Microsoft has announced that as of October 1, 2022, they have begun the process of removing basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.
For more information on this announcement, see this article.
How does this affect Cymulate users?
Cymulate users that have configured the SMTP connection via Office365 basic authentication will need to reconfigure the SMTP connection. The previous Office365 option which supported basic authentication has been removed, and the Office365MFA option, which supports all Office365 accounts, has been renamed Office365.
For more information on configuring the Office365 connection, see Connecting Office365 - Setting up the SMTP connection with the admin consent process.
If the Cymulate agent has been allowed access via the Microsoft device login consent process, but you are still having issues connecting, it may be due to use of Azure AD's Tenant Restrictions feature. For more information on solving this connection issue, see this article.
The permission scopes requested by the Cymulate agent are:
- offline_access
- User.read
- Mail.read
- Mail.send
- Mail.readwrite
For more information on configuring email settings in non-service-based agents, see: