TMT Remediation Steps for SMTP AUTH retirement

Microsoft® is retiring Basic Authentication for Client Submission (SMTP AUTH) in Exchange Online, a method currently used by some customers for sending emails directly through Microsoft 365 (Office 365).

Microsoft has announced these dates for the end of SMTP AUTH:

Partial Rejection Begins: March 1, 2026
Complete Retirement (100% rejection): April 30, 2026

Source: Microsoft Exchange Online to retire Basic Auth for Client Submission (SMTP AUTH)

After April 30, 2026, any TMT installation using SMT AUTH with Microsoft 365 will fail when sending email.

Who will be affected by this change?

This change will not affect you if:

You are currently using an IIS 6 SMTP relay server. This has been Trimble’s historical recommendation and is well-documented. No action is required in this scenario.
You have configured Microsoft 365 SMTP relay using a dedicated connector. This method ensures continued service without disruption.

In both of these cases, no immediate action is necessary on your part.

This change will affect you if:

You are using Microsoft 365 (formerly Office 365) SMTP settings directly within TMT. To avoid any disruption to your TMT email services, you must take action to update your setup. It is crucial to address this to maintain seamless operation.

The rest of this topic reviews how to update your setup.

Options for Maintaining Email Functionality

To ensure uninterrupted email delivery from TMT, please select one of the following options before April 30, 2026:

	Option	Required Action	Deadline	Recommendation
1	Use an SMTP Relay	Configure a Microsoft 365 SMTP relay using a dedicated connector, or use IIS6 SMTP Relay to connect to Microsoft 365 securely.	Before March 1, 2026	A technical workaround that entails management overhead.
2	Transition to a third-party provider	Update your email settings within TMT Web to integrate a secure third-party SMTP provider.	Before March 1, 2026	A reliable temporary solution if you cannot implement an upgrade promptly.
3	Upgrade	Upgrade to TMT version 2025.3 or later, which supports the latest Azure Communication Services (ASC).	Before March 1, 2026	Strongly recommended. This represents the most secure and sustainable solution for Microsoft 365.

Option

Required Action

Deadline

Recommendation

Use an SMTP Relay

Configure a Microsoft 365 SMTP relay using a dedicated connector, or use IIS6 SMTP Relay to connect to Microsoft 365 securely.

Before March 1, 2026

A technical workaround that entails management overhead.

Transition to a third-party provider

Update your email settings within TMT Web to integrate a secure third-party SMTP provider.

Before March 1, 2026

A reliable temporary solution if you cannot implement an upgrade promptly.

Upgrade

Upgrade to TMT version 2025.3 or later, which supports the latest Azure Communication Services (ASC).

Before March 1, 2026

Strongly recommended. This represents the most secure and sustainable solution for Microsoft 365.

Option 1: Use an SMTP Relay

If a full upgrade to 2025.3 is not feasible before the deadline, you can configure an SMTP Relay.

Set up an SMTP Relay/Connector with Microsoft 365. However, this method requires a static, non-spam-blocklisted IP address and demands constant attention to maintain your IP’s reputation.
IIS6 SMTP Relay to connect to Microsoft 365 securely. In this implementation, the device or application uses an Exchange Online account to send email to (Microsoft 365 and Internet) recipients just like an email client.

Option 2: Switch to a third-party SMTP Provider

Several large customers have successfully used external SMTP providers such as SMTP2GO. These providers offer robust and reliable transactional email services.

Option 3: Upgrade to TMT 2025.3

Support for Azure Communication Services (ASC), Microsoft’s new required standard, is included in TMT version 2025.3. This upgrade will be available in October/November 2025.

If you choose to upgrade to 2025.3 and use ASC, complete these steps.

Upgrade: Schedule your update to TMT 2025.3 immediately.
Configuration: After the upgrade, you will be required to configure by providing the connection string and the from address fields in the WebConfigSettingBase table. When these are present, Azure Communication Services (Email) will be used in place of the existing SMTP flow. (Web.config, API.config, ReportScheduler.config)
Set up a new service by following the documentation provided by Microsoft (such as Create and manage Email Communication Service resources).
After configuring an ACS instance in your TMT Web application, go to Menu > Configuration > Settings Manager > Misc Info > Mail Settings.
Select the checkbox to enable Azure Communication Services.
Paste the connection string directly as copied from the ACS instance on the Azure Portal.
Select Save to apply the settings. This will now cause the application (system-wide) to use ACS instead of SMTP whenever sending email.
Select Test and provide the required information to send a quick test email to confirm the settings.

Note: The FROM address must be one that Azure will allow sending from; that is, it must match the domain configured in ACS.
If you intend to use a verified domain, there is a process to use custom self-hosted domains. Information must be provided to have this configured by the domain administrators.

For more information, see the How to set up a multifunction device or application to send email using Microsoft 365 or Office 365. This document explains how to set up a multifunction device or application to send email using Microsoft 365 or Office 365.

This change only affects customers using Microsoft 365 who email from TMT Products. Customers using an on-premises mail server or an existing third-party solution should consult their mail provider for any changes to Basic Auth support.

Need Help?

If you’re unsure whether this applies to you or want guidance on the best path forward, please contact [email protected] immediately.