For latest updates on HVE, please see this post as well as this post.
Today we’re thrilled to announce the public preview of High Volume Email (HVE) for Microsoft 365. HVE is a new service designed...
Updated May 06, 2025
Version 5.0
Blog Post
I agree, ACS uses basic auth. I'm not necessarily concerned myself, but would love to know why Microsoft are so pro-basic-auth. with both ACS and now HVE? A lot of effort went into killing off basic auth. It must be expected that customers will be weary of going back to using it without some kind of explanation for why it's no longer the end of the world if they do.
I understand these accounts that are the username/password are not humans, so they won't have access to user / company data. But they can still be abused and used to send phishing emails which will pass SPF/DKIM/DMARC/CompAuth. So is this just not part of all the hype that was behind killing basic auth. in general, and all that hype was only attributed to users with access to company data?
Truly looking for an honest answer because I know I will be asked this question by many. Right now I'm making guesses.