Thank you for posting this in Microsoft Q&A.
I understand that your application is using SMTP protocol to send emails to users. But it's stopped working now for you.
This is because of Deprecation of Basic authentication in Exchange Online. Basic auth is a legacy authentication method that sends usernames and passwords in plain text over the network. This makes it vulnerable to credential theft, phishing, and brute force attacks. The deprecation of basic authentication also prevents the use of app passwords with apps that don't support two-step verification. To improve the protection of data, we are retiring Basic auth from Client Submission (SMTP AUTH) and encouraging to use modern authentication methods that are more secure.
As per recent announcement Exchange Online will permanently remove support for Basic authentication with Client Submission (SMTP AUTH) in September 2025. After this time, applications and devices will no longer be able to use Basic auth as an authentication method and must use OAuth when using SMTP AUTH to send email.
You can use the OAuth authentication service provided by Microsoft Entra to enable your application to connect with IMAP, POP, or SMTP protocols to access Exchange Online in Office 365. To use OAuth with your application, you need to:
- Register your application with Microsoft Entra.
- Get an access token from a token server.
- Authenticate connection requests with an access token.
Please follow these step-by-step instructions to implement OAuth 2.0 authentication: https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
For more Information about alternative options, please see our announcement here- https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-to-retire-basic-auth-for-client-submission-smtp/ba-p/4114750
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
If the answer is helpful, please click "Accept Answer" and kindly "upvote" it.