Step 2 – Select your Domain and open the DNS Records tab
Once the Domains menu appears, you’ll see a list of Domains that you have linked to your Microsoft 365 account (if you are using multiple domains you will have to implement these records per-Domain, but for now focus on the Domain that matches your primary Email Address domain), click on your Domain Name to open the Overview menu for that domain:
You’ll land inside the Overview tab, which will give you a brief rundown on your Domain’s status. If you have not implemented the new Email Authentication records or there is an issue with your existing DNS records, this tab will contain a “Possible service issues” error message.
Beneath the Domain Name heading, click on the tab labelled “DNS records“:
Step 3 – Export or Copy the DNS Records listed for Microsoft Exchange and DomainKeys Identified Mail
You’ll now see the DNS Records menu, containing 2 tables beneath 2 download buttons and 1 print button.
DomainKeys Identified Mail (DKIM) – If the DKIM table does not appear for you in this menu, you have not configured your Domain correctly when linking it to your Microsoft 365 account. Contact your host for further advice, but most likely your Domain will need to be removed and set up again in the 365 Admin Center with DKIM enabled.
Across the top of the DNS Records menu you’ll find two download options, “Download CSV file” and “Download zone file“:
“Download zone file” can be used with more modern Domain Hosting services such as Cloudflare, but more than likely you or your Domain Manager must now copy and paste each of the Records listed below and implement them manually in your Domain’s DNS records:
Click on any of the DNS record names to open the Query panel, this will display the Expected record and your Current record:
Use both as a guide when implementing your new records, with the exception of the SPF TXT record (see below):
Existing SPF Record Notice – If you have implemented our required Mandrill DNS records, your pre-existing SPF Record will look like or at least similar to this:
v=spf1 include:spf.mandrillapp.com -allDo not remove or replace any pre-existing “
include:” values in your SPF Record, edit it and add the required Microsoft SPF value, i.e. your SPF Record should look like this:v=spf1 include:spf.mandrillapp.com include:spf.protection.outlook.com -all