From Open SMTP to OAuth: Why Emailing from ERP systems Needs to Change

For years, emailing documents from enterprise systems was straightforward.

Organizations relied on basic SMTP configurations to attach documents and send them. The “from” address could be generic, shared, or loosely controlled. There was little emphasis on identity, user consent, or security.

It worked — because the ecosystem allowed it.

That model no longer holds in a world exposed heavily to Cyber Attacks were services requires Identity Verification, Two Factor (2FA) and even Multi Factor Authentication (MFA).

• SMTP is increasingly restricted and replaced with secure protocols (SMTPS) • Standard SMTP ports are widely blocked in organizations • Basic authentication is being replaced with app passwords or OAuth • Passwords now expire based on IT security policies, requiring constant updates and breaking static configurations • Shared credentials are no longer acceptable • IT policies enforce strict identity and access control

The consequences are immediate: emails fail, documents are not delivered, and a simple capability becomes a point of operational risk.

The fundamental shift is clear: Emailing is no longer an infrastructure concern — it is an identity-driven process.

Every email now requires:

• A verified user identity (Domain and Organization level). • Explicit consent through OAuth • Clearly defined permission scopes • Ongoing token lifecycle management

The key question has changed from “Can the system send an email?” to: “Who is sending this, what application, which service – and under what authority?”

The era of relying on SMTP setups, scripts, or shared credential accounts is effectively over.

Email delivery can no longer be treated as a technical afterthought; it must be a built-in enterprise capability centred around identity, security, and control. This means:

• Native integration with platforms like Microsoft 365 and Google Workspace • OAuth-based authentication instead of stored credentials • App passwords for each service where 2FA / MFA is enabled • User-level identity with centralized governance • SPF, DKIM and DMARC records • Reliable, traceable delivery

Organizations running Infor LN or Infor M3 that continue relying on legacy SMTP setups or workarounds will increasingly face failures, security challenges, and operational disruption.

This is why modern solutions like B2Win Suite are designed to address these challenges directly – providing secure OAuth-based integration with Microsoft 365, Google Workspace, and other Enterprise Level Mail Services, flexible configuration combining centralized control with user-level identity, and a reliable, scalable approach to document emailing.

If your organization is still dependent on legacy SMTP setups or workarounds, now is the time to move to a solution built for today’s requirements.

Because in today’s environment, emailing is not just a feature — it’s a critical business capability.