MFP needs to email but M365 refuses the login
Microsoft deprecated basic auth for SMTP AUTH. An MFP that doesn't speak OAuth2 needs an SMTP relay. For M365 that's High-Volume Email (HVE) or your own relay server.
Try this first
- 1First check whether the MFP supports modern auth (OAuth2). Recent HP, Canon, Ricoh, Konica Minolta and Xerox firmwares do. Sometimes you have to bump firmware a few versions.
- 2If OAuth doesn't work, use Microsoft High-Volume Email (smtp-hve.office365.com, port 587, TLS). Multiple mailboxes per org allowed; a separate service account per MFP is cleaner.
- 3Alternative: an internal SMTP relay (Windows IIS SMTP, Postfix on a Linux VM, or SaaS like SendGrid or Mailgun). MFP mails to the relay, the relay sends out for you.
- 4Set SPF, DKIM and DMARC on the sending domain. Otherwise scan-to-email lands in spam at external recipients.
- 5Restrict IPs allowed to relay, so the relay isn't open to the world. Open SMTP relay is old abuse that still happens.
When to bring us in
Setting up an SMTP relay with SPF, DKIM, DMARC and IP restrictions is a morning's work. We often combine it with checking M365 mail delivery in one pass.
See also
- Printer suddenly not foundFor everyone at once: print server or network. For one person: local Windows driver or expired authorisation.
- Print job stuck in queue, nothing happensA stuck queue blocks all subsequent prints. Cleaning takes two minutes.
- Scanner no longer sends emails (scan-to-email)Almost always: the account the scanner uses had its password expire, or the mail provider blocks old protocols.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.