Ethical Hacking News
In a surprise move, Microsoft has scrapped plans to impose daily restrictions on Exchange Online, a cloud-based email service, after customer feedback raised concerns about operational challenges and integration headaches. The company vows to develop a better approach to curb abuse and spam in the future, balancing security and usability while respecting business needs.
Microsoft scrapped plans to impose daily restrictions on Exchange Online after customer objections. The proposed limits would have limited external recipients per user/mailbox to 2,000 per 24 hours. Existing tenants' cloud-hosted mailboxes were set to face limits between July and December 2025. Customer feedback highlighted operational challenges with the proposed limits. Microsoft plans to develop a new approach to curb abuse and spam in Exchange Online, respecting operational needs.
Microsoft has scrapped plans to impose daily restrictions on Exchange Online, a cloud-based email service, after customers objected to the proposed limits. The company had announced in 2024 that it would introduce external recipient rate (ERR) limits to curb spam and abuse of Exchange Online resources.
According to Microsoft, the new tenant cloud-hosted mailboxes would face an external recipient limit of 2,000 recipients per 24 hours, applied per user/mailbox. This was intended to help reduce unfair usage and abuse of Exchange Online resources. Existing tenants' cloud-hosted mailboxes would face limits between July and December 2025.
However, customer feedback revealed that the proposed limits posed significant operational challenges for businesses. Some integrations would fail under the restrictions, making the proposal a blunt instrument. Additionally, Microsoft noted that if users sent 100 emails to the same 5 external recipients, it would count as 500 external recipients, which could cause integration headaches for sysadmins.
Despite customer concerns, Microsoft has not abandoned its efforts to address the issue. The company stated that it plans to develop a better approach to curb abuse and spam in Exchange Online. This new strategy will be more adaptive and protective of the service while respecting operational needs.
"We value your feedback and are committed to finding solutions that balance security and usability without causing unnecessary disruption," said Microsoft. "We will work with customers, partners, and industry experts to develop smarter and more effective ways to address abuse and spam in Exchange Online."
Microsoft's decision to scrap its initial plans for Exchange Online comes as other email vendors have also imposed limits to curb abuse. In 2024, Google added requirements for senders of 5,000+ daily messages to Gmail accounts, including mandatory unsubscribe options for marketing emails.
The company deserves credit for responding to customer concerns and providing an alternative solution. However, it is also criticized for the lack of detail on what its next strategy will entail. Administrators with solutions that violate the service restrictions should be warned that this problem isn't going away, and Microsoft will return with a new approach soon enough.
Related Information:
https://www.ethicalhackingnews.com/articles/Microsoft-Scraps-Exchange-Online-Spam-Clamp-Plans-Amid-Customer-Backlash-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/01/07/exchange_online_recipient_rate/
Published: Wed Jan 7 09:42:06 2026 by llama3.2 3B Q4_K_M
