Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Microsoft 365 SMTP server intermittently rejecting connections

  • 54 replies
  • 1 has this problem
  • 23 views
  • Last reply by lesrose1959

more options

I've been running Tbird on Windows for many years. About 2 weeks ago something changed, either in Tbird or at Microsoft, which stops me from sending to the Office 365 SMTP server. I can send and receive using Outlook on the Office website, but I can't send locally from Tbird. Error message screenshot herewith. I have tried every possible permutation of server settings, which currently are:

Server name: smtp.office365.com Port: 587 Security: START/TLS Authentication: OAuth2

MS support says these are correct, and they are at wits' end to understand what is going on. They asked me to ask Tbird support, so I am.

I should add that at about the same time I started getting SMTP rejections in Gmail on my Android phone, and miraculously that was corrected yesterday, without any action from me. There is something odd going on at Microsoft - does anyone know what it is? My other accounts on Tbird work fine of course.

I've been running Tbird on Windows for many years. About 2 weeks ago something changed, either in Tbird or at Microsoft, which stops me from sending to the Office 365 SMTP server. I can send and receive using Outlook on the Office website, but I can't send locally from Tbird. Error message screenshot herewith. I have tried every possible permutation of server settings, which currently are: Server name: smtp.office365.com Port: 587 Security: START/TLS Authentication: OAuth2 MS support says these are correct, and they are at wits' end to understand what is going on. They asked me to ask Tbird support, so I am. I should add that at about the same time I started getting SMTP rejections in Gmail on my Android phone, and miraculously that was corrected yesterday, without any action from me. There is something odd going on at Microsoft - does anyone know what it is? My other accounts on Tbird work fine of course.
Attached screenshots

Modified by Wayne Mery

Chosen solution

You could report that to your VPN support service, maybe they could find a way to configure their software bypassing feature better.

Be aware that these routes assume that the whole ranges (2 x 65535 IP addresses) are belonging to Microsoft. I have not checked if it's true, if not the rules may route other sites outside of the VPN.

The best solution would be to allow connection to MS servers through the VPN, but that's another problem.

But if you are stuck with this solution, and your VPN has a way to be started from the command line, it could be possible to write 2 scripts to start and stop the VPN, creating and destroying the routes automatically.

Read this answer in context 👍 0

All Replies (20)

more options

Just an aside: my settings for that server are normal password, not Oauth2, and it works.

more options

I had normal password before, which is when it stopped working. Microsoft advised that it should be OAuth2. I just changed back to normal password and it still doesn't work. I don't know if this is anything to do with Microsoft retiring basic auth. Does anyone have any intel on this?

more options

I could not find any further intelligence on this problem, so I removed and reinstalled Thunderbird. This seemed to fix it for a week or so, but the other day it started crashing again, and strangely it began to duplicate incoming emails. Today it again fails to connect to the Office 365 server, so I'm back where I started. 102.3.3 (64-bit) is clearly a very unstable release of Thunderbird, at least on my Windows 11 PC. The only solution I can think of is perhaps to go back to an earlier version of Thunderbird, but that might be even less compatible with Windows 11. I'm on the point of giving up altogether with Thunderbird, after about 20 years of trouble-free service from it.

more options

I give up. I just did yet another reinstall and Thunderbird still won't connect to the Microsoft server. I'm now looking for another e-mail client.

more options
more options

The correct settings for O365 are now as follows, and this is linked to the deprecation of basic authentication which took place at the start of October. Microsoft notified O365 system administrators many months in advance of this change (I started planning for the change with my users back in August). All TB users needed to do was change their IMAP and SMTP server authentication method to Oauth2 (from normal password) and a Microsoft window should have popped up inviting them to login - which then creates an Oauth2 token in the saved passwords on TB.

You can see if you have an Oauth2 token by going into SETTINGS, PRIVACY & SECURITY, SAVED PASSWORDS and you should see an entry for your account that has an oauth prefix.

IMAP server: outlook.office365.com port:993 Connection security: SSL/TLS Authentication method: Oauth2

SMTP server: smtp.office365.com port:587 Connection security: STARTTLS Authentication method: Oauth2

I only had three problems arising from my testing and rolling the change out:

1. A couple of of my users had the setting SETTINGS, PRIVACY & SECURITY, ACCEPT COOKIES FROM SITES, unticked for some reason, so the login couldn't occur, which meant the Oauth2 token wasn't created. Ticking it OR adding an exception resolved that.

2. Some of my users hadn't logged in via the web in ages because they only use email (via TB), and I found that if O365 decided to revalidate self service password reset info as part of this login/token creation process, it seemed to screw it up. So I directed my users to login via the web FIRST, revalidate their self service password reset info if asked to, and then log back out - before making the change in TB.

3. A couple of my users had incorrect mail hosts relating to other Microsoft mail services in their IMAP/SMTP settings for some odd reason (imap-mail.outlook.com in one case) so weren't seeing the Oauth2 option in the list. When they put the correct mail hosts in (as above), the Oauth2 option appeared.

Modified by midgleyi

more options

midgleyi, thank you for posting that helpful information.

more options

Yes I am on 104.4.2.

