Microsoft is officially putting the final nail in the coffin for Basic Authentication and this time, SMTP AUTH is included. For many organisations, this change will quietly break legacy systems, scripts and devices that still rely on simple username-and-password email sending.
If you send email through Microsoft 365 using SMTP and haven’t modernised yet, here’s what you need to know – and how to keep your email flowing after Basic Auth disappears.
What is SMTP AUTH and Basic Authentication?
SMTP AUTH is the method many applications and devices use to send email through Microsoft 365 (for example, smtp.office365.com or smtp-legacy.office365.com).
Basic Authentication is the simplest form of authentication:
- A username
- A password
- Sent with every SMTP connection
Why is Microsoft ending Basic Authentication and SMTP AUTH?
Microsoft considers Basic Authentication to have security flaws and has been removing Basic Auth across Exchange Online for years, replacing it with Modern Authentication (OAuth 2.0). SMTP AUTH was one of the last remaining exceptions but that exception is ending soon.
Once disabled, any attempt to send mail using Basic Auth over SMTP will fail.
Who does this affect?
It primarily affects systems that send email in the background.
You’re likely affected if you have:
- Printers, copiers or scanners that email documents
- Older applications that send email via SMTP
- Scripts or automation jobs using hard-coded credentials
- Monitoring tools sending alerts via Microsoft 365 SMTP
- Legacy systems that cannot support OAuth 2.0
Many of these systems cannot be upgraded to use Modern Authentication, which creates a real problem once Basic Auth is gone. Modern Authentication is impractical or impossible for many legacy devices and simple applications.
Is there a solution?
Yes. If your systems can’t use Modern Authentication, you still have reliable options.
One of the most common and effective workarounds is to stop sending email through Microsoft’s SMTP servers and instead use a dedicated SMTP relay service, such as SMTP2GO.
If you’re already sending mail via our server (mail.smtp2go.com), you won’t be affected by Microsoft’s changes at all. By routing email through SMTP2GO, you’re bypassing Microsoft entirely and using our infrastructure instead – which continues to support standard SMTP authentication.
Your application or device sends email exactly as it always has, just to a different SMTP server. This approach is often the simplest and fastest fix, particularly for printers, scanners, scripts and other embedded or legacy systems.
What about OAuth?
SMTP2GO does not offer OAuth as a method for connecting to our service – and in practice, neither do other dedicated SMTP service providers. OAuth is primarily designed for sending mail through platforms such as Microsoft 365 or Google Workspace, not for standalone SMTP services.
What you should do now
Even if everything is still working today, waiting is risky. Once Basic Authentication is disabled, failures will be immediate and silent. Emails will simply stop sending.
That said, it’s important to note that these changes only apply when sending through Microsoft’s SMTP servers. If you’re sending email via SMTP2GO, you can continue using Basic Authentication without interruption.
We’ve already seen many organisations move away from Microsoft SMTP as a result of these changes and we’re ready to support many more as they do.
If you have any questions, please reach out to our support team.
