Customer has a LoB application called Enfocus Switch.
It has a mail retrieval function that connects via IMAP using an app password on a normal O365 email account with MFA enabled.
It stopped retrieving email on the morning of Wednesday October 12th.
Since Microsoft finally killed Basic Auth on Tuesday, I assume this is related, but I can find no information on this at all.
The vendor do what they do, but I noticed that most applications that need this kind of functionality uses mail forwards from customers mailboxes to their own IMAP mailboxes.
That can be a way to solve this when microsoft kills it. Redirect from customers O365 mailbox to another provider that supports IMAP with normal authentication. Have the LoB application use that inbox instead.
We have customers doing that. Setting up MailCow to get past all the primary vendor security systems.
That makes sense.
I think you could probably run a bare mailserver with just dovecot as well. Since it only needs to handle incoming email from Microsoft and be an IMAP server, there's a lot things that becomes irrelevant - like spam detection, ip reputation etc.