![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 28.000000000000004%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJF%3C/text%3E%3C/svg%3E)
Outlook Management
Outlook: A family of Microsoft email and calendar products.Management: The act or process of organizing, handling, directing or controlling something.
5,804 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 48%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi @James Frost ,
The error message suggests your emails are being rejected by the recipient's server, often due to authentication or DNS misconfigurations. Here's what to check:
1.Verify MX Records (Critical for Receiving/Sending)
- Correct MX Records for Microsoft 365:
Priority 0: <yourdomain>.mail.protection.outlook.comEnsure there are no other MX records (e.g., from your hosting provider or cPanel email). Extra MX records can cause conflicts. - Check in cPanel: Go to DNS Zone Editor and confirm:
Only Microsoft 365 MX records exist (with mail.protection.outlook.com).
Delete any MX records pointing to your hosting provider (e.g., mail.yourdomain.com).
2. SPF Record (Prevents Spoofing/Rejection)
- A single SPF record starting with v=spf1 include:spf.protection.outlook.com -all.
- Example: v=spf1 include:spf.protection.outlook.com ~all (less strict) or -all (strict)).
3. DKIM & DMARC (Authentication)
- Microsoft 365 requires you to generate DKIM keys in the admin center and add them as CNAME records in cPanel. If missing, emails may fail authentication.
- Check your Microsoft 365 Admin Center > Domains > DNS Records for DKIM settings.
- Add a TXT record for
_dmarc.yourdomain.comwith:
v=DMARC1; p=quarantine; pct=100; rua=mailto:******@yourdomain.com 4. Outlook Mobile App Issues
- Ensure the app uses Modern Authentication (OAuth2) instead of "Basic" credentials. Go to Outlook app settings > Account > Advanced > Authentication Method.
- Server Settings: Outgoing (SMTP) server should be
smtp.office365.comon port 587 with TLS/SSL encryption. - Reinstall the App: Sometimes cached settings cause issues. Delete and re-add the account.
5. Microsoft 365 Admin Access
- You’ll need admin access to verify DNS settings and licenses. Try these steps:
- Use the global admin account (******@yourdomain.onmicrosoft.com) to log in.
- If Authenticator isn’t working, reset the admin password using an alternate email or phone number.
- Contact Microsoft Support again and provide proof of domain ownership (e.g., DNS records) to regain access.
- Wait 48 Hours**: DNS changes can take time to propagate.
If issues persist, share a redacted screenshot of your DNS records (hide sensitive info), and we can review them here.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.