Exchange Online

Microsoft Changes Strategy for High Volume Email

Avatar photo
Post author:Written By

HVE to Focus on Internal Recipients

Last July, I wrote about the preview of Microsoft’s High Volume Email (HVE) solution and followed up with another article covering Azure Email Communication Services (ECS). Since then, Microsoft has been working to prepare HVE for general availability in September 2025. Customers raised many questions during the preview, and Microsoft didn’t do a great job of responding to queries in a timely manner, possibly because of personnel changes. A May 6 announcement clarifies some of the issues and sets a new strategy for HVE to focus exclusively on internal recipients.

Devices and Basic Authentication

As anyone working with Exchange Online knows, Microsoft has all but removed basic authentication for email connectivity protocols. The last bastion of basic authentication is SMTP AUTH, otherwise known as the client submission protocol. Applications and devices use SMTP AUTH to submit messages to Exchange Online for onward transmission. Microsoft plans to remove basic authentication for SMTP AUTH in September 2025, which is also the target general availability date for HVE.

OAuth-based authentication is the replacement for basic authentication, and Exchange Online supports OAuth authentication for SMTP connections. Developers can update apps to use OAuth connections (or upgrade their code to use the Graph APIs to send email via Exchange Online). With these alternatives available, it’s reasonable to aim to remove basic authentication for SMTP AUTH in September 2025.

Devices are a different story. Email-enabled devices like multi-function printers send email via SMTP to let people know when jobs complete. There are many such devices available and in active use today but upgrading these devices to use OAuth or the Graph APIs requires the device manufacturers to create, distribute, and support new code for devices, some of which might be unsupported.

I haven’t heard of an eager mass of device manufacturers pushing out new code to meet Microsoft’s September 2025 deadline. And if devices aren’t upgraded before Microsoft turns off basic authentication for SMTP AUTH, they will lose the ability to submit email to Exchange Online.

Three More Years of SMTP AUTH for HVE

Enter HVE. Microsoft wants customers to use HVE with apps and devices to send email via Exchange Online, but switching apps or devices to use HVE involves code changes because HVE submission uses special HVE accounts and a different SMTP endpoint. To make HVE more attractive, Microsoft will support basic authentication for HVE until September 2028, the “ultimate end of extended support for Basic Authentication with HVE.”

But the reason why Microsoft is eliminating basic authentication is that these protocols are insecure and targeted by attackers, so why grant a three-year extension? The answer is that in June 2025, Microsoft will remove the ability of HVE to send messages to external recipients. In the future, HVE is exclusively targeted at internal messaging, leaving external traffic to ECS.

Apart from giving tenants another three years to upgrade apps and devices, Microsoft has removed all messaging rate restrictions for HVE and increased the number of HVE accounts in a tenant from 20 to 100 to spread the load of messages generated.

Not a Great Trade-Off

HVE was always limited to sending messages to 2,000 external recipients daily. That’s not much of an external messaging capability, but it’s enough for many tenants. Gaining three more years to sort out devices (in particular) is welcome, even if it’s a poor trade-off for losing external email.

I understand why Microsoft made the choice. Keeping HVE an internal tool meets the needs of many tenants while removing a bunch of security concerns. It also creates a clear demarcation between HVE and ECS. Both tools are built on top of Exchange Online, but now there’s only one choice for a tenant that wants to send external email that doesn’t come from a standard (licensed) mailbox. Given the new tenant-wide external recipient rate limit (in force worldwide from May 9, 2025), sending large volumes of email from a standard mailbox is no longer possible.

Some will say that Microsoft removed external email from HVE to force customers to pay for ECS. It’s true that ECS demands a small fee for each message it processes plus the size of the transferred data, but that’s similar to third-party bulk emailing services. The ECS cost to send the 2,000 messages to external recipients that HVE can no longer handle is $0.74. That’s for a relatively large 1 MB message. Smaller messages will cost less. You might save $15/month if the old HVE limit was being fully used.

HVE and ECS

The takeaway is that HVE is for internal mail and ECS is for external mail. HVE will reach general availability in September 2025 and organizations have until September 2028 to upgrade apps and devices before OAuth authentication becomes the norm for every message processed by Exchange Online,

Tags: , , , ,

About the Author

Tony Redmond

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He is the lead author for the Office 365 for IT Pros eBook, the only book covering Office 365 that is updated monthly to keep pace with change in the cloud. Apart from contributing to Practical365.com, Tony also writes at Office365itpros.com to support the development of the eBook. He has been a Microsoft MVP since 2004.

Leave a Reply