{"id":14694,"date":"2026-01-28T06:01:08","date_gmt":"2026-01-27T21:01:08","guid":{"rendered":"https:\/\/m365jp.net\/?p=14694"},"modified":"2026-01-28T06:04:50","modified_gmt":"2026-01-27T21:04:50","slug":"mc786329-updated-exchange-online-to-retire-basic-auth-for-client-submission-smtp-auth-3","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2026-01-28-mc786329-updated-exchange-online-to-retire-basic-auth-for-client-submission-smtp-auth-3","title":{"rendered":"MC786329 | (Updated) Exchange Online to retire Basic Auth for Client Submission (SMTP AUTH)"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">MC786329 | (Updated) Exchange Online to retire Basic Auth for Client Submission (SMTP AUTH)<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Classification<\/th>\n<td>planForChange<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>01\/27\/2026 20:11:01<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>04\/26\/2024 00:16:47<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>03\/30\/2026 08:00:00<\/td>\n<\/tr>\n<tr>\n<th>Message Content<\/th>\n<td>\n<p>Updated January 27, 2026: Based on customer feedback and visibility into adoption progress, we are refining the Exchange Online SMTP AUTH Basic Authentication Deprecation timeline to provide clearer milestones and additional runway.<\/p>\n<ul>\n<li>Now to December 2026: SMTP AUTH Basic Authentication behavior remains unchanged.<\/li>\n<li>End of December 2026: SMTP AUTH Basic Authentication will be disabled by default for existing tenants. Administrators will still be able to enable it if needed.  <\/li>\n<li>New tenants created after December 2026: SMTP AUTH Basic Authentication will be unavailable by default. OAuth will be the supported authentication method.  <\/li>\n<li>Second half of 2027: Microsoft will announce the final removal date for SMTP AUTH Basic Authentication.  <\/li>\n<\/ul>\n<p>We will provide detailed information in a follow up Message Center Post.   <\/p>\n<p>Updated October 18, 2024: We have updated the SMTP AUTH Clients Submission Report in the Exchange admin center, adding the Authentication Protocol column to show if Basic auth or OAuth is being used to submit email to Exchange Online. The data will build   up over the next 90 days. Thank you for your patience.<\/p>\n<p>The SMTP AUTH Basic Authentication Deprecation has been put on hold. In 2027, Microsoft will announce the final removal date for SMTP AUTH Basic Authentication.<\/p>\n<p>Once Basic Auth is removed from SMTP AUTH, applications and devices will no longer be able to use Basic auth as an authentication method and must use OAuth when using SMTP AUTH to send email.<\/p>\n<p>Basic auth is a legacy authentication method that sends usernames and passwords in plain text over the network. This makes it vulnerable to credential theft, phishing, and brute force attacks.&nbsp;<\/p>\n<p>[When this will happen:]  <\/p>\n<p>The removal of Basic Auth from SMTP AUTH Client Submission has been put on hold&nbsp;(previously beginning March 1st, 2026, and completing April 30th, 2026).