What's Changing?

Starting on August 4th, 2020, connecting to the mail services of Office 365 at UT via the POP, IMAP, and SMTP protocols will be disabled for the majority of users.

Why is It Changing?

In the interest of improving the University's security posture, we continue to cut-off as many angles of attack as possible. A compromised UT Office 365 account could be used send mail via SMTP without being prompted for Duo multi-factor authentication, resulting in (among other things) the dissemination of malware or scam email, theft of intellectual property, and further account compromises.

Who is Impacted?

Users who have not previously accessed their Office 365 email through the POP, IMAP, or SMTP protocols will be unable to do so after August 4th, 2020. This would primarily affect people who attempt to use older mail clients that don't support multi-factor authentication through Duo. A common example of such a client would be Mozilla Thunderbird, and some stock mobile clients. We would recommend these users switch to one of the following email clients:

• Outlook Web App (OWA)
• Outlook for Android
• Outlook for iOS
• Outlook for Windows or macOS
• Apple Mail
• iOS Mail app

Active users who have used POP/IMAP/SMTP protocols prior to August 4th, 2020 will be grandfathered and granted an exception to continue to use POP/IMAP/SMTP protocols. This constitutes a very small portion of the overall user population; they should not experience any disruption in service.

Additionally, at some point prior to the end of 2021, accessing Office 365 email via SMTP/POP/IMAP will require authenticating with Duo. SMTP/POP/IMAP users will need ensure they are using a mail client that supports multi-factor authentication; this can be determined by checking to see if the client supports the "OAuth 2.0" standard. 

Devices and applications using either the unauthenticated or authenticated mail relay service will not be impacted by this change.