Microsoft’s Exchange team has announced — through a brief posting that has circulated among administrators — that the planned Mailbox External Recipient Rate Limit (MERRL, also called the Mailbox External Recipient Rate) is being canceled “indefinitely” after customer feedback, and that Exchange Online will pursue “smarter, more adaptive” protections rather than the previously announced per-mailbox external recipient cap.
Background
Microsoft has been reworking Exchange Online outbound limits for more than a year, driven by two, sometimes competing goals:
combat abuse (spam, account compromise and mail‑based malicious activity) and
protect legitimate business workflows (line‑of‑business apps, automated notifications, billing and transactional mail). The larger outbound limits program has two separate but related controls:
- Tenant External Recipient Rate Limit (TERRL) — a tenant‑level quota that caps the total number of external recipients a tenant can contact in a rolling 24‑hour window; it scales with the number of purchased email licenses and was rolled out in phased stages. Technical descriptions and rollout notes for TERRL were published in Microsoft’s admin communications and covered in community writeups.
- Mailbox External Recipient Rate Limit (MERRL / ERR) — a proposed mailbox‑level sublimit (commonly discussed as 2,000 external recipients per 24 hours) that would act as a per‑mailbox cap on how many external recipients one mailbox can send to in any 24‑hour sliding window. This limit was announced, revised, and deferred multiple times as Microsoft engaged with customers and planned tooling (admin reports) to help identify impacted mailboxes.
Those changes were intended to preserve Exchange Online as a secure, multi‑tenant email platform while encouraging heavy senders to use specialized high‑volume delivery services such as Azure Communication Services (ACS) Email or third‑party ESPs for transactional and marketing email.
What the announced cancellation says (summary)
The announcement that circulated states, in essence:
- The Mailbox External Recipient Rate Limit (MERRL) is being canceled indefinitely. Microsoft says customer feedback showed the mailbox‑level cap “creates significant operational challenges” and can disrupt legitimate workflows where bulk-like sending is required from Exchange mailboxes.
- Microsoft reiterated its security goals: reduce spam, block malicious activity, and prevent Exchange Online from being misused by LOB applications for bulk sends.
- The team promises to pursue “smarter, more adaptive” protections that aim to be less disruptive while still protecting the platform.
- Importantly, the message specifies that existing Recipient Rate Limit (the classic per‑mailbox Recipient Rate Limit) and the Tenant‑level External Recipient Rate Limit (TERRL) are not being canceled and remain in force.
This summary is based on the text provided in the announcement copy shared with administrators; the text frames the decision as a reaction to customer feedback and a pivot away from a blunt mailbox cap toward more nuanced controls.
Verification: what we can confirm — and what remains unverified
- Microsoft documented the original plan to introduce a 2,000 external recipients per mailbox in 24 hours (MERRL) and to introduce tenant‑level outbound controls (TERRL). Those plans, delays, and the tooling promises (Exchange Admin Center reports to identify heavy mailboxes) are documented in the Exchange Team blog and Microsoft message center posts.
- Microsoft’s message center and community posts show explicit rollout timelines, later delays, and admin reporting additions intended to help tenants prepare for mailbox‑level enforcement. Those posts and community threads are the authoritative record for the earlier proposal and schedule changes.
- The specific cancellation text you supplied — the Exchange team saying the Mailbox External Recipient Rate Limit is “being canceled indefinitely at this time” — is not present in the major Microsoft message center posts and primary Exchange blog posts that announced or revised the ERR/MERRL program. Public Microsoft documentation and official Message Center items show delays and phased rollouts, not a blanket cancellation, through the most recent official updates available in the public feed. Because the canonical Microsoft Tech Community page for that cancellation could not be located or loaded during verification attempts, the cancellation statement must be treated as unverified against Microsoft’s public admin channels at the time of writing. Administrators should therefore view this as a potentially accurate internal post or early announcement that is not yet reflected in all Microsoft communications, and should seek the official Message Center/tenant notice in your Microsoft 365 admin center to confirm.
