Basic Authentication Deprecation in Exchange Online – May 2022 Update

Greg-CNS , my suggestion would be to use a separate SMTP account with Basic Auth enabled for all UPS devices still. Me personally I always create separate accounts for groups of devices (like mailto:printer@example.com, mailto:ups@example.com, mailto:erpsoftware@example.com, etc.). These emails can be the same for all clients. You can look at it like "if UPS is leased to the client as a service, then SMTP account for that device could be leased as a service too". You can even created aliases like mailto:ups1@example.com, mailto:ups2@example.com and send from these addresses using exactly the same mailbox. Unless clients insist that these UPS devices must send email from their domain, then you will have to create these mailboxes for every client.

Anyway, this way you will have a better visibility into the tenants, who is sending what, and it is much easier to debug when things go sideways. Remember, the point of username is to identify the user OR, in case of non-interactive session, the device.

By the way, you don't need full M365 license for that. Exchange Online Kiosk license which costs something like 2 USD a month would be enough to send SMTP email. I know some guys did manage to get it working with a shared mailbox without a license, but I didn't try that personally.

Of course there is always an option with SMTP Relay, but then you have to do authentication by IP or by Certificate, which could be more cost intensive than couple of dollars a month for Kiosk license.

IMAP and POP is of course is completely different matter, I don't have good recommendation for that. I suspect all those ERP software developers will have to move to Modern Auth sooner rather than latter because it's not only Microsoft which is disabling Basic Auth. Google is disabling basic auth next month and some other providers already disabled it.