&nbsp;<\/p>\n<p>[How this will affect your organization:]  <\/p>\n<p>The SMTP AUTH Clients Submission Report in the Exchange admin center has been updated to show if Basic auth or OAuth is being used to submit email to Exchange Online.&nbsp;<\/p>\n<p>The removal of Basic Auth from SMTP AUTH Client Submission has been put on hold&nbsp;(previously beginning March 1st, 2026, and completing April 30th, 2026).<\/p>\n<p>[What you need to do to prepare:]<\/p>\n<p>  <\/p>\n<p>The removal of Basic Auth from SMTP AUTH Client Submission has been put on hold&nbsp;(previously beginning March 1st, 2026, and completing April 30th, 2026)<\/p>\n<p>If your client supports OAuth, follow these steps: <a href=\"https:\/\/learn.microsoft.com\/exchange\/client-developer\/legacy-protocols\/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth\" target=\"_blank\">  Authenticate an IMAP, POP or SMTP connection using OAuth<\/a>  <\/p>\n<p>If your client doesn\u2019t support OAuth and you must use Basic Auth with Client Submission (SMTP AUTH), you will need to switch to one of the following alternatives following the timeline that will be announced in 2027 (previously April 2026):<\/p>\n<p>\u2022 If you are using basic authentication with Client Submission (SMTP AUTH) to send emails to recipients internal to your tenant, you can use Microsoft 365 High Volume Email. Please visit this site to learn more:  <a href=\"https:\/\/learn.microsoft.com\/Exchange\/mail-flow-best-practices\/high-volume-mails-m365\" target=\"_blank\">  Manage high volume emails for Microsoft 365 Public preview<\/a><\/p>\n<p>\u2022 If you have an Exchange Server on-premises in a hybrid configuration, you can use Basic auth to authenticate with the Exchange Server on-premises or configure the Exchange Server on-premises with a Receive connector that allows anonymous relay on Exchange   servers. Please visit this site to learn more: <a href=\"https:\/\/learn.microsoft.com\/exchange\/mail-flow\/connectors\/allow-anonymous-relay?view=exchserver-2019\" target=\"_blank\">  Allow anonymous relay on Exchange servers<\/a>  <\/p>\n<p>Regardless of the volume of email, if you must use Basic auth to send email with Exchange Online, then you must use one of the alternatives or a 3P solution.  <\/p>\n<p>We understand that this change requires some adjustments, but we believe that this is a necessary step to enhance the security and reliability of our email service and your data.  <\/p>\n<p>  <\/p>\n<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td>\n<p>2026\u5e741\u670827\u65e5\u66f4\u65b0:\u9867\u5ba2\u304b\u3089\u306e\u30d5\u30a3\u30fc\u30c9\u30d0\u30c3\u30af\u3068\u5c0e\u5165\u9032\u6357\u306e\u53ef\u8996\u5316\u306b\u57fa\u3065\u304d\u3001Exchange Online SMTP AUTH \u57fa\u672c\u8a8d\u8a3c\u5ec3\u6b62\u30bf\u30a4\u30e0\u30e9\u30a4\u30f3\u3092\u6d17\u7df4\u3055\u305b\u3001\u3088\u308a\u660e\u78ba\u306a\u30de\u30a4\u30eb\u30b9\u30c8\u30fc\u30f3\u3068\u8ffd\u52a0\u306e\u30e9\u30f3\u30a6\u30a7\u30a4\u3092\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<ul>\n<li>2026\u5e7412\u6708\u6642\u70b9\u3067\u3001SMTP