MicrosoftDBurkhanaev, you wrote that "This application also requires that you give your email credentials for third party provider (ie Gmail) to MS and they will go out and grab ...". In the classic client server model, a mail client (e.g., Outlook 365, Windows Mail, etc.) would connect to a mail server (e.g., Exchange or pop or IMAP.MyISVsServer.com, and an SMTP server to send). The way I've always seen "WebMail" was that the web server, e.g., HotMail, was the mail client with its UI exposed to the WWW and accesses via my browser. A Client-Server/Client-Server sort of model sorta like a server application can be a client to a DBMS.
So in my model described above, when you "you give your email credentials for third party provider (ie Gmail) to MS" you are in fact still giving those credentials to the mail client - but the client is now running on a Microsoft server. Maybe don't like it ... maybe got the exposure you're concerned about ... but at least has a decent sense of why.
