Skip to main content
Skip table of contents

Changes to Authentication in Exchange Online & Office365

Recent Announcement Should Not Impact DataSelf AD Users

DataSelf DSA AD, DSA Cloud AD and Excel AD uses the SMTP protocol for outgoing emails. Recent announcements from Microsoft specifically exclude the SMTP protocol.
See https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#when-will-this-change-take-place.

SMTP AUTH will still be available when Basic authentication is permanently disabled on October 1, 2022. The reason SMTP will still be available is that many multi-function devices such as printers and scanners can't be updated to use modern authentication. However, we strongly encourage customers to move away from using Basic authentication with SMTP AUTH when possible.
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#when-will-this-change-take-place

In September 2021, we announced that effective October 1, 2022, we will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used. See full announcement: Basic Authentication and Exchange Online – September 2021 Update.
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#when-will-this-change-take-place

“Basic Auth" or “basic authentication” means authentication with only a user name and password. See What is SMTP AUTH? below.

Today, we are announcing that, effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage, with the exception of SMTP Auth.

IMPORTANT: Sometime in second and third quarters of 2022 we will selectively pick tenants and disable Basic Auth for all affected protocols except SMTP AUTH for a period of 12-48 hours. After this time, Basic Auth for these protocols will be re-enabled, if the tenant admin has not already re-enabled them using our self-service tools.
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866

What is SMTP AUTH?

Microsoft publications and announcements avoid giving a clear, explicit definition of SMTP AUTH. They do define what Basic Authentication means and then use SMTP AUTH in the same sentence.

Microsoft does not clearly define what SMTP AUTH means.
I understand SMTH AUTH, Basic Authentication, and Basic AUTH means authentication with only a username and password.   
Contrast Basic AUTH with Modern Authentication /Modern AUTH.

Basic Authentication simply means the application sends a username and password with every request (often stored or saved on the device).


Please note this change does not affect SMTP AUTH – we will continue supporting Basic Authentication for the time being.  There is a huge number of devices and appliances that use SMTP for sending mail, and so we’re not including SMTP in this change

https://techcommunity.microsoft.com/t5/exchange-team-blog/improving-security-together/ba-p/805892

Microsoft’s Security Recommendation for SMTP

Disable SMTP AUTH in your Exchange Online organization, and enable it only for the accounts (that is, mailboxes) that still require it.

We strongly encourage customers to move away from using Basic authentication with SMTP AUTH when possible.

… we highly recommend that you disable SMTP AUTH in your Exchange Online organization, and enable it only for the accounts (that is, mailboxes) that still require it. There are two settings that can help you do this:

* An organization-wide setting to disable (or enable) SMTP AUTH.

* A per-mailbox setting that overrides the tenant-wide setting.

https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/authenticated-client-smtp-submission

SMTP AUTH will still be available when Basic authentication is permanently disabled on October 1, 2022. The reason SMTP will still be available is that many multi-function devices such as printers and scanners can't be updated to use modern authentication. However, we strongly encourage customers to move away from using Basic authentication with SMTP AUTH when possible.
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#when-will-this-change-take-place

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close