*web/email not working for smtp.office365.com

Started by Shawn@EVENT, June 17, 2022, 10:17:21 AM

Previous topic - Next topic

Shawn@EVENT

For a client with  pxplus 15.1 I'm using *web/email for outgoing mail. They recently switched to Office 365 for their mail.
I changed the smtp variable. Now it contains 'smtp.office365.com; 587; userid; password'.
The error message that is returned says 'Sending to SMTP Server Failed; (23): SMTP Authentication, Login Failed.
I have verified that the username and password is correct by connecting to the office 365 web page

What did I do wrong?

Mike King

#1
You might need to enable SMTP access to your Office365 account.  By default many Internet mail servers will not allow you to connect and send email without you first authorizing access.
Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com

Jeffrey Ferreira

Hi All,

I keep hearing people mention that Microsoft is doing away with basic Authentication for emailing thru an App an instead we will need to use something called OAuth. But then i read that there will be an exception for SMTP. I heard the date October 1, 2022 mentioned.  Can anyone shed any light on this? I'm concerned that our Office 365 email integrations could potentially stop working.

thanks
jeff

Mike King

SMTP is used to send emails whereas POP3 and IMAP are used to access email accounts.

While I can understand OAUTH being mandated for POP3 and IMAP for security purposes, requiring OAUTH for SMTP would be problematic.  For one thing SMTP is used within the Internet to forward emails between various email servers and there are thousands of applications that need to be able to send emails for which implementing OAUTH would be problematic.

What OAUTH does basically is require an application to obtain an application identifier and then a browser request that the user sign on to their account and authorize that the application has access to some aspects of their account.

From a smartphone or desktop "App" perspective, requiring OAUTH is not a problem to implement as you have access to a browser.  However for systems that use email to send alerts, forward voicemails, or other notification types of messages there is no easy way to exchange the authorization information -- thus we are not surprise that SMTP will not require OAUTH.  It may still be desirable but to mandate it would require changes to anything that potentially sends emails, from home security systems, phone systems, monitoring equipment, etc.

Enforcing OAUTH on POP3 and IMAP access does however make sense and will not impact as many systems.

Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com