Thunderbird vs MS365
February 14, 2025If you happen to be in the unfortunate position of being beholden to Micro$oft, one half of the duopoly of email providers that are making it more and more difficult to send emails, particularly business emails from anything that isn’t a Micro$oft or Google server and actually have it delivered to your intended recipient’s inbox, you have my sympathies.
If you are in this situation and also don’t like Outlook as an email client (and why would you? It’s tragically bad) you might prefer to use something like Thunderbird, and for all of Mozilla’s faults (and there are many) it is one of the best email clients out there. Albeit not quite what it was before Mozilla decided to copy many of the worst features from other awful clients (threaded messages anyone?) but still usable which is more than can be said for Outlook on a good day.
If you are trying to use Thunderbird to send and receive emails via an M$365 Exchange Online server (is there any other kind of email server than an “Online” one?), you might have encountered just how awkward Micro$oft have made it. I’m not referring to the OAuth2 popups, or the rabid insistence on 2FA for everything. I am referring to the fact that despite the settings that Thunderbird picks up or that you choose to enter manually being correct, and supplying the correct password for both IMAP and SMTP, you’ll likely receive emails fine but when you try to send an email you’ll get an obnoxious error message that essentially tells you that you have got either the connection settings wrong, or the wrong credentials.
Naturally this is not the case. Despite Micro$oft going all-in with CoPilot, the wonderous AI that can do everything for us, they are still incapable of returning a useful, informative or even remotely appropriate error message.
What you will need to do to enable Thunderbird to successfully connect to the SMTP servers run by the cretins at Micro$oft and send your emails, is open Powershell on your Windows PC with “administrator” privileges, and run the following commands, some of which you’ll need to confirm that you really want to run them, because you may well have typed them out for another reason entirely. Start with this one…
Set-ExecutionPolicy Unrestricted
This will allow you to run code you want to run on your own machine. Next you may need to install the module that will connect to the M$365 Exchange account and allow you to issue the commands to allow your choice of email client to connect and send emails through the M$ service you are paying for…
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0
If you get scary red text that vaguely mentions versions etc. it might be that by the time you read and try this, there is a newer version than 3.4.0 and rather than offer to just install the latest version, you get ominous red text that doesn’t really explain the issue it is allegedly warning you about. Chances are within a day of my posting this, there will be a new version so please prepare yourself for the high probability you’ll get The Red Baffling Sort Of Warning Of Death Or Maybe Something Else Pretty Badâ„¢.
Luckily amongst all that red waffle, the latest version number should be visible, so just replace the ‘3.4.0’ with that and life will be instantly wonderful again.
After installing the module, for some reason probably only the janitor that empties Satya Nadella’s wastepaper basket knows, you need to import it before you can use it. So you need to run the following command:
Import-Module ExchangeOnlineManagement
Now you can actually connect to the Exchange Online server using the module you just installed and then, crucially, imported…
Connect-ExchangeOnline -UserPrincipalName *main-account-email*
Obviously you need to replace the *main-account-email* with the main MS365 account email address, or one that has full admin rights. You should then get a popup which will ask you for your account password, which you need to enter.
After that, you should be greeted with some yellow text that is intended to welcome you to Exchange Online Management via Powershell blah blah blah.
From here, you need to issue the following command:
Set-CASMailbox -Identity *email-address* -SmtpClientAuthenticationDisabled $false
…for each email address you wish to enable Thunderbird to be able to send through, replacing *email-address* with the actual account email address.
Finally you need to run this command that disables MAPI, which is the Final Boss in this battle to allow the Bird of Thunder through the Connectivity Chasm, ascend the Holy Policy Mountain and penetrate the staunchly defended perimeter of Exchangaria, where emails flow like milk and honey, and inboxes are spilling their contents over like the wine-glasses belonging to Kings of ancient Babylon…
Get-CASMailbox -Filter {ImapEnabled -eq "true" -or PopEnabled -eq "true" } | Select-Object @{n = "Identity"; e = {$_.primarysmtpaddress}} | Set-CASMailbox -MapiEnabled $false
After all that the unparalleled, near-orgasmic thrill of successfully sending an email to your stationary supplier to tell them they sent the wrong sized staples should be yours.
Or will it? This works as of today, 14th February 2025, but given than Micro$oft preside over such a colossal mess of systems that appear to be in a constant state of flux/disrepair/trousers (delete as your mood dictates), who knows how long for.
I’ll try and update this should I become informed that it no longer works and we have to perform some other tedious ritual to merely send an email.
EOL