AUTH Basic Authentication\u306e\u6319\u52d5\u306f\u5909\u308f\u308a\u307e\u305b\u3093\u3002<\/li>\n<li>2026\u5e7412\u6708\u672b:\u65e2\u5b58\u30c6\u30ca\u30f3\u30c8\u3067\u306fSMTP AUTH\u57fa\u672c\u8a8d\u8a3c\u304c\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u7121\u52b9\u3068\u306a\u308a\u307e\u3059\u3002\u7ba1\u7406\u8005\u306f\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u6709\u52b9\u306b\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/li>\n<li>2026\u5e7412\u6708\u4ee5\u964d\u306b\u4f5c\u6210\u3055\u308c\u305f\u65b0\u898f\u30c6\u30ca\u30f3\u30c8:SMTP AUTH \u57fa\u672c\u8a8d\u8a3c\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u5229\u7528\u3067\u304d\u307e\u305b\u3093\u3002OAuth\u306f\u5bfe\u5fdc\u3055\u308c\u308b\u8a8d\u8a3c\u65b9\u6cd5\u3067\u3059\u3002<\/li>\n<li>2027\u5e74\u5f8c\u534a:Microsoft\u306fSMTP AUTH Basic Authentication\u306e\u6700\u7d42\u89e3\u9664\u65e5\u3092\u767a\u8868\u3057\u307e\u3059\u3002<\/li>\n<\/ul>\n<p>\u8a73\u7d30\u306f\u30d5\u30a9\u30ed\u30fc\u30a2\u30c3\u30d7\u306e\u30e1\u30c3\u30bb\u30fc\u30b8\u30bb\u30f3\u30bf\u30fc\u6295\u7a3f\u3067\u3054\u63d0\u4f9b\u3044\u305f\u3057\u307e\u3059\u3002<\/p>\n<p>2024\u5e7410\u670818\u65e5\u66f4\u65b0:Exchange\u7ba1\u7406\u30bb\u30f3\u30bf\u30fc\u306eSMTP AUTH Client\u63d0\u51fa\u30ec\u30dd\u30fc\u30c8\u3092\u66f4\u65b0\u3057\u3001Basic authentication\u307e\u305f\u306fOAuth\u3067Exchange Online\u3078\u306e\u30e1\u30fc\u30eb\u9001\u4fe1\u304c\u884c\u308f\u308c\u3066\u3044\u308b\u304b\u3092\u793a\u3059\u8a8d\u8a3c\u30d7\u30ed\u30c8\u30b3\u30eb\u6b04\u3092\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002\u30c7\u30fc\u30bf\u306f\u4eca\u5f8c90\u65e5\u9593\u3067\u84c4\u7a4d\u3055\u308c\u307e\u3059\u3002\u3054\u8f9b\u62b1\u3044\u305f\u3060\u304d\u3042\u308a\u304c\u3068\u3046\u3054\u3056\u3044\u307e\u3059\u3002<\/p>\n<p>SMTP AUTH \u57fa\u672c\u8a8d\u8a3c\u306e\u975e\u63a8\u5968\u306f\u4fdd\u7559\u3055\u308c\u3066\u3044\u307e\u3059\u30022027\u5e74\u306bMicrosoft\u306fSMTP AUTH Basic Authentication\u306e\u6700\u7d42\u524a\u9664\u65e5\u3092\u767a\u8868\u3059\u308b\u4e88\u5b9a\u3067\u3059\u3002<\/p>\n<p>SMTP\u8a8d\u8a3c\u304b\u3089\u57fa\u672c\u8a8d\u8a3c\u304c\u524a\u9664\u3055\u308c\u308b\u3068\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3084\u30c7\u30d0\u30a4\u30b9\u306f\u8a8d\u8a3c\u624b\u6bb5\u3068\u3057\u3066\u57fa\u672c\u8a8d\u8a3c\u3092\u4f7f\u7528\u3067\u304d\u306a\u304f\u306a\u308a\u3001SMTP AUTH\u3067\u30e1\u30fc\u30eb\u3092\u9001\u4fe1\u3059\u308b\u969b\u306b\u306fOAuth\u3092\u4f7f\u7528\u3057\u306a\u3051\u308c\u3070\u306a\u308a\u307e\u305b\u3093\u3002<\/p>\n<p>\u57fa\u672c\u8a8d\u8a3c\u306f\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u4e0a\u3067\u30e6\u30fc\u30b6\u30fc\u540d\u3068\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5e73\u6587\u3067\u9001\u4fe1\u3059\u308b\u30ec\u30ac\u30b7\u30fc\u8a8d\u8a3c\u65b9\u6cd5\u3067\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u8a8d\u8a3c\u60c5\u5831\u306e\u76d7\u96e3\u3001\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u3001\u7dcf\u529b\u653b\u6483\u306b\u5bfe\u3057\u3066\u8106\u5f31\u306b\u306a\u308a\u307e\u3059\u3002&nbsp;<\/p>\n<p>[\u3044\u3064\u8d77\u3053\u308b\u304b:]<\/p>\n<p>SMTP