- If you have an Exchange Online tenant, the single most reliable source for an immediate, tenant‑relevant confirmation is the Microsoft 365 admin center Message Center (where MC posts like MC787382 appeared) and the Exchange Admin Center reports (Tenant Outbound External Recipients, Sender mailbox reporting). Those tenant‑scoped channels will show enforcement state, report availability and exact policy text when Microsoft makes a change.
Cautionary note: because Microsoft has
previously delayed or revised enforcement windows multiple times in response to feedback, an announcement that sounds like a permanent cancellation could be a temporary hold or rephrase. Treat the claim as operationally significant but confirm it in the tenant Message Center before changing production processes.
Technical context and what remains enforced
Even if Microsoft cancels the mailbox‑level external recipient cap, there are several
existing and separately enforced controls that admins must keep in mind:
- Recipient Rate Limit (classic per‑mailbox RRL) — the long‑standing recipient rate limit (the historical 10,000 recipients per 24 hours limit for many mailboxes, with an internal/external split) remains a fundamental control and is not removed by this announcement. This limit and its behavior remain relevant for high‑volume users.
- Tenant External Recipient Rate Limit (TERRL) — the tenant‑level cap that scales with license count and sets a hard tenant quota on external recipients remains active and continues to be enforced per recent Microsoft communications. If your tenant exceeds TERRL, outbound external deliveries will be blocked with a specific NDR (550 5.7.233 for non‑trial tenants). The TERRL telemetry and visibility were added to the Exchange Admin Center reporting surfaces.
- Special‑case exclusions and double‑counting — mailflows that involve third‑party signature processors, journaling, or address rewriting can result in messages being counted more than once toward external quotas (round trips through connectors or services can create double counts). These behaviors are part of the operational caveats Microsoft has warned tenants to inspect.
Practical impact for administrators and business owners
Whether MERRL is canceled, deferred, or ultimately re‑designed, the underlying drivers remain: Microsoft must protect a shared service from abuse and outages, and many customers rely on Exchange Online for legitimate high‑volume sends that do not belong on a general‑purpose mailbox. With that in mind, administrators should treat the situation as operationally important and proceed with the following actions now.
Immediate checklist (what to do in the next 7–14 days)
- Check Message Center for tenant‑specific notices — Message Center posts (MC numbers) are authoritative for your tenant and will show whether enforcement is active, paused, or canceled for your tenant. If Microsoft cancels MERRL globally, it will publish tenant‑facing guidance there.
- Run the Exchange Admin Center reports — review Tenant Outbound External Recipients and any per‑mailbox sender reports Microsoft has delivered to your tenant. These EAC reports were specifically intended to help find mailboxes that would have been affected by a mailbox‑level cap. Use them to inventory heavy senders whether or not MERRL is enforced.
- Inventory high‑volume senders and service mailboxes — find mailboxes used by invoicing systems, ticketing systems, LOB apps, signatures, archivers, and devices. These service accounts are the most likely to be disrupted by per‑mailbox or tenant limits and are also the most likely to need an alternative delivery channel. Use message trace, Defender/Audit logs, or existing SIEM pipelines to quantify unique external recipient volume per 24‑hour sliding window. Community admins have used message trace and Sentinel queries to discover high senders.
- Plan alternatives for legitimate bulk/transactional mail — if you rely on Exchange Online mailboxes for scheduled notifications, invoices, marketing or high‑volume transactional mail, plan a migration path to a proper high‑volume provider (Azure Communication Services Email, a third‑party ESP, or a dedicated transactional SMTP service). Microsoft has recommended ACS for enterprise transactional scenarios.
- Audit routing that can double‑count messages — server‑side signature providers, journaling or message rewrite flows that route mail out and back into Exchange can inflate counts. If you have server‑side add‑ins or cloud gateways, map the flow and validate how counts are recorded in Microsoft’s reports.
