In some cases, when you sent email from a SMTP Client, you got login failure error.
Failure reason: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access ‘{resource}’.
Additional Details: User needs to perform multi-factor authentication. There could be multiple things requiring multi-factor, e.g. Conditional Access policies, per-user enforcement, requested by client, among others.
Even user logged in from a trusted IP address.
To dealing with this, if your company has Entra ID Premium P2 license, you can exclude the user from User risk policy and Sign-in risk policy. Otherwise, you can simple turn off these policies.
Azure Active Directory: https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/SecurityMenuBlade/GettingStarted
As you can see, in the Sign-in risk policy, when sign-in risk is High, Microsoft will require MFA to sign-in.
When the policies are turned off, the user can login using Single Authentication SMTP.
