Microsoft Draws Internet Ire Over Wave of Email Blocking

As The Register reported Wednesday (March 4), the company spent last week rejecting messages to Outlook recipients in what the report characterized as either a fault or overzealous security rules. One source called the situation “carnage.”

According to the report, the issue affected certain IP addresses, whose emails were rejected for either appearing on a block list or violating reputation rules.

The Register cited comments from a reader who in late January noticed a “sudden spike in customers’ static IPs being rejected by only Microsoft Outlook free/personal accounts.”

The message returned was a 550, informing customers to contact their Internet Service Provider (ISP) “since part of their network is on our block list.”

The report noted that while block lists can help prevent spam or addresses associated with junk mail, this reader’s company had not run afoul of Microsoft, and the company’s Smart Network Data Service (SNDS) showed no issues with the IP.

“We’re also a member of their JMRP (Junk Mail Reporting Program),” the source told the Register, “which is intended to inform us when people are reporting spam sent from our IPs – except, we never get any reports.”

This reader wasn’t alone, the report said, with users on Microsoft’s support forums reporting similar problems throughout February into this week.

The Register report noted one of the impacts of this issue: preventing businesses from responding to things like vendor errors, thus harming their reputation.

PYMNTS has reached out to Microsoft for comment, but has not yet gotten a reply aside from their acknowledgement of our initial contact.

In other cybersecurity news, PYMNTS wrote earlier this week about how the latest conflict in the Middle East raises risks for businesses.

“Cyberattacks, which can often be conducted by non-state aligned individuals or ideologically motivated groups, are growing increasingly likely in times of heightened geopolitical confrontation,” that report said.

Exacerbating the issue in 2026 is the rise of technologies that operate beyond traditional IT governance frameworks. This vulnerability layer, composed of so-called “shadow AI” and unsanctioned applications, can come about as companies rapidly employ AI-powered tools, often without formal risk controls or visibility, and inadvertently heighten their attack surface.

This unmonitored layer can both introduce new vulnerabilities and obscure the tracking of risk propagation back to the enterprise,” PYMNTS added.

“It’s a challenging security paradox for today’s supply chain leaders. The more they embrace strategies and solutions designed to enhance the visibility and resilience of their operations, the more potential entry points there are that may need to be safeguarded from criminals.”