Office 365 SMTP Relay Stopped Working!

In October 2020 support for TLS 1.0 and 1.1 in Exchange Online ended, however, Microsoft allowed clients to keep using the SMTP AUTH endpoint (smtp.office365.com). But now that its a brand new year Microsoft’s plan is to disable that usage in order to meet security and compliance requirements.

So what will this look like if your device only supports TLS 1.0 or 1.1 and can no longer access smtp.office365.com?

Well whatever service relies on mail being sent to Office 365 will fail. For example; if you have a service that is supposed to deliver Voice Mails to Outlook those voicemails will not reach outlook because the “service account” you have configured for authentication is being prevented from using smtp.office365.com.

But wait, customers that have SMTP AUTH clients that only support older TLS versions can use a “legacy” endpoint provided by Microsoft. Your organization will need to “opt into” this using PowerShell and your SMTP AUTH clients will need to start using smtp-legacy.office365.com going forward.

Full article from Microsoft explaining how to accomplish this.

Opt in to using legacy endpoint

This requires that you connect to Exchange Online Powershell

Set-TransportConfig -AllowLegacyTLSClients $true

Once the above configuration has been set you will then need to configure your SMTP AUTH client to use smtp-legacy.office365.com.