Hi Yusuf,
I saw your problem before, the old "535 5.7.139 Authentication unsuccessful" error, a classic scenario especially after changes like domain federation. It seems like you've covered some ground already by disabling the default security policy and enabling SMTP AUTH for users. Here's what might be worth a second look:
- Double-check Credentials: It might be a good idea to revisit the credentials being used. After federation changes, these can often be the culprits.
- Confirm SMTP AUTH Status: Have you had a chance to check that SMTP AUTH is active for all affected accounts? Sometimes, settings need a second look to catch any that might have been missed.
- Reassess Access Policies: I'd suggest reviewing any conditional access policies. They have a way of influencing SMTP authentication in unexpected ways.
- Password Synchronization: It’s worth taking another look at the password hash synchronization status. Ensuring this is functioning as intended could be key.
- SMTP Server Settings: Could there be any overlooked changes in your SMTP server setup post-federation? Sometimes the smallest change can have a big impact.
- Verify IP Allowlist: If you use IP allowlisting, confirming that the necessary IPs are still authorized to send emails could clear up some issues.
- Explore Detailed Logs: Diving into the SMTP service logs may reveal more insights. There might be a hint there waiting to be discovered.
- Test with a Reliable Account: Trying to authenticate with a proven account can sometimes help isolate whether the issue lies with the user accounts or the device setup.
I hope this helps with your query?