SMTP Email Sending Issue with MFA on a Service Account in Microsoft 365 Business Premium

Question

I have a Microsoft 365 Business Premium subscription, and I'm facing an issue with a service mailbox that has an Exchange Online Plan 1 license. This mailbox needs to send emails via SMTP. However, even though Multi-Factor Authentication (MFA) is enabled for all users in Entra (formerly known as Azure Active Directory), the option to "create app password" is missing.

Attempting to disable MFA for this specific mailbox does not bypass the requirement; MFA prompts still occur. I need to either generate an app password for this service mailbox or completely disable MFA to allow SMTP email sending. How can this issue be resolved?

Answer 1

How is MFA implemented?

By Security Defaults: You would need to disable it entirely ( not recommended)

With a Conditional Access Policy? Exclude the mailbox from the policy

per user? Disable the per user option for that mailbox

You would also need to verify that MFA registration is disabled for that mailbox

App passwords do not work with modern auth: https://learn.microsoft.com/en-us/entra/identity/authentication/howto-mfa-app-passwords

Best solution: Leave MFA as is for all users and send email using an OAuth App instead:

https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth