![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 74%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Developer technologies | C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 74%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOV%3C/text%3E%3C/svg%3E)
Thank you for reaching out regarding your application's use of Office 365 SMTP with MailKit.
Starting October 1, 2025, Microsoft will enforce Multi-Factor Authentication (MFA) and retire Basic Authentication for SMTP Client Submission (SMTP AUTH). This means that using a username and password alone to authenticate SMTP connections will no longer work. Your current setup with MailKit will not continue to work without changes.
To ensure uninterrupted email delivery, you’ll need to migrate to OAuth 2.0 authentication, which supports MFA and aligns with Microsoft’s security requirements.
Step-by-Step Procedure to Update Your Application
- Confirm OAuth Support in MailKit
- MailKit supports OAuth 2.0. Ensure you're using the latest version of the library.
- Register Your Application in Azure AD
- Go to the Azure Portal.
- Navigate to Azure Active Directory > App registrations.
- Click New registration and provide a name for your app.
- Set the redirect URI (can be a placeholder if not using interactive login).
- Configure API Permissions
- Under your app registration, go to API permissions.
- Add Microsoft Graph > Mail.Send permission.
- Grant admin consent if needed.
- Generate Client Credentials
- Under Certificates & secrets, create a client secret.
- Note the Application (client) ID, Directory (tenant) ID, and client secret—you’ll need these for token generation.
- Acquire OAuth 2.0 Token
- Use Microsoft’s token endpoint to request an access token POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token Include:
- client_id
- client_secret
- scope: https://outlook.office365.com/.default
- grant_type: client_credentials
- Update MailKit Code to Use OAuth
- Replace the username/password authentication with the OAuth token var oauth2 = new SaslMechanismOAuth2("******@domain.com", accessToken); smtpClient.Authenticate(oauth2);
- Test Thoroughly
- Validate that your application can send emails using the new OAuth flow.
- Monitor for any SMTP errors like 550 5.7.30 Basic authentication is not supported