Error: 535 5.7.139 Authentication unsuccessful SMTP for private outlook/hotmail accounts

For consumer Outlook.com/Hotmail accounts, SMTP AUTH can’t be enabled or managed in the Microsoft 365 admin center because these accounts don’t belong to an Exchange Online tenant that the user administers. The error

535 5.7.139 Authentication unsuccessful, SmtpClientAuthentication is disabled for the Mailbox

comes from the mailbox-side SMTP AUTH setting being disabled. In Microsoft 365 organizations this can be changed via Set-CASMailbox or tenant-wide SMTP AUTH settings, but those controls are only available to admins of an Exchange Online tenant, not to individual Outlook.com/Hotmail users.

For private Outlook.com/Hotmail accounts, there is no supported way for an end user or app developer to:

• Turn on SMTP AUTH at the mailbox level, or
• Override any organization-wide SMTP AUTH restrictions.

Instead, applications that need to send mail from Outlook.com/Hotmail should be designed to use modern authentication (OAuth) with the supported protocols (for example, via Microsoft Graph or other supported APIs) rather than SMTP AUTH.

If SMTP AUTH is disabled for a newly created Outlook.com/Hotmail mailbox, there is no configuration switch available to the account owner to re-enable it; the only option is to change the application to use a supported modern auth flow.

References:

• Enable or disable authenticated client SMTP submission (SMTP AUTH) in Exchange Online
• Fix issues with printers, scanners, and LOB apps that send email using Microsoft 365
• Can't connect to Outlook by using POP/IMAP and Modern authentication
• Outlook and other apps are unable to connect to Outlook.com when using Basic authentication