Product Feature Requests > Feature Requests for TeraStation or LinkStation

Modern Email Authentication Support (Oauth2)

(1/1)

Agrathane:
Hi there,

Microsoft is starting to move its Exchange Online / hybrid users into using modern authentication (Oauth2) instead of (pop, imap, or SMTP) in an attempt to reduce DDoS attacks that leverage false user accounts or password attempts.

https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online
" effective October 1, 2022, [Microsoft] will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used. ...There is no plan for Outlook clients to support OAuth2.0 for POP and IMAP, but Outlook can connect use MAPI/HTTP (Windows clients) and EWS (Outlook for Mac)."

In consideration of devices usually "adapt" by by being replaced (like printers etc) Microsoft said that they would only disable SMTP if it was not in use. (I'm not clear on how Microsoft determines that, how they will execute that, or how granular the disabling of SMTP might be. Ex: account by account vs invalidating using the SMTP service on the certificate for the whole Organization.)

Please look into updating your storage products so that they support "modern email authentication" like Oauth2.0

There may be an app by app work around here: "If your in-house application needs to access IMAP, POP and SMTP AUTH protocols in Exchange Online, follow these step-by-step instructions to implement OAuth 2.0 authentication: Authenticate an IMAP, POP, or SMTP connection using OAuth." https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth     

Navigation

[0] Message Index