Apr 12 2023 11:51 PM - edited Apr 20 2024 07:21 AM
Hi all,
For those who are struggling with setting up Authenticated SMTP (SMTP AUTH over 587/TCP) on multifunctionals or webforms (that don't support modern authentication/OAuth) since the deprecation of the legacy authentication protocols this year.
Here are the prerequisites:
A user with a mailbox (At least a Exchange Online P1 license)
SMTP AUTH has to be enabled at the user- or tenantlevel
Security defaults has to be turned off
MFA has to be disabled in the per-user MFA portal
The user has to be excluded from the conditional access policy that enforces MFA
Please note that App Passwords are history since the deprecation of the legacy authentication protocols.
Update 04/15/2024. Please note that Microsoft will remove support for SMTP AUTH in September 2025. The route forward is for developers to replace basic authentication with OAuth.
Apr 13 2023 02:41 PM
Apr 13 2023 05:14 PM
Yes, security default applied to basic auth for SMTP, you may consider conditional access instead if you would like to keep security default
Apr 20 2024 07:20 AM
May 13 2024 06:38 AM
@MathieuVandenHautte
I am not sure if any of you know about this, but I am trying to send emails using my personal Outlook account using a curl script. However, the only way I have gotten to work is to generate an app specific password. Is there a way around this, similar to what is being discussed in this thread?
Thanks!