Update 6/11/2025: We updated the timeline of this deprecation mentioned in this post.
Exchange Online will permanently remove support for Basic authentication with Client Submission (SMTP AUTH) gra...
Updated Jun 12, 2025
Version 4.0
Blog Post
IanMcDonaldI'd have to register a lot of application keys for dozens/hundreds of different services. And warn clients which mail services are supported, and disable the feature of the client's custom SMTP server.
And for each of the external mail services: write an adapter, write a lot of code, test it all (and ideally write autotests and so on).
A lot of problems simply because... just because.
Communication with the remote server already happens via TLS. It is already safe. Please point me a man who do not use transport secure layer. And it is possible to transfer sending passwords as plaintext (or Base64) into sending hashes (and such an authorization method exists!).
But no, they insist to use the only one possible (and the most inconvenient!) method.