AWS SES or SMTP Blocked or Flagged by Office365 Outlook Email Server

Problem statement

After proper configuration of AWS SES or SMTP as an email provider, some successfully sent emails do not get delivered to the intended recipient inbox or are flagged as spam when the email server for the recipient is an Office365 Outlook server.


The email is blocked as spam, and the header contains entries similar to the following:; dkim=fail (body hash did not verify);dmarc=fail action=quarantine;compauth=none reason=454
Received-SPF: Pass ( domain of

Steps to reproduce

  1. Configure AWS SES or SMTP as a custom email provider.
  2. Trigger an email such as the password reset email for a user with the Office365 Outlook email server.


  1. Ensure all custom email provider settings are correct in Auth0
  2. Check DKIM and DRMARC settings in AWS and follow the instructions on that service (Amazon SES):
  1. Trigger the same email directly from the AWS console and outside of it.
  2. Send the same email to other users with various email servers such as Gmail or Apple.


This is an Office365 Outlook server-specific issue based on their own spam filtering system. Please see DKIM fails to, but succeeds to Apple, Gmail, and Proton for more details.


Contact - Microsoft Support to assist with the problem.