Blog Post

Exchange Team Blog
4 MIN READ

Exchange Online to retire Basic auth for Client Submission (SMTP AUTH)

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Apr 15, 2024
Update 6/11/2025: We updated the timeline of this deprecation mentioned in this post. Exchange Online will permanently remove support for Basic authentication with Client Submission (SMTP AUTH) gra...
Updated Jun 12, 2025
Version 4.0
announcements
exchange online
security
transport
IanMcDonald's avatar
IanMcDonald
Icon for Microsoft rankMicrosoft
Oct 18, 2024

Hi Team, the SMTP AUTH Clients Report has been updated so that AuthMethod is available. The data is going to build up over the next 90 days, we rolled this update out asap instead of waiting for the data to build up in order to unblock customers.

LD1205's avatar
LD1205
Copper Contributor
Nov 08, 2024

Hi IanMcDonald,

I have downloaded the report and see TLSAuthLogin and XOAUTH2 in the authMethod field; It's fine for XOAUTH2 but for entries corresponding to TLSAuthLogin I found SMTP traffic from our Exchange On-Prem. going through the Hybrid Connectors (SMTP Relay) that (as I understood) will still be functional when Basic Auth. is depreciated. Is that correct ? And if so with the data build up, is it expected to have a direct way to identify Basic Auth. traffic from Hybrid Exchange On-Prem (SMTP Relay) - (For example : authMethod = TLSBasicAuthLogin).  

Am I correct in saying that the report showing TLSAuthLogin is a mix of Hybrid SMTP Relay traffic (which won't be depreciated) and Basic Auth. SMTP traffic that will end in 2025 ?