• Oxford, Bicester
  • 01865 771011
  • 18:51

I had a call from a customer in Abingdon (just a few miles from Oxford) who could no longer configure his Microsoft Office 365 email account inside a Windows 10 desktop email client. After a bit of back and forth, it became clear that he was using IMAP / SMTP configuration and some sort of “ancient” email client (I didn’t have a TeamViewer connection and could not tell what software exactly he was using). He was entering the correct IMAP / SMTP server details (shown below) and the correct Microsoft 365 username and password. Regardless, the email client was repeatedly asking for a password and throwing errors, something IMAP and SMTP servers were rejecting the connection…

  • IMAP: outlook.office365.com, port 993 SSL/TLS
  • SMTP: smtp.office365.com, port 587 STARTTLS

A bit of background – traditionally IMAP / SMTP setup used basic authentication where username and password are saved by the email client and sent to an email provider for authentication. This is now considered outdated and insecure, and most email providers (including Microsoft and Google) prefer “modern” OAuth authentication. With OAuth, the user is presented with with Microsft / Google login prompt and after entering the correct login details must grant the application required access.

OAuth Permissions Request
OAuth Permissions Request

The application itself never needs to see or save the user’s password. Additionally, the OAuth system supports multi-factor authentication and other security improvements.

Microsoft has disabled basic authentication for all Microsoft Office 365 users sometime in 2022. While there was a transitional period when admins could still re-enable it, I believe that as of 2024 it is only possible to enable basic authentication for SMTP (Microsoft 365 admin portal > Users > Active Users > username > Mail > Manage Email Apps > Authentication SMTP).

Office 365 - Enable Authenticated SMTP
Office 365 – Enable Authenticated SMTP

IMAP now requires modern OAuth authentication without exceptions.

Going back to my client, his email software didn’t support OAuth and was trying to use basic authentication which Microsoft was rejecting. The user didn’t want to use webmail and didn’t have a Microsoft Outlook license (by the way, Microsoft Outlook doesn’t actually support OAuth modern authentication for Office 365 IMAP / SMTP accounts, instead, it uses native Exchange protocol).

The solution was to download and install an up-to-date Thunderbird mail client. Thunderbird supports Microsoft Office 365 IMAP/SMTP accounts with OAuth and even finds all the server details by itself.

Thunderbird's Microsoft Office 365 IMAP Configuration
Thunderbird’s Office 365 IMAP Configuration

You can also use native Exchange / Office 365 protocol, avoiding IMAP/SMTP completely. But this requires a paid add-on (Owl).

Thunderbird - Available Configurations
Thunderbird – Available Configurations

Previous Post
Garmin Edge not recognised by a PC – charge only
Next Post
Adobe Reader quit unexpectedly…

Leave a Comment