AUTH \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u63d0\u51fa\u304b\u3089\u306e\u57fa\u672c\u8a8d\u8a3c\u306e\u524a\u9664\u306f\u4fdd\u7559\u3055\u308c\u3066\u3044\u307e\u3059&nbsp;(\u4ee5\u524d\u306f2026\u5e743\u67081\u65e5\u304b\u30892026\u5e744\u670830\u65e5\u306b\u5b8c\u4e86)\u3002&nbsp;<\/p>\n<p>[\u3053\u308c\u304c\u3042\u306a\u305f\u306e\u7d44\u7e54\u306b\u3069\u306e\u3088\u3046\u306a\u5f71\u97ff\u3092\u4e0e\u3048\u308b\u304b:]<\/p>\n<p>Exchange\u7ba1\u7406\u30bb\u30f3\u30bf\u30fc\u306eSMTP AUTH\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u9001\u4fe1\u30ec\u30dd\u30fc\u30c8\u306f\u3001Exchange Online\u3078\u306e\u30e1\u30fc\u30eb\u9001\u4fe1\u306bBasic auths\u304bOAuth\u304b\u3092\u793a\u3059\u3088\u3046\u306b\u66f4\u65b0\u3055\u308c\u307e\u3057\u305f\u3002&nbsp;<\/p>\n<p>SMTP AUTH \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u63d0\u51fa\u304b\u3089\u306e\u57fa\u672c\u8a8d\u8a3c\u306e\u524a\u9664\u306f\u4fdd\u7559\u3055\u308c\u3066\u3044\u307e\u3059&nbsp;(\u4ee5\u524d\u306f2026\u5e743\u67081\u65e5\u304b\u30892026\u5e744\u670830\u65e5\u306b\u5b8c\u4e86)\u3002<\/p>\n<p>[\u6e96\u5099\u306e\u305f\u3081\u306b\u3084\u308b\u3079\u304d\u3053\u3068:]<\/p>\n<p>  <\/p>\n<p>SMTP AUTH \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u63d0\u51fa\u304b\u3089\u306e\u57fa\u672c\u8a8d\u8a3c\u306e\u524a\u9664\u306f\u4fdd\u7559\u3055\u308c\u3066\u3044\u307e\u3059&nbsp;(\u4ee5\u524d\u306f2026\u5e743\u67081\u65e5\u304b\u30892026\u5e744\u670830\u65e5\u307e\u3067\u7d42\u4e86)<\/p>\n<p>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304cOAuth\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u4ee5\u4e0b\u306e\u624b\u9806\u306b\u5f93\u3063\u3066\u304f\u3060\u3055\u3044: <a href=\"https:\/\/learn.microsoft.com\/exchange\/client-developer\/legacy-protocols\/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth\" target=\"_blank\">  OAuth\u3092\u4f7f\u3063\u3066IMAP\u3001POP\u3001\u307e\u305f\u306fSMTP\u63a5\u7d9a\u3092\u8a8d\u8a3c\u3057\u307e\u3059<\/a>  <\/p>\n<p>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304cOAuth\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u3066\u304a\u3089\u305a\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u63d0\u51fa\u6642\u306e\u57fa\u672c\u8a8d\u8a3c(SMTP AUTH)\u3092\u4f7f\u308f\u306a\u3051\u308c\u3070\u306a\u3089\u306a\u3044\u5834\u5408\u30012027\u5e74\u306b\u767a\u8868\u3055\u308c\u308b\u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u306b\u5f93\u3063\u3066\u3001\u4ee5\u4e0b\u306e\u3044\u305a\u308c\u304b\u306e\u4ee3\u66ff\u624b\u6bb5\u306b\u5207\u308a\u66ff\u3048\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059(\u4ee5\u524d\u306f2026\u5e744\u6708\u4ee5\u964d)\u3002<\/p>\n<p>. \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u9001\u4fe1(SMTP