Learn more about setting up a custom SMTP through your Microsoft Azure Account.
Microsoft does state that SMTP through TLS is not compatible with their Security defaults in Microsoft Entra ID.
We are working towards allowing OAuth/Graph API for Microsoft accounts to send system emails, but this feature is not in development yet. (January 2024)
To connect a Microsoft Active Directory account, set the connection type to Microsoft Active Directory, choose a Microsoft App, and click the Authorize button.
The Azure Active Directory App require two delegated permissions into the connected mailbox.
- Mail.ReadWrite
- User.Read
If desired, you can create your own custom Azure Active Directory Application with the above permissions to use with Inbox. This process is described below in the Custom Active Directory App section.
You'll then be taken to a Microsoft page where you will select the email account you want to connect. Since both the required permissions are delegated, they do not require Administrator consent. If successful, you will be returned to PhishingBox and get a success message.