Office 365 - Which clients/protocols will be supported?

"Office 365" refers to subscription plans that include access to Office applications plus other productivity services that are enabled over the Internet (cloud services). By default, all UW-Madison Office 365 users have access to email, calendar, and people. You can use many different clients to connect (via an email protocol) to your Office 365 account.

Table of Contents

What is a client?

A client is an application that is used to connect to your Office 365 account. Some examples include Microsoft Outlook or Internet Explorer/Google Chrome.

What is an email protocol?

Email protocol is a method by which a communication channel is established between two computers and email (some protocols also include calendar data) is transferred between them. When an email is transferred, a mail server and two computers are involved. One computer sends the mail and the other one receives it. The mail server stores the mail and lets the receiving device access it and download it if needed.

What clients/protocols are supported by Office 365 Team?

Even though Microsoft provides you with the ability to connect to your Office 365 account using a wide variety of clients/protocols, for the best experience and complete support, Microsoft recommends connecting through one of the following ways:

Under what other circumstances would these protocols be disabled for an existing account?

Additional context for the security justification:

Abuse of the email service by compromised NetID credentials is a very large and growing issue at UW-Madison. These credentials are used to access mailboxes, send out phishing to other people, and potentially exfiltrate sensitive email messages.

Additional context for the support justification:

Some people accidentally configure a client that “POPs” messages out of their account. This change would be a safeguard against that occurrence.

Important note about SMTP Auth

SMTP Auth is deprecated and is no longer supported. The Wisc Account Administration site will only show the status of this protocol for an account.

Individuals who had SMTP Auth enabled for their account before January 2019 can continue to use this protocol. If the protocol is disabled, it cannot be reenabled.

Does Microsoft plan to end support for IMAP and POP?

Probably not anytime soon, but there are caveats.

According to Microsoft: Office 365 system requirements changes for Office client connectivity

“Effective October 13th, 2020, Office 365 will only allow Office client connectivity from subscription clients (Office 365 ProPlus) or Office perpetual clients within mainstream support to connect to Office 365 services.”

What does this mean?

Microsoft has not stated that IMAP and POP functionality will end, so the UW-Madison Office 365 team believes that IMAP and POP will continue to function after 2020. However, based on conversations with our Microsoft partners, it is clear that they are advocating strongly for the deprecation of clients and protocols that aren’t capable of using Modern Authentication.

Modern Authentication is what enables enhanced security, in terms of password handling and Multi-Factor Authentication. Microsoft’s position, coupled with UW-Madison’s needs for enhanced security of credentials and authentication flows, means that the UW-Madison Office 365 team is taking the strategic position of encouraging people to use clients capable of Modern Authentication by default.

Are there any policy justifications for this change?

Yes. Some people configure Gmail (or other 3rd party services) to POP email out of their UW-Madison mailbox. This requires Gmail store the password in a decryptable format on their servers.

Technically, this is a violation of UW password policy, however we recognize that many people have been doing this for years, so that is why there are no plans to disable POP for existing accounts.

Enable/Disable Protocol

Important: Make sure you have reviewed the "Under what other circumstances would these protocols be disabled for an existing account" section above before proceeding to make changes to any of the protocols.

If you would like to enable/disable a protocol, use the following steps:

  1. Log into Wisc Account Administration site.
  2. Select the account you want to manage.
  3. Click on the "Office 365" tab in the left-hand column. It will be expanded.
  4. Click Client Protocols.
  5. Within the 'Client Protocols' screen, click on the desired action next to the protocol you want to manage.

Note: If a protocol is disabled, the account cannot be used to connect to Office 365 via that protocol. For example, if you only want a student to use Outlook on the web and Outlook 2016, OWA and MAPI are the only protocols that need to be enabled. It may take up to 24 hours for the change to be reflected within Office 365 infrastructure.

What happens if a protocol is disabled?

If a protocol is disabled for an account, any client that attempts to connect via the disabled protocol to your Office 365 account will be unable to connect (some type of connection error). Below is a list of errors you may receive:

Reasons for Disabling a Protocol

You might want to consider disabling a protocol for the following reasons:

See Also: