I’d imagine most orgs concerned with branding are using BYO SMTP. Doubly I’d assume the vast majority of us use 365.
Basic auth is going away from Office 365 this fall and orgs that have created exceptions for mailboxes are already in violation of partner security requirements.
Please implement modern methods to send email using office 365. This is a relatively trivial feature that will greatly improve the polish of the software. User auth should be implemented to limit scope of tenant access.
As I’ve had needed to share these notes with dev teams on other platforms, thought I would share here too.
All of Microsoft’s APIs use Oauth for authentication.
This webpage is helpful, with many different scenarios, types of apps and language examples listed.
Code samples for Microsoft identity platform authentication and authorization | Microsoft Docs
Specifically, this is the modern equivalent of the authentication method we used 3 years ago (using .NET Framework) when we first implemented sending email via Microsoft Graph.
active-directory-dotnetcore-daemon-v2/1-Call-MSGraph at master · Azure-Samples/active-directory-dotnetcore-daemon-v2 · GitHub
Using a client secret or client certificate are both possible.
After the method of authentication succeeds submitting email for sending is fairly straight forward.
Use .NET HttpWebRequest with this uri.
Send mail - Microsoft Graph v1.0 | Microsoft Docs
Anyone can sign up to a Microsoft Office 365 Dev Tenant?
What is a “Dev Tenant” and why would you want one? - Microsoft Tech Community
You get 25 E5 licenses (for free), and you can prepopulate it with sample data packs that Microsoft have preconfigured.
I use my developer tenant to write code and scripts against, but also to test out various Office 365 features that I’m unsure of.