If they are getting the "guest" role as you have indicated, they do not have the ability to do POP3, IMAP, or SMTP based on your firewall rules. SMTP is required to send email and POP3/IMAP is required to retrieve email (for this service). As I mentioned, outlook.com uses encrypted ports for this. I'd confirm what the Outlook clients have defined and add the following as necessary:
Create new services if Outlook is using TLS and SSL (confirm through Outlook settings) - Seen Here
netservice svc-smtp-secure tcp 587
netservice svc-pop3-secure tcp 995
netservice svc-imap-secure tcp 993
Create new service if using standard ports
netservice svc-imap tcp 143
Create new ACL (add those necessary)
ip access-list session guest-email-acl
user any svc-smtp-secure permit
user any svc-pop3-secure permit
user any svc-imap-secure permit
user any svc-smtp permit
user any svc-pop3 permit
user any svc-imap permit
Apply ACL to role
user-role guest
access-list session guest-email-acl
***Disclaimer. Be sure you want to allow SMTP for your guests, some organizations view this as against policy to allow SMTP outbound from corporate networks (even for guests).