How to allow legacy TLS SMTP clients in Exchange Online

Case



Microsoft has announced in 2021 that they are deprecating TLS 1.0 and TLS 1.1 support from Office 365 and Microsoft 365 products and services: https://docs.microsoft.com/en-us/microsoft-365/compliance/prepare-tls-1.2-in-office-365?view=o365-worldwide. As a result all software vendors developing client applications which interface with Office 365 via the Office 365 API, the Microsoft Graph API or via SMTP Auth need to update their code base to support TLS 1.2 at minimum. For the vendors and applications which still cannot officially support TLS 1.2 there may be an interim solution. Read this article to find out how you can enable legacy TLS protocol version support for Office 365.



Solution



First off, you will need to enable the "AllowLegacyTLSClients" property of the Exchange Online organization via the Get-TransportConfig Powershell cmdlet. This also assumes that you have enabled SMTP Auth for your mailbox. After connecting to Exchange Online with Powershell, run the following cmdlet against your Exchange Online organization:



Get-TransportConfig | Format-List AllowLegacyTLSClients



After the "AllowLegacyTLSClients" property has been enabled and SMTP Auth is enabled, you will need to configure your SMTP client to connect to Microsoft 365 via any applicable method as explained in https://stefanos.cloud/kb/how-to-connect-to-exchange-online-mailboxes-from-any-endpoint/. However if you choose option 1, i.e. the SMTP Auth client submission method, instead of smtp.office365.com you need to define smtp-legacy.office365.com as being your SMTP server.


https://stefanos.cloud/kb/how-to-allow-legacy-tls-smtp-clients-in-exchange-online/

Comments

Popular posts from this blog

How to perform hardware health checks in Windows

How to resolve Group Policy error codes 8007071a and 800706ba

FsLogix 2201 Public Preview release