Longer‑term operational changes to consider
- Centralize bulk‑sending patterns on a controlled, monitored platform and enforce least‑privilege credentials and sender reputation monitoring.
- Treat shared mailboxes and service accounts differently — assign distinct credentials and restricted scopes for programmatic sending.
- Build resiliency for important transactional email: retries, alternate providers, and fallbacks to guarantee delivery even under quota enforcement.
- Maintain robust telemetry (Message Trace, EAC reports, SIEM alerts) for outbound spikes that could indicate compromise.
Security tradeoffs and risks
- Canceling a mailbox‑level cap reduces the chance that legitimate administrative mailboxes or service accounts will be disrupted, but it also reduces the granularity of automated limits that can stop individual compromised accounts from sending abuse. Tenant‑level limits are coarser: a single compromised mailbox can still cause tenant‑wide blocks if it contributes heavily to the tenant quota. This is a deliberate engineering and policy tradeoff Microsoft must balance between availability and abuse protection.
- If Microsoft moves to smarter, adaptive approaches, those systems will likely rely on behavioral telemetry and heuristics. That approach can be more effective at separating legitimate bulk senders from abuse — but it also introduces false negative and false positive risks: legitimate traffic might be flagged under sophisticated heuristics, or sophisticated abuse might evade detection. Administrators should therefore expect a period of tuning and monitoring.
- Any transition or cancellation is operationally risky if not communicated clearly: admins must avoid making immediate, broad changes to mail routing or on‑prem relays without confirming Microsoft’s official tenant guidance. Sudden changes can break delivery, cause NDRs, and create customer support incidents.
How to tell, concretely, whether your tenant is affected
- Look for these indicators in your tenant:
- A Message Center entry stating a change to MERRL enforcement or cancellation. This is the primary authoritative signal.
- The presence or absence of per‑mailbox entries in the Exchange Admin Center “Sender mailbox” or “Outbound external recipients” reports that Microsoft previously promised — if those reports are present and show per‑mailbox counts, use them to identify candidates for migration to ACS/ESP.
- NDRs indicating rate‑limit enforcement: e.g., 550 5.7.233 (tenant limit) or any mailboxes returning errors attributed to mailbox‑level rate limiting. TERRL NDRs have specific bounce codes; mailbox‑level NDRs would have different diagnostic text.
- If you cannot find a Message Center post or EAC reporting functionality for your tenant, escalate to your Microsoft account team or Support to request clarity before relying on an unverified cancellation announcement.
Summary and recommended next steps
- The Exchange team’s reported decision to cancel MERRL would be operationally significant for many organizations. However, that particular cancellation text is not yet confirmed in the main, tenant‑visible Microsoft Message Center and Exchange blog channels available at the time of this analysis. Treat the cancellation as possible but unverified until you see the official tenant notice.
- Regardless of the cancellation’s final state, the broader outbound control ecosystem (TERRL, classic RRL, tenant reporting) remains vital. Administrators should immediately inventory high‑volume mailboxes, validate message flows that can lead to double‑counting, and plan migration paths for legitimate bulk senders to ACS or an ESP.
- Operational best practice for the short term:
- 1. Verify the change via the Microsoft 365 Message Center for your tenant.
- 2. Run the EAC outbound reports and message traces to locate heavy senders.
- 3. Plan migration for any mailbox that regularly sends to thousands of external recipients; don’t rely on Exchange mailboxes as a long‑term bulk delivery channel.
Microsoft’s recent downstream changes to Exchange Online outbound controls are part of a continuing evolution to protect the platform while preserving business continuity. Administrators should treat any single announcement — especially one that appears out of step with previously published Message Center items — as an operational flag to confirm in‑tenant and to take immediate inventory and remediation steps to protect delivery continuity and security.
Source: Microsoft Exchange Team Blog
Exchange Online canceling the Mailbox External Recipient Rate Limit | Microsoft Community Hub