When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft has an update on Exchange Online Basic Auth removal for Office 365

Neowin · with 2 comments

microsoft exchange

Back in 2022, Microsoft announced the retirement of Basic Authentication as it was moving to modern OAuth 2.0 token-based authentication. The reason was simple, to move away from such simple username-password authentication to more secure sign-ins.

While Microsoft had previously planned to "permanently remove support for Basic authentication with Client Submission (SMTP AUTH) in September 2025", the company has now updated this timeline, adding a final delay. Perhaps this was on the cards given that Microsoft recently extended Basic Auth support for High Volume Email to 2028.

On the Microsoft 365 Admin Center, a new message has been posted that details the changes regarding SMTP (Simple Mail Transfer Protocol) AUTH Client Submission. The message says:

"Updated June 12, 2025: We have delayed the Basic Auth removal from SMTP AUTH Client Submission to begin March 1st 2026 and complete by April 30th 2026 in order to give customers more time to adopt alternatives. Expect no further delays beyond this date."

Thus, starting March 1, 2026, Exchange Online will begin phasing out Basic authentication for sending emails via SMTP AUTH. At first, fewer attempts will be blocked, but by April 30, 2026, this older method will be fully disabled. After that, any apps or devices that want to send email this way will need to use OAuth.

The message further adds how admins can proceed with the changes in case OAuth is not supported:

"If your client doesn’t support OAuth and you must use Basic Auth with Client Submission (SMTP AUTH), you will need to switch to one of the following alternatives before April 2026, previously September 2025:

  • If you are using basic authentication with Client Submission (SMTP AUTH) to send emails to recipients internal to your tenant, you can use Microsoft 365 High Volume Email.
  • If you are using basic authentication with Client Submission (SMTP AUTH) to send emails to recipients internal and external to your tenant, you can use Azure Communication Services Email.
  • If you have an Exchange Server on-premises in a hybrid configuration, you can use Basic auth to authenticate with the Exchange Server on-premises or configure the Exchange Server on-premises with a Receive connector that allows anonymous relay on Exchange servers.

Regardless of the volume of email, if you must use Basic auth to send email with Exchange Online, then you must use one of the alternatives or a 3P solution."

Users who have access to the M365 Admin Center can view the message under ID MC786329.

Report a problem with article
Microsoft Logo
Next Article

Microsoft commits to upskill 1 million UK workers in AI this year

Previous Article

Weekend PC Game Deals: Total War grabs, management freebies, demos to try, and more

Join the conversation!

Login or Sign Up to read and post a comment.

2 Comments - Add comment