Exchange Online will retire SMTP AUTH Basic Authentication by default starting December 2026, with OAuth as the supported method. Basic Auth removal is on hold until 2027, when a final date will be announced. Administrators can enable Basic Auth temporarily, but should prepare to switch to OAuth or alternatives.
Applies to: Exchange Online
Source: mc.merill.net — data via Merill Fernando's open archive (MIT).