Table of Contents
Highlights
- Microsoft will continue supporting Basic Authentication in High Volume Email (HVE) until September 2028, giving organizations more time to transition to modern authentication like OAuth.
- Starting June 2025, HVE will no longer support sending emails to external recipients, focusing solely on internal tenant communications.
- Microsoft is removing preview limitations, allowing up to 100 HVE accounts and unlimited internal recipient rates, enhancing scalability for enterprise use.
Microsoft has unveiled a series of significant enhancements to its High Volume Email (HVE) feature within Microsoft 365. These changes, which include tighter recipient handling, stricter use restrictions, and new support for Basic Authentication, are designed to make the platform more secure, scalable, and adaptable to modern enterprise communication needs.
As enterprises increasingly rely on email as a primary communication channel for both internal updates and external messaging at scale, Microsoft is refining its HVE capabilities to ensure businesses can handle large volumes of messages without compromising security or operational integrity. Let’s dive into what these updates mean and how they affect enterprise users.
Understanding High Volume Email (HVE) in Microsoft 365
High Volume Email (HVE) is a specialized capability in Microsoft 365 that allows organizations to send large batches of emails quickly and efficiently. It is primarily used for operational communications such as system notifications, policy announcements, user alerts, and service updates.
Unlike marketing platforms or newsletters, which are typically managed through third-party tools like Mailchimp or Constant Contact, HVE focuses on functional communication and internal or transactional use cases. With growing usage, especially from sectors like finance, healthcare, education, and IT, Microsoft is reinforcing the feature with necessary compliance, authentication, and throughput controls.
Extended Support for Basic Authentication
Microsoft made a significant announcement confirming that Basic Authentication will remain supported in HVE through September 2028. This extension gives businesses more time to switch to Modern Authentication (OAuth), particularly those that depend on outdated devices and older line-of-business (LOB) apps.
The internet giant admits that not all organizations are prepared for this shift, even though it promotes a switch to OAuth because of its enhanced security features. Throughout the migration phase, Microsoft intends to offer regular updates and continuing guidance.
Why Modern Authentication Matters
Compared to Basic Authentication, Modern Authentication—especially OAuth—offers several security benefits, such as:
- token-based access for improved security against credential theft.
- dynamic token management, wherein tokens are subject to revocation or expiration.
- conditional access rules that give users and devices more precise control over their access.
Shift to Internal-Only Messaging
HVE will only handle internal recipient communications starting in June 2025. Customers will therefore no longer be able to use HVE to send large volumes of emails to external recipients. Microsoft clarified that this action is meant to strengthen HVE’s central position within the Microsoft 365 ecosystem and streamline its email offerings.
Businesses are urged to switch to Azure Communication Services (ACS) for email if they must send a lot of emails to external recipients.
Removal of Public Preview Limits
Microsoft also announced the removal of several limitations that were in place during the public preview of HVE:
| Feature | Previous Limit | New Limit |
| Number of HVE Accounts | 20 | 100 |
| Internal Recipient Rate | 100,000/day | No Limit |
| External Recipient Rate | 2,000/day | 0 (unsupported) |
These enhancements will be rolled out gradually over the coming weeks, enabling organizations to take full advantage of HVE for internal communications.
These upgrades demonstrate Microsoft’s dedication to maintaining support for crucial enterprise communication features while balancing changing security standards and customer needs.
Conclusion
Microsoft 365’s High Volume Email (HVE) feature is undergoing a strategic overhaul that places a premium on security, clarity of purpose, and admin control. With enhancements to recipient restrictions, conditional support for legacy authentication, and deeper logging and monitoring, Microsoft is ensuring that enterprise email is powerful and compliant at scale.
As enterprises adapt to these changes, those who modernize their authentication, follow policy best practices, and make informed use of HVE will benefit from greater reliability, transparency, and operational alignment in their communications strategy.
