Configuring Office 365 Outbound SMTP

Sometime in 2020, Microsoft turned off Basic Authentication in Office 365 making it impossible to connect with a simple username and password. Their very sensible reason for this is that email is a common attack vector and they are trying to reduce the volume of spam, phishing attacks and so on.

But this didn’t go down well with the world as a whole– so at some point later in they year they made it possible to switch it on again, probably because a lot of stand alone services, including those like FastClose Server need the ability to send email. And their OAUTH token based APIs, as we discovered, are very hard to work with.

Customers then, should do the following to get Basic Auth working:

• Don’t turn on "Secure Defaults" in Azure Active Directory

• Ensure “Block legacy authentication to Azure AD with Conditional Access” hasn’t been set

• For the outbound mailbox ensure that older protocols are enabled here:

And don’t set up 2 factor authentication on it.

THEN … this works.