SPF issue on August 18th

Looks like Microsoft has run into email authentication issues today. Specifically, the domain appears to have a broken SPF record wherein messages sent by Hotmail/ OLC using a from address aren't passing SPF authentication. Here's a link to a KBXSCORE report I've run, showing the failure.

While is affected, the domain doesn't appear troubled -- my test sends from an from address seem to pass SPF. (Microsoft has many other domains; I've only checked these two.)

Looking at the SPF records for, here's what I see: descriptive text "v=spf1 ip4: -all" descriptive text "v=spf1 ip4: ~all"

The SPF record is missing "" -- which is present in the SPF record. And I see it present in a cached copy of Hotmail's SPF record that I collected last month. So, I suspect that to be the source of the issue. 

This issue appears to affect mail sending only users of who have email addresses in the domain. DKIM authentication IS passing, so if a recipient site isn't relying on SPF alone to determine accept/reject, little legitimate mail should be rejected as a result of this. (Though I do suspect somebody, somewhere out there could be rejecting mail as a result of this, because the SPF record in question ends in "-all.")

August 18, 2023 Update: Yay, looks like the SPF record is fixed! users with email addresses are again sending mail that passes SPF authentication. Glad to see Microsoft was able to fix it quickly.

[ H/T: Mark Alley and Reddit ]



  1. Great, thanks for confirming! Having a lot of issues today!


Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.