With Microsoft planning to retire basic authentication for SMTP (Client Submission) starting March 1, 2026, I'm concerned about how to manage devices that still rely on this method. Many of my devices, particularly for scanning to email and some reporting apps, only support basic auth. I need to figure out the best workaround or alternative solutions to ensure they can still send emails securely. Any advice?
5 Answers
I'm considering an internal relay setup as well. It allows basic SMTP to send to the relay, which can then use OAuth to communicate with Exchange Online without changing existing devices.
Agreed! It's vital to ensure your relay server is secure to prevent unauthorized access.
For our needs, we've set up AWS SES, which has been effective for internal communications. But for legacy systems that can't adapt, SMTP2GO seems like a practical backup.
Nice! IAM policies with SES help keep things secure. But yeah, for older systems, having SMTP2GO as a fallback is wise.
I hear you! Balancing modern systems with older tech can be a real challenge.
We've been pushing suppliers to update their devices or replace them if they can't support newer authentication methods. Can't let old tech hold us back in a changing environment!
Totally! Updating devices can be a hassle, but it's necessary for long-term security.
Setting up an on-prem SMTP server that connects with Exchange Online can help. Devices will point to this local SMTP server, which then routes emails to Exchange. Just ensure it's properly configured for your network.
We do something similar with Postfix on Ubuntu, which works great for us!
Exactly! It's a neat solution that lets us keep control without depending on third-party services.
I recommend looking into SMTP2GO. I've been using it for personal email with my own mail server and have had a great experience. It's a reliable option to move away from basic auth while ensuring security.
Same here! We just switched to SMTP2GO, and it feels much more secure. Plus, the setup was straightforward.
Does it work with our existing Office 365 setup? I think I might need to update some DNS settings.
That sounds like a solid plan! Just be cautious about potential security vulnerabilities.