Users sending emails from personal accounts (e.g., Hotmail, Outlook.com) to a corporate domain protected by Email Security.cloud receive a Non-Delivery Report (NDR) stating "spam abuse was detected." Additionally, these delivery attempts do not appear in the Track and Trace logs within the Email Security.cloud portal.

Email Security.cloud

The rejection is occurring at the SMTP connection level, before the email is fully accepted by the Email Security.cloud infrastructure. This typically happens for two reasons:

1.  IP Reputation: The sending IP range from the service provider (e.g., Microsoft) has been flagged for spam activity and is blocked by global or local traffic-shaping filters.
2.  Sender Limits: The sender has reached Microsoft’s internal "high-volume" or "spam abuse" thresholds, causing Microsoft to issue the NDR directly.

Because the connection is terminated during the initial SMTP handshake, the service cannot record the metadata required for a Track and Trace log entry.

Since the rejection occurs before the message reaches the Email Security.cloud service, the issue must be addressed at the source that is by contacting the Sending Provider.

The user should provide the full NDR to Microsoft Support to request an investigation into why their account or the specific IP range is being flagged.