Starting in early 2022, Microsoft will also temporarily disable Basic Auth for some customers while it implements the changes necessary to support this effort.
Microsoft will randomly select tenants and disable Basic Auth for all protocols for a period of 12 to 48 hours. If the tenant admin has not already enabled these protocols with their self-service tools, they will be re-enabled after this period. All clients and apps using Basic Auth in that tenant will be affected during this period, and they will not be able to connect. Clients and apps using Modern Auth will not be impacted. While upgrading or reconfiguring their client apps, users can use alternate clients (for example, Outlook on the Web instead of an older Outlook client that does not support Modern Auth).
The new self-service option in the Microsoft 365 admin center allows you to opt-out and request that certain protocols remain enabled until October 2022 if you receive an Message Center post about Microsoft disabling Basic Auth for a protocol between now and then, or if Microsoft sends you a message saying they intend to disable Basic Auth for a short period of time. It was added by Microsoft to minimize disruptions during the transition from Basic Auth to Windows Authentication.
After October 2022, Microsoft will disable Basic Authentication, and users in your tenant will not be able to access their Exchange Online mailbox using Basic Authentication.
The configuration of Basic Auth will still be available at the mailbox level even though Microsoft will disable it via global tenant settings. Discover what Microsoft says about it and how to change the configuration.
Clients submit email using the SMTP AUTH protocol, which runs on TCP port 587. Modern authentication (Modern Auth) is supported by SMTP AUTH.
The majority of modern email clients (for example, Outlook, Outlook on the web, iOS Mail, and Outlook for iOS and Android, etc.) do not use SMTP AUTH when sending email messages to Exchange Online mailboxes in Office 365 or Microsoft 365.
Therefore, you should disable SMTP AUTH in your Exchange Online organization, and enable it only for those accounts (that is, mailboxes) that still require it.
There are two settings that can help you do this:
These settings apply only to mailboxes that are hosted in Exchange Online (Office 365 or Microsoft 365).
"Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser
2.Disable SMTP AUTH in your organization
NOTE: SMTP AUTH can only be disabled (or enabled) through the Exchange Online PowerShell (see how to install the EXO V2 module above).
Run the following PowerShell command to disable SMTP AUTH globally in your organization.
"Set-TransportConfig -SmtpClientAuthenticationDisabled $true"
Verify that the SmtpClientAuthenticationDisabled property is set to True in your organization's tenant by running the following command.
"Get-TransportConfig | Format-List SmtpClientAuthenticationDisabled"
Per-mailbox setting that overrides the organization-wide setting to disable (or enable) SMTP AUTH
1.Visit the Microsoft 365 Admin Center and select 'Users' > 'Active users'
2.In the flyout that appears, click 'Mail' for the selected user (Basic Auth in this example).
3.Verify that the 'Authenticated SMTP' setting is enabled: unchecked = disabled, checked = enabled.
4.On the "Manage email apps" flyout, click "Save changes" when you're done.