…and it has implications for your FileMaker solutions.
Should you care? Yes!!
Two and half years ago, just before the Covid pandemic hit us in full force, we started making noise about the upcoming plans from Microsoft, Google, and others to demise the simple (basic) form of authenticating against their email services.
What they are taking away is the ability to use nothing but a username and password to log in and use the functionality provided by old protocols such as POP, IMAP, and SMTP. Microsoft first announced this in September 2019. The years leading up to that decision had provided plenty of evidence that the lack of multi-factor authentication made them ready prey for all sorts of easy attacks such as password spraying.
In short: these old protocols in their current implementation are deemed very dangerous and should not be used much longer.
For more detail and background information, see part one of our March 2020 blog post.
When is this happening?
The original plans by Microsoft to do all of this in the Fall of 2020 had been put on hold because of Covid, but it is happening NOW. As of October 1st, Microsoft has started to put their plans in effect, and we are already seeing reports in our communities of clients and developers being caught out and not able to send or receive email from their FileMaker solutions.
The messaging that comes out of Microsoft is a little ambiguous, and we had hoped they would be clearer around the affected users, the timeline, and the protocols involved in each step of the retirement process.
If you are currently using the Microsoft SMTP setup, then your solution is likely not going to be affected immediately in the same vain as it is for POP and IMAP functionality, but here too, the writing is definitely on the wall. Our advice is to not delay in removing all SMTP-sending from your solutions and adopt the available APIs instead.
If you are currently not using SMTP, you will not be able to activate and use it in the future.
Other email providers have their own plans to retire the old and deemed dangerous protocols. The best way forward is to adopt their API integrations.
Not only will this future-proof your solution when it comes to sending and retrieving email, but you will also inherit a slew of other features that are available through those APIs.
Now What?
With our 2020 blog posts, we supplied a fully functional demo file that uses the Microsoft APIs for sending and reading email. You can use that as the basis for removing the parts of your solution that rely on SMTP, POP, or IMAP. You can always contact our team for support if you need an expert to handle this quickly and effectively.