SharePoint Online sent to Gmail addresses fail

Posted by Marak830@reddit | sysadmin | View on Reddit | 6 comments

Last Friday I was trying to diagnose an issue where certain M365 accounts were struggling to send links to files/folders for sharing to gmail addresses.

I ended up doing a Message Trace to find out that gmail was rejecting the emails due to new rules.

Here is the support response I received from MS - I hope this helps someone else who's beating their head against the wall lol.

Hello,

Good day to you!

We have completed our investigation into the issue where SharePoint Online sharing notifications sent to Gmail addresses fail with the error:

550 5.7.1 Messages missing a valid Message‑ID header are not accepted

Cause

This issue is caused by recent stricter enforcement of RFC 5322 email standards by Gmail. Gmail now rejects system‑generated emails that are missing mandatory headers, including the Message‑ID.

In this scenario:

When a user has an Exchange Online mailbox, SharePoint sharing notifications are routed through Exchange Online

The message generated on this path does not include a valid Message‑ID header

Gmail rejects the message as non‑compliant, resulting in an NDR

When a user does not have an Exchange Online mailbox, SharePoint uses a different internal notification service, and the email is delivered successfully

This behavior has been reproduced, and Exchange Online message tracing confirms the rejection is due to missing RFC‑compliant headers. Official References

The following official articles confirm the standards enforcement and expected behavior:

Google (Gmail) – RFC 5322 enforcement

    Gmail rejects emails that violate RFC 5322, including missing or malformed Message‑ID headers

    Official article:
    https://knowledge.workspace.google.com/admin/gmail/advanced/troubleshoot-rfc-5322-duplicate-header-bounce-messages [knowledge....google.com]

Microsoft – RFC compliance enforcement in Exchange Online

    Microsoft confirms ongoing changes to enforce strict RFC 5322 compliance in mail flow to improve security and prevent spoofing

    Official Microsoft Learn article:
    https://learn.microsoft.com/en-us/defender-office-365/anti-phishing-from-email-address-validation [learn.microsoft.com]

Important Clarification

This is not caused by tenant configuration, mail flow rules, spam filtering, or external sharing settings. There is currently no tenant‑side configuration available to modify or inject a Message‑ID header into SharePoint system‑generated emails. Current Workaround

Until Microsoft provides a product fix, the recommended workaround is:

Use “Copy link” in SharePoint and share the link manually via Outlook or another email client

This ensures the message is sent as a user‑generated email, which includes all required RFC 5322 headers and is accepted by Gmail.

Microsoft Product Fix

We have escalated this behavior to Microsoft as a product issue affecting the SharePoint Online → Exchange Online notification pipeline. Microsoft engineering is required to address this by ensuring RFC‑compliant headers are included in system‑generated notifications.

We will share updates as soon as Microsoft provides a fix or advisory.

[-]

power_dmarc@reddit

Classic Microsoft shipping a system that generates non-RFC-compliant emails and then leaving users to manually work around it while engineering quietly fixes it in the background.

saltyslugga@reddit

Good writeup, this has been biting people for months. Gmail's RFC 5322 enforcement caught a lot of system-generated mail off guard, not just SharePoint.

We caught similar issues across our tenant when Google tightened things up. We use Suped for DMARC monitoring and the aggregate reports made it obvious which internal services were generating non-compliant mail before users started complaining.

Annoying that MS still hasn't fixed the SPO notification pipeline though.

sryan2k1@reddit

What's disheartening is that Google has the data to know this was going to break, and someone sufficiently high up over there should have costarted someone sufficiently high up on the Microsoft side to get it in the pipe ahead of time.

techvet83@reddit

It's possible that Google did inform Microsoft ahead of time and Microsoft blew it off. I'm not saying that's likely, just that it's possible.

That's possible and makes it even worse for Microsoft

Marak830@reddit (OP)

Thanks. Caught me off guard when setting up a new tenent. I guess I'll just tell users to email links for now and hope it gets fixed. Like I need more complaints coming down the line haha.