Start by checking your delivery logs to see what response code and text description you are receiving when these messages are delivered. Apparently they are being accepted, but they may be getting accepted with a conditional statement that will be helpful.
You should also be looking at your DMARC reports, even though the ones from
Outlook.com are unreliable.
Alignment is a DMARC term. It describes the relationship between the verified identifier (SMTP Mail From address or DKIM domain) and the message's From address. If your DMARC policy species "Strict" alignment, the two domains have to match exactly. If your DMARC policy specifies "relaxed" alignment, the two domains just have to have the same organizational domain as their parent. So it has nothing to do with IP addresses.
SPF Pass uses IP address to prove that the sending IP address is authorized to send on behalf of the SMTP Mail From domain. Based on the tests you say are passing, your SPF policies should be OK.
The most likely problem is that you are sending messages to a distribution list. Many people are having problems sending messages to a list when the destination is on Outlook.com. They
seem to be dropping messages that have too many recipients. I suggest 50 as a maximum, but nobody really knows what rule they are using. I suspect that using Outlook mail-merge (or equivalent) to send a slightly personalized message to each recipient will evade the restriction, but I have not been able to prove that yet.
If it is a DMARC problem, here are things that can go wrong with it:
Forwarding
1) Maybe you allow forwarding, and a message from "user@otherdomain" is forwarded through a domain on your system. The message is not DKIM-signed, but it passes SPF on the way in, and it passes DMARC based on SPF alignment. On the way out, it will fail the DMARC test for "otherdomain". Either it will fail SPF because your server is not in the SPF policy for "otherdomain", or you do SRS rewrite and it does SPF PASS based on your domain but your domain is not aligned with the originator's FROM domain.
Content Changes
2) Maybe you have an outgoing gateway that sometimes alters the message (which is probably a bug). A signature applied by the SmarterMail server can become unverifiable if the message is altered on the way out the door. Of course, in this scenario the message should still pass DMARC based on SPF alignment (or equality).
3) Mailing Lists
You have a mailing list that alters messages with a subject tag or body tag, without changing the message From address. For posts from users hosted elsewhere, the message will lose SPF alignment because of forwarding, and will lose DKIM Pass because of the additions to the message.
The other possibility is that
Outlook.com is messed up and you are their victim. You can try making an appeal, but getting your recipients to open tickets is likely to produce faster and more informative results.