Hi! I’m working on setting up Bitwarden Self-Hosted at my organization, and we are interested in using Microsoft’s OAuth2 flow to authenticate outbound SMTP email to our Exchange Online tenant. Microsoft has documentation on this but I couldn’t find anything for setting this up within Bitwarden. Is this something that can be done?
Bitwarden does not support OAuth for email, only SMTP. As far as we know, SMTP AUTH is still available to send messages through Microsoft, but you should research before enabling and configuring for your Bitwarden self-hosted server. From Microsoft: Setup for SMTP AUTH, and setup for the device. This option is usually not turned on by default. As always, the setup for Bitwarden server settings is in our FAQs here.
Per their documentation, it appears that they only support SSL for encrypted traffic. I would like to avoid the situation where we are sending unencrypted email. Is it possible for Bitwarden to send email via encrypted TLS on port 587 instead of SSL on port 465?
Not super sure how Bitwarden handles SMTP without any auth, but it helps to tend to get on-prem local SMTP into Exchange Online especially for older devices, printers, etc that don’t support modern auth.
Though this does require you have a static IP range, though you may already have this for your business.
Just another option that might help, also does eat into an expensive O365 license.