Forum Discussion

Jeff Harlow's avatar
Jeff Harlow
Iron Contributor
Feb 23, 2018

Send Mail (SMTP) through Office 365 with MFA

We have a web server that needs to be able to send emails as users (FROM field); however, we have noticed that if the user account is protected with MFA, the message is rejected.  Has anyone been abl...
Authentication
exchange
office 365
security
Jim Hill's avatar
Jim Hill
Brass Contributor
Aug 14, 2019

Jeff Harlow someone answered below, not sure why that took so long. The easy answer is that you generate and then use an app password for that account, instead of the regular user password.  That in effect serves as the second authentication method for the dual authentication.   However...

We too use SMTP to send email from various robots, web sites, and marketing systems.  What I have done to reduce the complexity somewhere (perhaps?), is to adopt a third party mailing system with complete DKIM/DMARC/SPF records in place for this third party sender.  This really does eliminate so much of the hassle with using an Office 365 SMTP account to send email.  I really think that the app password is kind of hack, it's just another password that can be cracked!  We are using Mailjet. 

Resources