I was well aware of the change to Oauth2. Tbird settings are exactly as you have provided midgleyi.

I have the Oauth prefix to the account. See image. Still can't connect - see 2nd image.

Accept cookies is ticked. I tried blocking cookies from smtp.office365.com but it made no difference.

I log into O365 every day.

more options

Some other poster recently talked about a bad entry in the pref.js file, see:

https://support.mozilla.org/en-US/questions/1394981

maybe you are concerned by this problem ?

Otherwise, if you can't get OAuth2 to work you can setup an app password in your Microsoft account:

https://support.microsoft.com/en-us/account-billing/using-app-passwords-with-apps-that-don-t-support-two-step-verification-5896ed9b-4263-e681-128a-a6f2979a7944

you can then use standard password auth in Thunderbird.

more options

Thanks gp, but that Microsoft article is out of date and doesn't match the page it points to. I can't find any intelligible help anywhere at Microsoft.

more options

outdated ? why ? because it's called 'advanced security options' instead of 'more security options' ?

more options

No gp, because the Security basics page it points to doesn't have app passwords under advanced security options.

more options

If you don't have the option, in theory it's either because you don't have 2FA enabled on your account, or because you are a business user and the admin for your org has disabled the possibility (in this case there is nothing that can be done)

more options

I have verified that 2FA is turned on, and generated an app password. Strangely Thunderbird's list of saved passwords doesn't include an entry for the Office 365 smtp server.

more options

Normally a password is saved if you are asking for it and if your login succeeds. Whatever, if you have an app password you can then use your login + the app password and normal auth (NOT OAuth2).

more options

I have removed and reinstalled Thunderbird yet again. This time I backed up the profile and then deleted it from the default folder, and ensured there was nothing left of Thunderbird on the machine. I have done a fresh install, and recreated my email accounts. The situation is exactly as before. I can receive email from Microsoft 365 in Thunderbird, but I can't send. This is the same whether I have Oauth2 or normal password in the account settings. I have generated a new app password and saved this in the smtp entry in the password list in Thunderbird, with a setting of normal password. I still get exactly the same error message, smtp server is refusing connections. Thunderbird does not prompt for a password, it just reports this server error. I still can't work out which is at fault, Thunderbird or Microsoft 365.

more options

You can try to turn on debugging by going to settings / General / (button) Config Editor, set mailnews.smtp.loglevel to All then go to Tools / Developer tools / Error console, clear with the trash button, try to send mail, and after failure go back to Tools / Developer tools / Error console and copy / paste the content here. Remove identifying information if necessary.

more options

Thanks gp, done that - see image.

more options

Err, are you sure that you set mailnews.smtp.loglevel to 'All' ? there is much detail lacking on your screenshot. The most interesting part, the dialog between the client and the server, is missing. Or maybe you did just extract too few data ? Copy/paste is better when there is some information to transmit, a screenshot can be too small.

more options

Sorry, I didn't save the change in error console setting. Try this:

This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “”. blank window.controllers/Controllers is deprecated. Do not use it for UA detection. blank This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “”. blank This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “”. MsgComposeCommands.js:10566:14 Exception { name: "NS_ERROR_FAILURE", message: "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIEditor.getInlineSpellChecker]", result: 2147500037, filename: "chrome://messenger/content/messengercompose/MsgComposeCommands.js", lineNumber: 6989, columnNumber: 0, data: null, stack: "ComposeChangeLanguage@chrome://messenger/content/messengercompose/MsgComposeCommands.js:6989:13\n", location: XPCWrappedNative_NoHelper }

Element.releaseCapture() is deprecated. Use Element.releasePointerCapture() instead. For more help https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture menupopup.js:169:13 TypeError: nameField is null LoginManagerPrompter.jsm:74:23 NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIAutoCompleteInput.popup] LoginManagerChild.jsm:250 This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “”. MimeMessageUtils.jsm:148:23 mailnews.smtp: Sending message <5cda104f-e7a9-4f35-f6cf-51ee14e87eef@salisburymusicalsociety.org.uk> SmtpService.jsm:85:18 mailnews.smtp: Connecting to smtp://smtp.office365.com:587 SmtpClient.jsm:118:17 mailnews.smtp: error { target: TCPSocket, isTrusted: true, name: "ConnectionRefusedError", message: "Network", errorCode: 2152398861, srcElement: TCPSocket, currentTarget: TCPSocket, eventPhase: 2, bubbles: false, cancelable: false, … } SmtpClient.jsm:433:17 mailnews.smtp: Failed to send "QUIT" because socket state is closed SmtpClient.jsm:578:19 mailnews.smtp: Closing connection... SmtpClient.jsm:152:17 mailnews.send: Sending failed; The message could not be sent because connecting to Outgoing server (SMTP) smtp.office365.com failed. The server may be unavailable or is refusing SMTP connections. Please verify that your Outgoing server (SMTP) settings are correct and try again., exitCode=2153066798, originalMsgURI= MessageSend.jsm:335:27

  1. 1
  2. 2
  3. 3