Online-Fachhandel für Industriekunden, Gewerbekunden und öffentliche Einrichtungen - Kein Verkauf an Privatkunden
Industry-Electronics auf Deutsch Zur englischen Sprache wechseln
Technik & Elektronik Blog von Industry-ElectronicsWarning - Microsoft New Outlook

Microsoft's New Outlook: What's New – and Why You Should Stay Away

Microsoft is strongly urging Windows users to switch to the "new Outlook"—a revamped mail client designed to replace classic apps. However, alongside some innovations, significant privacy concerns have sparked criticism. This blog post provides an overview of what the new Outlook offers, examines the privacy concerns (especially the transmission of login credentials to Microsoft), and explains why using it is currently not advisable. Finally, some alternative, secure mail clients are introduced.

Overview: The New Outlook and Its Innovations

An Outlook with an Old Name

Around a year ago, Microsoft released a new email program under the familiar name "Outlook." It is now even automatically installed on Windows 11 and appears in the Start menu as "Outlook (new)." In the long term, it is intended to replace the previous Windows 10 apps Mail, Calendar, and Contacts (People), consolidating all these functions into a single application. Even in classic Outlook (part of Office/Microsoft 365), there is a toggle switch labeled "Try the new Outlook," which allows users to switch to the new app.

Despite sharing the same name, the "new Outlook" is a completely separate program. Technically, it is essentially a wrapper for the Outlook.com web client with some additional features. Unlike the pure browser version, it can also connect to email accounts from other providers via IMAP (although POP3 is not supported).

Functionality and Differences

Anyone who tries the new Outlook quickly notices that it has not yet reached the full capabilities of the old Outlook. On the contrary, it is a newly developed program that currently lacks many functions of its predecessor or implements them incompletely. According to a report by c’t, missing features include shared mailboxes, public folders, custom forms, S/MIME encryption, full offline operation, search folders, and customizable toolbars.

Macros and add-ins such as VBA scripts or COM extensions have also been removed—these can at best be replaced by web add-ins, if available. Some of these missing functions are planned to be added by Microsoft before the final phase-out of classic Outlook, while others will likely disappear entirely or return only partially.

Besides the missing features, testers also complain about performance issues—the interface responds sluggishly. Microsoft itself admits that completely replacing the old Outlook will take time: according to current planning, it will take four years to develop the new Outlook into a full-fledged replacement. At present, it is still far from that goal.

Privacy Issues: How Outlook Sends Login Credentials to the Cloud

The most severe criticism of the new Outlook concerns privacy—specifically, how the program handles login credentials and messages when integrating external email accounts.

Anyone who sets up an external email account in the new Outlook (e.g., a company account or another email provider via IMAP) must expect a surprising architectural change: Unlike conventional mail programs—including the classic Outlook—the new Outlook app does not communicate directly with the provider's mail server. Instead, a Microsoft cloud service takes over this task.

What This Means in Practice

When you enter login credentials for an external mail account in Outlook, the app sends the username and password to Microsoft's servers. From there, Microsoft logs into your actual mail server on your behalf, retrieves the emails, and stores them in the Microsoft cloud. This means all emails already in your inbox are copied to Microsoft's servers, along with your login credentials—a significant invasion of privacy.

Unclear Warnings

When adding an external account in Outlook, a warning appears, informing users that their emails will be synchronized with Microsoft's cloud. However, this warning is vaguely worded and omits crucial details. It merely states:

"To add your IMAP account to Outlook, we need to synchronize your emails with the Microsoft Cloud. All contacts and events you create in Outlook will be stored in the Microsoft Cloud."

There is no mention of login data being disclosed or all emails being copied.

A screenshot from the new Outlook shows a dialog box warning that IMAP accounts require synchronization with Microsoft's cloud—yet the transmission of login credentials remains unmentioned. Clicking on "More Information" leads to a Microsoft support article which, at the time of testing, contained no reference to password storage. Such unclear messages make it difficult for users to recognize the full extent of data transfers.

