Authenticated SMTP (587/TCP)

Steel Contributor

Hi all,


For those who are struggling with setting up Authenticated SMTP (SMTP AUTH over 587/TCP) on multifunctionals or webforms (that don't support modern authentication/OAuth) since the deprecation of the legacy authentication protocols this year.


Here are the prerequisites:

A user with a mailbox (At least a Exchange Online P1 license)

SMTP AUTH has to be enabled at the user- or tenantlevel

Security defaults has to be turned off

MFA has to be disabled in the per-user MFA portal

The user has to be excluded from the conditional access policy that enforces MFA


Please note that App Passwords are history since the deprecation of the legacy authentication protocols.

2 Replies
Security defaults covers all authentication methods. You’ll need to disable security defaults and enable SMTP auth on the account you’re using to send emails. After this just enable per user mfa on all accounts manually. SMTP auth supports both modern and basic authentication.


Yes, security default applied to basic auth for SMTP, you may consider conditional access instead if you would like to keep security default