BYO SMTP Not working with office 365

I’m having a hard time getting SMTP to work with my Office 365 account I keep getting a error that says

“SMTP Is marked as readonly” So far no help from support.

Ideas? I’ve already posted this topic on the facebook group

I am having the same issue.

We are having the same issue here.

I was able to get it working by using smtp2go.

John Hansman | CEO - President

phone: 360-208-1082

email: john@truit.io

website: truit.io

D: 360-208-1061

|

• |

IMPORTANT: The contents of this email and any attachments are confidential. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. |

• |

|

• |

SMTP2GO is really good

+1 on SMTP2GO - free to start with, and well worth the cost if you go over the free limit.

Works fine for us. We had no choice but use SMTP.

In newer 0365 tenants smtp auth is turned off by default. go to user, mail tab, then manage email and turn on smtp auth

I did that and still has a problem

John Hansman | CEO - President

phone: 360-208-1082

email: john@truit.io

website: truit.io

D: 360-208-1061

|

• |

IMPORTANT: The contents of this email and any attachments are confidential. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. |

• |

|

• |

Same issue. There was another thread at SettingStore::Smtp is marked as readonly but looks like Syncro deleted it? Are they censoring threads here now??

I was able to get this working. While not the ideal

The issue was due to Microsoft Conditional access rules “Security Defaults”
If you were to check in Azure AD under Users > Specific User > Signin Logs
you will prob find this error “Access has been blocked by Conditional Access policies. The access policy does not allow token issuance”

So I have disabled Security Defaults - Providing a default level of security in Azure Active Directory - Microsoft Entra | Microsoft Learn

Then created my own Conditional Access rules.

This is not the ideal, however it is a workable solution

@luckman212, I restored the topic.

Logs show I deleted it, but there’s nothing in the thread breaking the guidelines.
I apologize. The deletion wasn’t intentional.

Ah, yes great catch and makes 100% sense since the new default is to block smtp Auth ( legacy) with this said I wonder if Syncro is going to add modern authentication for byosmtp? . I know at some point Microsoft is going to disable it permanently.

I just went through this setup. Here are my notes for anyone else attempting to get a dedicated M365 mailbox setup with Syncro.

Goal

To use a Microsoft 365 email account ex. “helpdesk@mspname.com” for Syncro Tickets (inbound and outbound).

Prerequisites

• helpdesk@mspname.com has been setup as a stand alone email mailbox with at least an M365 Business Basic license. (Unknown if the Defender setup below requires BusPrem as this was tested on an account with BusPrem)
• Login Outlook and setup MFA to secure this email account

Setup Syncro SMTP Email

• Syncro - mspname.syncromsp.com/settings/emails
• SMTP Username: helpdesk@mspname.com
• Password: (same password as used with outlook.com)
• SMTP Server Address: smtp.office365.com
• SMTP Server Port: 587
• Authentication: login
• “Use SSL/TLS (SMTPS)” - Unchecked
• “Use STARTTLS (unless using SMTPS)” - Checked
• Click Save

Setup Syncro Mailbox (inbound email)

• Select Outbound
• Select Activate

SPF Record

Login to your DNS provider for mspname.com

• Update your SPF TXT record to “v=spf1 include:spf.protection.outlook.com +ip4:168.245.102.208 -all”
• or add “+ip4:168.245.102.208” if you have other customization

Enable Authenticated SMTP

Microsoft 365 admin center - https://admin.microsoft.com/Adminportal/Home#/users

• Select Helpdesk user
• Select Mail from popout window
• Select “Manage email apps”
• Check “Authenticated SMTP”

Contact User

Microsoft 365 admin center - https://portal.office.com/Adminportal/Home/#/Contact

• Create a Contact user. This will be used in the Forward all emails. Required.
• Select Users / Contacts
• Click “Add a contact”
• Enter a display name “Syncro Helpdesk”
• Open Syncro Admin (menu) / Email “Mailboxes (inbound email)”
• Click Edit
• Copy the forward destination email address ex. “rsmbox-mspname-00000000000@syncroemail.com”
• Paste the “rsmbox-mspname-00000000000@syncroemail.com” like email address into the Email field.
• Click Add

Forward all emails

Exchange admin center - Sign in to your account

• Select Helpdesk mailbox
• Select Manage mail flow settings
• Find Email Forwarding click Edit
• Forward all emails sent to this mailbox - select On
• Paste full email address as listed in Syncro Edit Mailbox ex. “rsmbox-mspname-00000000000@syncroemail.com”. Wait for it to lookup the Contact User. It should show as a selected user with an X to remove.
• Keep a copy of forwarded email in this mailbox - select On (Optional but recommeded)

Add an External Anti-Spam policy

Microsoft 365 Defender - Sign in to your account

• Select Policies & Rules
• Select Threat Policies
• Select Anti-Spam
• Select + Create Policy / Outbound
• Name Syncro
• Users - type “helpdesk”. Wait for “Suggested Contact” to show the Helpdesk account, then select it
• Set limits ex 500 for each (external, internal & daily)
• Set Automatic forwarding rules to “On - Forwarding is enabled”
• Review and Create. This will take some time before it appears on the list. Refreshing this list is really slow

Finish Syncro Setup

• Setup Syncro SMTP Email - Test
• Setup Syncro Mailbox (inbound email) - Reload
• Send a test email to helpdesk@mspname.com. A ticket should be created.)

Just letting you know that I fixed this on my Office 365 account.
I had “Block legacy Authentication” set in my azure portal. Once removed, the SMTP worked correctly.
https://portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade/Policies

Hi everyone,

Microsoft is going to disable the Basic Authentication on 1-Oct. The above SMTP connection will not work anymore. Any Syncro support here can provide new setup advise? Thanks.

They only disabled Basic for everything except Authenticated SMTP. As much as they want to get everyone locked into modern auth, there are just too many devices and services that rely on Authenticated SMTP.