SMTP issue with

Hi All,

I am trying to use o365 SMTP but i have an error in my test. Even if i am using a password app but still with the same issue.

Below are the configuration that i use
Server name:
Port: 587
Encryption method: TLS or STARTTLS

Unrecognized authentication type []

@ricardo Is your mail server on premises with exchange or only in the cloud? And were you trying to send to account in your domain or outside of it?

Business subscription at Microsoft or personal? They have made some changes with smtp recently. So you have any logs on the MS of things?

Hi Garret,

Thanks for your answer.
We are using o365 in the cloud. The email sent and receive will be for the same domain ( inside domain).
The account that i am using to send email from passbolt servers has subscription Microsoft 365 Business Basic.
I am using an password app and my password is OK i double checked

Logs from passbolt server
[504] 5.7.4 Unrecognized authentication type []
Could not send the test email.
Error: SMTP server did not accept the password.

LOGs from azure ad
Authentication requirement
Single-factor authentication
Continuous access evaluation
error code
Failure reason
Error validating credentials due to invalid username or password.
Additional Details
The user didn’t enter the right credentials. It’s expected to see some number of these errors in your logs due to users making mistakes.

Thank a lot for your help

@ricardo Regarding tenant wide or account specific SMTP enabling does this help? Enable or disable SMTP AUTH in Exchange Online | Microsoft Docs

Hi Garret,

Yes i have enabled authentication SMTP for that account, but sitll failing

@ricardo Wow, that’s weird. Have you successfully reached that account via smtp with any other app? That would be my next step.

If you have gotten it working with another app, I can try to assist by trying to set mine it up with my o365 account and see what it takes.

Also, there is this Cannot send e-mails with SMTP using passbolt with OFFICE 365 which suggests that maybe o365 requires some headers or something that postfix sends by default.


In /etc/passbolt/passbolt.php configuration file, there is an EmailTransport section passbolt_api/passbolt.default.php at master · passbolt/passbolt_api · GitHub can you try to add 'className' => 'Mail' ? The default value is 'Smtp'.

Like this:

    'EmailTransport' => [
        'default' => [
            'className' => 'Mail', // << HERE
            'host' => 'localhost',
            'port' => 25,
            'username' => 'user',
            'password' => 'secret',
            // Is this a secure connection? true if yes, null if no.
            'tls' => null,
            //'timeout' => 30,
            //'client' => null,
            //'url' => null,

Thank you !

Hi Garret well if i dont find any solution i will try to use postfix o aws ses.

Hi _jc thanks for your answer. i tried as you mentioned. Below are the output

Debug email shell

Your email transport configuration is not set to use “Smtp”. (Mail is set instead)
This email debug task is only for SMTP configurations.
To fix this, edit EmailTransport.default.className in passbolt.php, and set className to “Smtp”

Hi guys,

now i am trying to use SES and its the same issue.
Port: 587
Username: AKIA4*******
Password: *********
TLS: true
[535] Authentication Credentials Invalid
Could not send the test email.
Error: SMTP server did not accept the password.

the password its from CREATE SMTP Credentials from AWS SES

Please your help

@ricardo can you see if you can connect to your o365 account with k9-mail app imap using your app password?

Hi Garrett,

I configured the k9-mail
with this
Server name:
Port: 993
Encryption method: SSL
user: mail of o365
normal password : app password
without client certified
check on autodetect IMAP name
check on With Compress

the error is user or password incorrect.

if i use Auth0.2 it will trigger to my MFA

For this kind of problem, you usually have to create an app password, as described in this documentation:

Can you give a try and let us know ?

Best regards,

@ricardo the endpoint should be same as you tried for passbolt.

I just would like to rule out a bad username/password.

For incoming, use what you have above. But for outgoing use port 587 with TLS.

If you are saying you can’t get past the incoming settings, then it appears to me your username and app password are not correct.

@ricardo If you are convinced that your app password is correct, my only other thought is check to see if your device is being quarantined. I have this on my domain and I have to approve any new device.

HI _jc

yes i created my app following that page

Hi Garrett

i tried to configure as you mentioned but only allow me to put the imap configuration at the begining and the authentication failed. when i choose Auth0.2 it need approvall for administrator. i created a new app password to be sure if my password are correct. i coied and pasted to eliminate mistakes

Hi Garrett

where i can check that?

I am finding it on this page it’s in the mobile device access section.

I have a quarantine rule:

Hi Garrett,

i dont find what you mentioned.
My authenticator method is as the picture below

@ricardo do you have a subscription directly with Microsoft or through another vendor like GoDaddy?