Basic Authentication in SMTP is being depracated: What you need to know

With the rapid evolution of cloud technology and the increasing focus on security, Microsoft has been implementing significant changes to its authentication methods. One of the most impactful updates is the deprecation of Basic Authentication in Microsoft SMTP for Exchange Online. This change, set to take effect in September 2025, directly affects users of Dynamics 365 Business Central who rely on SMTP for sending emails through Exchange Online. In this blog, we’ll explore what this deprecation means, why Microsoft is making the change, and how you can adapt.

What is Basic Authentication, and Why is it Being Deprecated?

Basic Authentication is a legacy method that requires users to provide their username and password for authentication. While simple to implement, it doesn’t take much to know that it comes with inherent security vulnerabilities. When you transmit credentials in this manner, you are more susceptible to interception, phishing, and brute-force attacks.

Microsoft has decided to phase out Basic Authentication in favor of modern authentication methods, such as OAuth 2.0, for Exchange Online. These newer protocols are more secure and support advanced features like multi-factor authentication (MFA), conditional access, and token-based access.

For more details, refer to the official Microsoft documentation on Deprecation of Basic Authentication in Exchange Online.

How Does This Impact Business Central?

Business Central users often configure SMTP to send emails directly from the system. With the deprecation of Basic Authentication in Exchange Online, you will no longer be able to authenticate SMTP connections using simple username-password combinations. Instead, you will need to migrate to other email account types (Microsoft 365 current user/Microsoft 365 shared mailbox).

Some of the impacted key scenarios:

• Document handling entries and other documents via email.
• Notifications and alerts sent through SMTP.

Steps to Transition to Modern Authentication

To ensure a seamless transition, there are a couple of steps you need to follow. First, make sure to assess your current configuration – identify all email accounts in Business Central of the account type ‘SMTP’. Then it’s time to create the new configuration. You need to create shared mailbox email accounts to replace the existing SMTP email accounts. You can also create current user email accounts. Lastly, make sure you assign the new configuration. Opening the email scenario list and updating all scenarios with the newly created accounts.

Solution for mailing from Scanning/web services: Starting with 3PL version 25.4 we created a solution to also be able to mail from scanning and web services using a mail queue which is processed by Job Queue entry with code unit 71539683 3PL E-Mail Processing JQ Task. Activate this Job Queue with a user that has permission to send as the shared mailbox.

Benefits of Modern Authentication

Transitioning to the new authentication method may require some effort. However, the benefits too good to pass up:

• Enhanced Security: Token-based authentication reduces the risk of credential compromise.
• Support for MFA: Adds an additional layer of security by requiring secondary verification.
• Future-Proofing: Aligns your business with Microsoft’s long-term authentication roadmap.

Stay secure, stay compliant

The deprecation of Basic Authentication in SMTP for Exchange Online is a crucial step towards a more secure digital ecosystem. By transitioning to modern authentication, you not only comply with Microsoft’s policies but also enhance your digital security.

If you haven’t started preparing for this change, now is the time to act. For detailed guidance, consult Microsoft’s official documentation or reach out to a Business Central consultant to ensure a smooth migration.