59439 – Securing SMTP Authenticated Submissions – Per Mailbox and By Default

Microsoft Exchange Logo

check before: 2020-11-30




Please log-in or
get a plan


World tenant, Online



We're kicking off a multi-phased effort to better secure SMTP authenticated submissions. SMTP authenticated submission is commonly used by applications or devices (printers, scanners, etc.) to submit email into the Office 365 service. It only requires login credentials, and doesn't support modern authentication. So this leaves any account that's using SMTP authenticated submission more vulnerable to abuse and hacking than accounts that exclusively use the other protocols that do support modern authentication. Last year we introduced Remote PowerShell cmdlets to disable SMTP authenticated submission for your entire organization or for individual mailboxes, and recently we released a switch in the Exchange Admin Center (EAC) to toggle it off for individual mailboxes. In Q2 CY 2020 we'll start to disable it for existing Office 365 organizations who aren't using SMTP Authenticated Submission at all, and starting in Q4 CY 2020 we'll start to judiciously disable it for existing organizations in Office 365 who have it enabled for some mailboxes, working closely with them to transition away from this less secure protocol while ensuring the continuity of their critical business email workflows.

Change Category:
Please log-in or
get a plan

In development

General Availability



Change type:

task type:

an advanced plan is required to see all details

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose for a plan.

more to explore