The Email Services category is a resource for information on our company's enterprise email systems, offering insights into management, maintenance, and best practices for organizational communication
Learn how to configure applications and devices for email sending at Dartmouth. Basic Authentication for SMTP ends in September 2025—all setups must switch to OAuth. IP relay requests require security approval, and misuse may result in suspension.
Our organization's email security policy mandates the use of DMARC, complemented by either SPF or DKIM compliance for bulk email services. To address SPF's limitations, dedicated subdomains are utilized for enhanced email management. This approach upholds secure and dependable email communication within our organization.
Dartmouth College now requires multi-factor authentication (MFA) for all users accessing the Microsoft 365 Admin Center to enhance security. Users must configure MFA on CyberArk-managed accounts using an approved authenticator like Duo Security. Access will be blocked until MFA setup is complete.
Dartmouth is retiring SMTP Basic Auth in September 2025; this guide shows how to send-only via smtp.office365.com using OAuth2, preferring delegated permissions (SMTP.Send) for security. App-only (SMTP.SendAsApp) is allowed only when scoped to specific mailboxes via an Exchange service principal, and the article outlines roles (App/Dev vs Email Team), key settings, and quick troubleshooting.
Microsoft will retire Basic Authentication for SMTP Auth in Exchange Online, requiring all email-sending applications, devices, and legacy email clients to transition to Modern Authentication (OAuth). This change enhances security, reduces phishing risks, and aligns with Dartmouth’s security strategy. Application administrators and users must take action to update configurations before the deadline.