AUTH)\u3067\u30c6\u30ca\u30f3\u30c8\u5185\u306e\u53d7\u4fe1\u8005\u306b\u30e1\u30fc\u30eb\u3092\u9001\u4fe1\u3059\u308b\u57fa\u672c\u7684\u306a\u8a8d\u8a3c\u3092\u4f7f\u3063\u3066\u3044\u308b\u5834\u5408\u306f\u3001Microsoft 365 High Volume Email\u3092\u5229\u7528\u3067\u304d\u307e\u3059\u3002\u8a73\u3057\u304f\u306f\u3053\u3061\u3089\u306e\u30b5\u30a4\u30c8\u3092\u3054\u89a7\u304f\u3060\u3055\u3044:  <a href=\"https:\/\/learn.microsoft.com\/Exchange\/mail-flow-best-practices\/high-volume-mails-m365\" target=\"_blank\">  Microsoft 365\u30d1\u30d6\u30ea\u30c3\u30af\u30d7\u30ec\u30d3\u30e5\u30fc\u306e\u5927\u91cf\u30e1\u30fc\u30eb\u7ba1\u7406<\/a><\/p>\n<p>. \u30cf\u30a4\u30d6\u30ea\u30c3\u30c9\u69cb\u6210\u306e\u30aa\u30f3\u30d7\u30ec\u30df\u30b9\u306bExchange Server\u304c\u3042\u308b\u5834\u5408\u3001Basic auth\u3092\u4f7f\u3063\u3066\u30aa\u30f3\u30d7\u30ec\u30df\u30b9\u306eExchange\u30b5\u30fc\u30d0\u30fc\u3068\u8a8d\u8a3c\u3059\u308b\u304b\u3001Exchange\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u533f\u540d\u30ea\u30ec\u30fc\u3092\u53ef\u80fd\u306b\u3059\u308bReceive\u30b3\u30cd\u30af\u30bf\u30fc\u3067\u30aa\u30f3\u30d7\u30ec\u30df\u30b9\u30b5\u30fc\u30d0\u30fc\u3092\u8a2d\u5b9a\u3067\u304d\u307e\u3059\u3002\u8a73\u7d30\u306f\u3053\u3061\u3089\u306e\u30b5\u30a4\u30c8\u3092\u3054\u89a7\u304f\u3060\u3055\u3044:  <a href=\"https:\/\/learn.microsoft.com\/exchange\/mail-flow\/connectors\/allow-anonymous-relay?view=exchserver-2019\" target=\"_blank\">  Exchange\u30b5\u30fc\u30d0\u30fc\u3067\u533f\u540d\u4e2d\u7d99\u3092\u8a31\u53ef\u3059\u308b<\/a>  <\/p>\n<p>\u30e1\u30fc\u30eb\u306e\u91cf\u306b\u95a2\u308f\u3089\u305a\u3001Exchange Online\u3067\u30e1\u30fc\u30eb\u3092\u9001\u4fe1\u3059\u308b\u306e\u306bBasic Auth\u3092\u4f7f\u3046\u5fc5\u8981\u304c\u3042\u308b\u5834\u5408\u306f\u3001\u4ee3\u66ff\u624b\u6bb5\u304b3P\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u306e\u3044\u305a\u308c\u304b\u3092\u4f7f\u3046\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u5909\u66f4\u306b\u306f\u591a\u5c11\u306e\u8abf\u6574\u304c\u5fc5\u8981\u3067\u3042\u308b\u3053\u3068\u306f\u7406\u89e3\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u5f53\u793e\u306e\u30e1\u30fc\u30eb\u30b5\u30fc\u30d3\u30b9\u3068\u304a\u5ba2\u69d8\u306e\u30c7\u30fc\u30bf\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3068\u4fe1\u983c\u6027\u3092\u9ad8\u3081\u308b\u305f\u3081\u306b\u306f\u5fc5\u8981\u306a\u30b9\u30c6\u30c3\u30d7\u3060\u3068\u8003\u3048\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>  <\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>MC786329 | (Updated) Exchange Online to retire Basic Auth for Client Submission (SMTP AUTH) Classification pla [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14694","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/14694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=14694"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/14694\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=14694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=14694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=14694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}