Comparison to Illustrate the Problem

It is as if you gave your neighbor the key to your mailbox so they could pick up, open, and read your mail before handing it over to you. In the same way, Microsoft acts as an additional "mailman" here, gaining full access to your correspondence.

Privacy advocates are alarmed: The German Federal Commissioner for Data Protection, Ulrich Kelber, expressed concerns about this "data diversion" in the new Outlook. The tech magazine c’t had just recently discovered that when setting up an IMAP account, Outlook actually transmits login credentials to Microsoft's servers without explicit user consent. Kelber has asked the Irish Data Protection Authority (which oversees Microsoft in the EU) to investigate the issue.

This is not just a theoretical issue—potential violations of data protection regulations are feared.

Conclusion: Why You Should Avoid the New Outlook (For Now)

The new Outlook demonstrates where Microsoft wants to take its mail client—toward deeper cloud integration and a unified experience across various accounts. However, the price for this "convenience" is high:

  • Users must hand over sensitive data.
  • Their entire email communication is moved into Microsoft's cloud, often without them realizing it.

For Microsoft accounts themselves (e.g., an Outlook.com or Exchange Online mailbox), this is not a fundamental change—emails are already stored at Microsoft, and the privacy implications are less drastic. However, as soon as external email providers or private mail servers are involved, the risks far outweigh the benefits.

Experts strongly advise against using the new Outlook with external accounts. Companies should block the transition, and privacy-conscious individuals should, at the very least, stay away from it for now.

Bottom Line:
Microsoft's new mail app is currently neither mature nor trustworthy in terms of privacy. Until Microsoft changes its practice of routing login data and emails through its own cloud, caution is advised.

Alternative, Secure Mail Clients

Fortunately, users are not forced to rely on the new Outlook. There are numerous email programs available that do not come with these privacy risks. Below are some recommended alternatives:

Mozilla Thunderbird

A free, open-source mail client for Windows, macOS, and Linux. Thunderbird connects directly to the mail servers of providers and stores data locally—without routing through third-party cloud services. It supports IMAP, POP3, and SMTP and offers features such as end-to-end encryption (OpenPGP), calendars, and contacts via add-ons. Due to its open-source nature, Thunderbird is considered privacy-friendly and transparent.

Classic Microsoft Outlook

Users who have the traditional Outlook (from Office or Microsoft 365) installed can continue using it for now. The classic Outlook, like other local mail programs, communicates directly with the respective mail server rather than through Microsoft's cloud. This avoids the data redirection criticized in the new Outlook. While Microsoft plans to phase it out in the future, for now, the classic Outlook (or the existing Windows Mail app) remains a safe choice for those who need its functionality.

eM Client

A modern email client for Windows and Mac that is available for free in its basic version. eM Client supports multiple accounts (IMAP, POP3, Exchange, etc.), including calendars and contacts, and synchronizes directly with providers' mail servers. It offers an Outlook-like interface and features such as integrated chat and translation tools. Regarding privacy, eM Client ensures that no login data is transmitted to third parties—all credentials remain between the user and the respective email provider.

The Bat!

This versatile mail client is particularly popular among security-conscious users. The Bat! offers powerful end-to-end encryption (OpenPGP and S/MIME), extensive customization options, and communicates directly with mail servers—without data redirection or intermediate storage in cloud services. One of its standout features is its strong privacy focus: login credentials and emails remain exclusively on your device, and sensitive messages can be stored with secure local encryption. Due to its security and privacy features, The Bat! is a clear recommendation for users who want to maintain maximum control over their communication.

Apple Mail (for macOS)

The built-in mail app in macOS is a reliable option for Apple users. It supports all common mail services (including iCloud, Gmail, Yahoo, Exchange, etc.) and retrieves emails directly from the respective server. Apple Mail does not use its own cloud relay servers for external accounts, ensuring that login credentials remain on the user's device. Due to its deep system integration, it also provides a high level of user convenience on the Mac.

All of these alternatives connect directly to email servers without routing data through a third-party cloud. This ensures that users retain full control over their data—just as it should be with classic mail programs.

Suche läuft
Suche wird durchgeführt.
Bitte haben Sie etwas Geduld...
Fehlende Felder
Schließen