Now that Basic Auth is essentially dead in o365* (and dead for me since this week as I have just discovered our IT department have disabled for all accounts) I wonder whether there is any plan to support other auth methods for email sending?
I know it’s possible to set up with AWS/SES/Sendgrid etc, but in my experience on other projects this is a real headache and often leads to messages being classified as spam, which is a shame given this is essentially all internal traffic anyway.
Is there a recommended way of doing this for mostly-MS-based orgs previously or currently using o365 SMTP accounts?
SMTP AUTH will still be available when Basic authentication is permanently disabled on October 1, 2022.
So, you should be able to change to SMTP Auth by adding an additional env variable to app.yml.
DISCOURSE_SMTP_AUTHENTICATION: cram_md5
In addition to that I think you will need to use the MD5 hash of the SMTP password as value of the DISCOURSE_SMTP_PASSWORD setting. Rebuild the Docker container after those changes and give it a try.
It’s available in theory but disabled for tenants “who don’t use it” which in practice means an IT department needs to manually specify a new policy to allow it. I think that’s likely to be a non-starter for us, but will make some requests. For info, this is the default response from smtp server now:
Just for reference… this definitely doesn’t work with what I think are the MS-recommended tenant settings for 0365 implemented at my institution.
It’s a real pain for us that Discourse doesn’t/can’t support OATH for mail sending. We have set up sending through AWS but are having lots of mail delivery issues and really just wish we could keep things simple by using existing mail provider. Ditto for accessing an inbox.