Office 365 Email Security for SMTP Relays

Error message:

Unable to read data from the transport connection: net_io_connectionclosed.

Troubleshooting steps:

  1. Ensure that TSL1.2 is being used as Windows 2016 & older may default to TLS1.1

    [Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12
  2. This new error message resulted
    The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57
    Client not authenticated to send mail. Error: 535 5.7.139 Authentication unsuccessful, SmtpClientAuthentication is
    disabled for the Tenant. Visit https://aka.ms/smtp_auth_disabled for more information.
    [SJ0PR03CA0167.namprd03.prod.outlook.com]

3. Use a browser to login and check the email account

Notice that 2nd-factor advisories are being displayed…

Attempted to navigate to https:// admin.microsoft.com/Adminportal/Home to realize that the provided account is not a member of the Global Administrators…

4. Advise client to have the organization administrator perform this task:

  1. Open the Microsoft 365 admin center (https:// admin.microsoft.com/) and go to Users > Active users > Select the user, and in the flyout that appears, click Mail > In the Email apps section, click Manage email apps > Verify the Authenticated SMTP setting: unchecked = disabled, checked = enabled (preferred)

  2. Sign in to the Microsoft 365 admin center (https:// admin.microsoft.com/adminportal) using a security administrator , Conditional Access administrator, or Global admin credentials > In the left pane, select Show All > under Admin centers, select Azure Active Directory > In the left pane of the Azure Active Directory admin center, select Azure Active Directory > From the left menu of the Dashboard, in the Manage section, select Properties > Manage Security defaults > set Enable Security defaults = No > Save changes

    This is to bypass this prompt:Microsoft has enabled Security Defaults to keep your account secure. Learn more about the benefits of Security Defaults
    Skip for now (14 days until this is required) Use a different account”

    Before SMTP option has been changed from disabled to enabled:

    The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57
    Client not authenticated to send mail. Error: 535 5.7.139 Authentication unsuccessful, SmtpClientAuthentication is
    disabled for the Tenant. Visit https://aka.ms/smtp_auth_disabled for more information.

    After:

    The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57
    Client not authenticated to send mail. Error: 535 5.7.139 Authentication unsuccessful, the request did not meet the
    criteria to be authenticated successfully. Contact your administrator. [BYAPR05CA0042.namprd05.prod.outlook.com]

Leave a Reply

Your email address will not be published. Required fields are marked *