Skip to main content

Hello :)

We have a setup where a custom Email is used for recruiting and it worked fine for some time, but since about a week ago it doesn’t anymore. Looking through the error message it states that the SMTP Authentication is not working. I’ve checked the help article for this an have gone through every step to make sure all the requirements are fulfilled.
Things I’ve done include:
-Turning off 2FA
-Setting a new password for the user
-Setting up an App password for authentication
-Making sure that SMTP Auth is activated in M365 for this account
-Checked all SMTP settings in Personio


Unfortunately every test fails and comes back with the same error message:
Failed to authenticate on SMTP server with username "jobs@contoso.com" using the following authenticators: "LOGIN", "XOAUTH2". Authenticator "LOGIN" returned "Expected response code "235" but got code "535", with message "535 5.7.139 Authentication unsuccessful, user is locked by your organization's security defaults policy. Contact your administrator. rFR4P281CA0258.DEUP281.PROD.OUTLOOK.COM 2024-04-09T10:33:16.563Z 08DC5823B49B5080]".". Authenticator "XOAUTH2" returned "Expected response code "235" but got code "535", with message "535 5.7.3 Authentication unsuccessful eFR4P281CA0258.DEUP281.PROD.OUTLOOK.COM 2024-04-09T10:33:26.866Z 08DC5823B49B5080]".".

Judging from the error message the default security policy is causing this error, as Microsoft disabled the legacy auths a while ago, but the option to enable SMTP Auth for selected mailboxes is still shown and enabled. Do I really have to disable the default security policy for this to work?

Would be very happy for any tip or insight about this topic that you might have!

Best regards,
Leo

Hey @CloudRebels 

Welcome to the Personio Community, we are thrilled to see you here 🎊 🥳. I am happy to support you with your inquiry.

I am providing steps that were given to another customer with a similar issue to yours, please follow them in order for the SMTP to work successfully:

  1. Disable the Security Default settings in Azure AD (find the description also here Security defaults in Azure AD):
    1. Sign in to the Azure portal as a security administrator, Conditional Access administrator, or global administrator.
    2. Browse to Azure Active Directory > Properties.
    3. Select Manage security defaults.
    4. Set the Enable security defaults toggle to Yes.
    5. Select Save.
  2. Make sure that Basic Auth is allowed for SMTP via the Org settings (find a description here Disable Basic authentication in Exchange Online):
    1. In the Microsoft 365 admin center at https://admin.microsoft.com, go Settings > Org Settings > Modern Authentication.
    2. In the Modern authentication flyout that appears, make sure that Basic authentication is enabled for SMTP.
  3. Make sure that Basic Auth is enabled for the specific account:
    1. To do so, login to the Microsoft 365 Admin center.
    2. Go to Users > Active users and choose the respective account.
    3. Click on the Account > Mail > Manage email apps and make sure Authenticated SMTP is ticked.

Please note that there could be more settings like Conditional Access settings that prevent the connection from being established.

If after taking these steps you still run into problems, I would suggest having your Account Owner reaching out to our support team.

Please let me know if I can be of further assistance.

Best,

Conor


Your reply