This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 21%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGA%3C/text%3E%3C/svg%3E)
Hi, we will be migrating from on-prem Exchange to Exchange online. We have several systems and applications that currently use our internal smtp relay to send email notifications. We will need to change this to O365 smtp using basic / modern authentication method. We have created a service email account that we will be using as authentication (as login account). As a test, when we use smtp.office365.com (port 25 / 587) with username / password (this new service email account), we get the error "unable to connect to SMTP server because of invalid credentials or connection settings". We have SMTP Authentication disabled at the organisation level but tried to enable it for the mailbox that we use for basic authentication testing as a logon user. Can we please get some suggestions?
Why not continue to use the internal SMTP relay and create a connector to it from on-prem to 365 instead?
That way you can lock down 365 to modern auth and disable SMTP auth at the tenant level.
Thanks @Andy David we will be migrating all our on-prem servers to Azure and will decommission all these servers. We have both internal and external applications that we need to relay and after looking at the MS official doc (https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365) and thinking to use option 1. But we are having some authentication issue and tbh, we are a little bit confused as to what option should we use with our current organization setup. This account that we created to use as logon account for basic authentication, has MFA enabled (as per the org policy to use MFA for all users), not sure if this is causing the authentication to fail? We are open to any suggestions and will appreciate the advice. Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Hi @Ghulam Abbas,
Please refer to the following link for detailed guide:
How to set up a multifunction device or application to send email using Microsoft 365 or Office 365
In short, if you would like to use basic authentication, you may need to disable security defaults.
(Security defaults works on tenant-level so even if you enable SMTP auth for a specific mailbox, it still doesn't work)
If possible please consider using modern auth or refer to Option 3 in the link to create a receive connector for the devices and applications.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @Kael Yao Thanks. Yes, we are following the same link by MS when trying to use some of these options. We have several application (internal and external) and most of them don't support modern authentication so we will need to be using basic authentication with username and passwords (thats what we are trying to test and getting an authentication error).
Thanks for the update.
While if you have to use basic authentication, you may need to disable security defaults in Azure AD and enable SMTP auth for this mailbox, also make sure MFA is not enabled for this mailbox and no conditional access policy applied which blocks SMTP auth.
Refer to this link: Error: Authentication unsuccessful
Thanks , Yes, the security defaults are disabled in Azure AD, and we have enabled the SMTP Auth and disabled MFA for this mailbox. As a test, we are currently testing this on our Veeam application to send out the notification and unfortunately not getting it to work and running out of the ideas.
Is the error message in Veeam application still like authentication failed?
Hi @Kael Yao Yes, still getting the same authentication error
Does the device support TLS 1.2?
If yes, I would suggest involving Veeam support to check if they can get more detailed information about why the authentication failed.
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
1 deleted commentComments have been turned off. Learn more
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 52%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELI%3C/text%3E%3C/svg%3E)
@ghulam abbas How do you resolve/solution this? We have similar environment and we be use same setup for internal and external application.