Because Office 365 has disabled basic authentication in SMTP/POP/IMAP services, if you have a legacy email application that doesn’t support modern authentication (OAUTH), then you cannot use it to send and retrieve email from Office 365 account anymore.
For developers, you can add new codes to support OAUTH. However, if your code is too complex or out of
maintenance, and you don’t want to change anything in your source codes, then
EA Oauth Service can help the
application to implement OAUTH.
This tutorial gives you a quick overview of how to use
EA Oauth Service which can help the legacy email application to
connect Office 365 without changing any codes.
"EA Oauth Service"on your machine.
"EA Oauth Service Manager", and add a mapped Office 365 user access token.
localhost, and use local user and password in your application to login local SMTP/POP/IMAP services.
"EA Oauth Service"accepts the connection from local user, it connects Office 365 server by the associated access token in background.
"EA Oauth Service"transfers data between the email application and Office 365 server under SSL/TLS encryption.
"EA Oauth Service"automatically.
You just need to change the server address, user and password in the email application, then the application can connect Office 365 without changing other things.
You can download EA Oauth Service Installer and install it on your machine.
Double click the installer file and the installation will be executed automatically. The installer requires .NET framework 4.5 or later version to be installed. If no corresponding .NET framework is detected in your operating system, Setup will be aborted.
After the installation is completed, click “EA Oauth Service Manager” from
Start menu ->
All Programs -> “EA Oauth Service”
to begin the setup.
An account with Administrative Privileges is required to run the installer for installing “EA Oauth Service” on the machine.
After EA Oauth Service is installed, it provides SMTP/POP/IMAP services on the local machine. You can open
EA Oauth Service Manager ->
Services to check the service status.
By default, the following inbound ports is used:
If the service is failed to start, it is likely that other application on the machine used the port, you should change the listening port and start the service again.
Now you need to create a local user in
EA Oauth Service Manager ->
Now you need to add a mapped Office 365 email account access token. There are two options:
With this option, you can use default setting for client id, tenant, then click
This option is recommended to the user who doesn’t have permission to create the application in Azure Portal.
Then you will be asked to login your Office 365 account by web browser.
After the access token is retrieved successfully, you can see the token creation time and expiration time.
It requires you re-login the Office 365 account before the refresh token is expired (about every 3 months).
With this option, you need to register an application in
Azure Portal by the
Office 365 administrator in your tenant,
then input the client id, client secret value, tenant id and the mapped Office 365 email address.
This option only supports POP/IMAP permission, SMTP permission is not supported.
Please click the following link to learn how to create the application for specific user in Azure Portal:
Register azure application for Office 365 and POP or IMAP service
After you input the client id, client secret value, tenant and the mappded Office 365 email address, then click
a new access token will be retrieved automatically.
You don’t have to re-login the Office 365 account until the client secret is expired. The maximum lifetime of client secret value is 24 months.
After you create the local user and get the associated access token, the next step is changing your server settings in the application.
Use the following server address and port in the email application:
Here is the example setting in Outlook:
Then use the
local user and
local password (not your Office 365 password) for user authentication in the email application.
After the application connects local SMTP/POP/IMAP service successfully provided by
EA Oauth Service, the service will connect Office 365 server
by associated access token, and transfer data back to the application under SSL/TLS encryption.
Now the email application can send and retrieve email from Office 365 even it doesn’t support OAUTH.
The legacy email application also can access the SMTP/POP/IMAP service from a remote machine.
EA Oauth Service installed a self-signed certificate for SSL/TLS connection, the certificate is issued to localhost.
If the application accesses the service from a remote machine, a certificate error will be reported.
You can use other SSL certificate by selecting certificate from
EA Oauth Service Manager ->
SMTP/POP/IMAP service ->
If you get error about “Authentication”:
EA Oauth Service Manager-> Users -> Check if there is any token error.
If there is token error, edit this user and try to:
If the email application cannot connect local SMTP/POP/IMAP serivce, you can enable full debug log like this:
EA Oauth Service Manager->
Please check if
EAOauth Service is running from Administrative Tools -> Services, if this service is not running, start it.
EAOauth background service can be restarted from Administrative Tools -> Services or use the following cmdlet in Powershell:
Not enough? Please contact our technical support team.
We usually reply emails within 24hours. The reason for getting no response is likely that your SMTP server bounced our reply. In this case, please try to use another email address to contact us. Your Gmail, Hotmail or Office 365 email account is recommended.