Basic Authentication and Exchange Online – June 2021 Update

I have what I think is an atypical situation from a typical EXO tenant described in Greg Taylor - EXCHANGE ’s presentation, “Get Ready for Basic Auth Deprecation in Exchange Online”.  

I have an existing (client) tenant that was not using EXO before, and now I’m migrating mailboxes over.  I learned that BasicAuth was turned off (BasicAuthBlockedApps value is 255).  I get it.  It was true they were not using Basic Auth (since they had no EXO mailboxes yet).  I take no issue there.

The catch is, they did have a function (only one so far) on-prem that uses IMAP - and I migrated that mailbox Friday - not expecting this huge wrestling match to work around the problem.  I have tried to use the self diagnostic to “re-enable IMAP basic auth”, but I’m not having any success there (2 days later still shows Basic Auth disabled for all protocols) - even though I DID get a confirmation when I requested IMAP protocol opt-out.    I used the Exchange Connectivity tool for IMAP. Of course OAuth2 works fine, but Basic Auth testing bombs with, “Message: The IMAP server responded with an error status "2 NO LOGIN failed.". 

I have created an authentication policy.   I have applied it to the user/mailbox.  I have re-verified it.

I certainly realize that I need to get the vendor to update the app, but I’m starting to feel panicky about Monday morning approaching with a broken accounting system.

Anybody have some suggestions?   (I did start a ticket on Friday, but I was mistaken about thinking that an App Password for the IMAP login would be helpful.  I have now realize that’s only OAuth).   I’ve spent hours.  I’m stuck.