Info
Content

Microsoft email configuration

1. Enable “Authenticated SMTP” for the mailbox

Open the Microsoft 365 Admin Center: https://admin.microsoft.com

Steps to enable Authenticated SMTP

image-1764062017876.png

  1. In the left menu, click Users → Active users.
  2. Click on the user/mailbox you will use for CLOUDEX TMS.
  3. In the user details pane, go to the Mail tab.
  4. Click Manage email apps (or Email apps).
  5. In the list of email apps, find Authenticated SMTP and make sure the checkbox or toggle is ON / enabled.
  6. Click Save.
⚠️

2. Create an app password (if MFA is enabled)

If Multi-Factor Authentication (MFA) is enabled for the mailbox you use (recommended), SMTP cannot use your normal password. In that case you must create a special app password and use it in CLOUDEX TMS.

🔐
If MFA is not enabled for this user, you can use the normal account password instead of an app password. However, using MFA + app password is more secure and recommended.

Instruction to generate an app password

https://doc.ozols.lv/books/ozols-tms-english/page/8-e-mail-server-configuration-for-work-with-ozols-tms

❗ What to do if “Authenticated SMTP” switch does NOT appear

  1. Turn off Checkbox "Turn off SMTP AUTH protocol for your organization""
  2. Turn on use of old legacy TLS clients.
  3. After enabling, wait 3–5 minutes, then check the user mailbox again.

image-1764064038680.png

Confirm the mailbox type (SMTP is NOT available for some accounts)

The Authenticated SMTP switch is available ONLY for:

  • User mailboxes with Exchange Online Plan 1 or 2

  • Shared mailboxes

  • Microsoft 365 E3/E5 Business Standard/Business Premium accounts

It will NOT appear for:

❌ Mailboxes with no Exchange license
❌ Accounts converted to Microsoft 365 Groups
❌ Mailboxes that were soft-deleted or recently restored
❌ Resource mailboxes (Room / Equipment)

How to check:

In Microsoft 365 Admin Center:

Users → Active users → Select user → Licenses and Apps

Make sure:
Exchange Online is enabled

If Exchange Online is missing → SMTP will NOT be available.

Ensure modern authentication SMTP is not forced

Microsoft sometimes blocks SMTP for users with strict conditional access.

Check these items:

  • Conditional Access policy requiring MFA for all protocols

  • Legacy auth blocked at the tenant level

  • Security defaults enabled (this disables SMTP)

To check Security Defaults:

  1. Go to Azure Portal
    https://portal.azure.com

  2. Search for Azure Active Directory

  3. Open Properties

  4. Click Manage Security Defaults

  5. If Security defaults = Enabled, you must turn it OFF to allow SMTP.

After disabling, wait up to 15 minutes, then check Manage Email Apps again.

If none of the above works – your tenant may have SMTP permanently disabled

Microsoft has been turning off SMTP AUTH for security reasons.
Admins must manually re-enable it per mailbox.

To force-enable for a specific mailbox (Admin only):

  1. Go to:
    https://admin.exchange.microsoft.com

  2. Navigate to:
    Users → Active Users → select user → Mail → Email apps → Manage

  3. If still missing, enable via PowerShell:

Set-CASMailbox -Identity user@domain.com -SmtpClientAuthenticationEnabled $true

(Admins only — if customer cannot run PowerShell, you can give them this line to pass to their IT provider.)

Summary: Why SMTP may not appear

Reason Solution
Tenant-wide SMTP disabled Enable under Exchange Admin Center → Settings → Mail flow
New UI hides the option Use Classic Exchange Admin Center (ECP)
No Exchange Online license Add a license
Security Defaults enabled Disable Security Defaults
Legacy auth blocked by Conditional Access Update policies
Mailbox type unsupported Use a licensed user or shared mailbox
Needs PowerShell Run Set-CASMailbox
Back to top