![(Updated) Exchange Online to retire Basic Auth for Client Submission (SMTP AUTH) [MC786329]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-joshsorenson-1714208-1024x683.webp "(Updated) Exchange Online to retire Basic Auth for Client Submission (SMTP AUTH) [MC786329] 1")
Message ID: MC786329 (Updated)
Updated June 12, 2025: We have delayed the Basic Auth removal from SMTP AUTH Client Submission to begin March 1st 2026 and complete by April 30th 2026 in order to give customers more time to adopt alternatives. Expect no further delays beyond this date. Please review the information below for more details.
Updated October 18, 2024: We have updated the SMTP AUTH Clients Submission Report in the Exchange admin center, adding the Authentication Protocol column to show if Basic auth or OAuth is being used to submit email to Exchange Online. The data will build up over the next 90 days. Thank you for your patience.
Today, we are announcing that Exchange Online will permanently remove support for Basic authentication with Client Submission (SMTP AUTH) gradually beginning with a small percentage of submission rejections for all tenants on March 1st 2026 and reaching 100% rejections on April 30th 2026, (previously September 2025). After this time, applications and devices will no longer be able to use Basic auth as an authentication method and must use OAuth when using SMTP AUTH to send email.
Basic auth is a legacy authentication method that sends usernames and passwords in plain text over the network. This makes it vulnerable to credential theft, phishing, and brute force attacks. To improve the protection of our customers and their data, we are retiring Basic auth from Client Submission (SMTP AUTH) and encouraging customers to use modern authentication methods that are more secure.
[When this will happen:]
We will be making this change beginning March 1st, 2026, and completing April 30th, 2026 (previously September 2025).
[How this will affect your organization:]
The SMTP AUTH Clients Submission Report in the Exchange admin center has been updated to show if Basic auth or OAuth is being used to submit email to Exchange Online. Starting in July 2025, we will send monthly Message Center posts to tenants who are using Basic auth with Client Submission (SMTP AUTH) to alert them to the upcoming change.
Starting March 1st 2026 (previously September 2025) we will gradually start rejecting Basic Auth requests to the Client Submission (SMTP AUTH) endpoints, increasing to 100% rejection by the end of the April 2026.
The Client Submission (SMTP AUTH) endpoints in scope for this change are:
• smtp.office365.com
• smtp-legacy.office365.com
Once Basic auth is permanently disabled, any clients or apps connecting using Basic auth with Client Submission (SMTP AUTH) will receive this response:
• 550 5.7.30 Basic authentication is not supported for Client Submission.
[What you need to do to prepare:]
If your client supports OAuth, follow these steps: Authenticate an IMAP, POP or SMTP connection using OAuth
If your client doesn’t support OAuth and you must use Basic Auth with Client Submission (SMTP AUTH), you will need to switch to one of the following alternatives before April 2026, previously September 2025:
• If you are using basic authentication with Client Submission (SMTP AUTH) to send emails to recipients internal to your tenant, you can use Microsoft 365 High Volume Email. Please visit this site to learn more: Manage high volume emails for Microsoft 365 Public preview
• If you are using basic authentication with Client Submission (SMTP AUTH) to send emails to recipients internal and external to your tenant, you can use Azure Communication Services Email. Please visit this site to learn more: Overview of Azure Communication Services email
• If you have an Exchange Server on-premises in a hybrid configuration, you can use Basic auth to authenticate with the Exchange Server on-premises or configure the Exchange Server on-premises with a Receive connector that allows anonymous relay on Exchange servers. Please visit this site to learn more: Allow anonymous relay on Exchange servers
Regardless of the volume of email, if you must use Basic auth to send email with Exchange Online, then you must use one of the alternatives or a 3P solution.
We understand that this change requires some adjustments, but we believe that this is a necessary step to enhance the security and reliability of our email service and your data.
Source: Microsoft
<<< [MC786329] Archive
Tooltip: View earlier revisions of this post
Latest Posts
- (Updated) Microsoft Teams: Customize the location of notifications in Teams for the web [MC1013461]
- (Updated) Microsoft Teams: Change background while recording on phone [MC718553]
- (Updated) Microsoft Teams: Create new channels faster from the “New items” menu at top of the list of chats and channels [MC1053645]
- (Updated) Microsoft Teams admin center: App centric management for app installation and changes to app setup policies [MC795355]
![(Updated) Microsoft Teams: New location sharing settings for emergency calls and other features [MC993226]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-zachtheshoota-1888883-150x150.webp "(Updated) Microsoft Teams: New location sharing settings for emergency calls and other features [MC993226] 6")
![Power Platform – Public preview for the multi-rule routing system [MC1093070]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-45853-150x150.webp "Power Platform – Public preview for the multi-rule routing system [MC1093070] 7")