Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1171
Views
0
Helpful
2
Replies

SMTP and "App Password" alternative

ITEM93
Level 1
Level 1

‎11-16-2021 12:31 PM

One of our clients is currently using Microsoft MFA and are looking at migrating to Duo and Conditional Access.

Their ERP system uses App Passwords and SMTP to impersonate and send emails from their individual accounts.

Does anyone know of a way to achieve the same goal with Duo?

Thanks in advance!

Labels:
0 Helpful
2 Replies 2

DuoKristina
Cisco Employee
Cisco Employee

‎11-19-2021 05:30 AM

It sends from an ERP service account, or from each user’s account?

If it is a service account the easy answer is to not apply the CA rule that includes the Duo control to that account.

If it is each user’s account that might be tricker. Could you use the user agent from the inbound ERP system connection and exclude that UA from the CA conditions for the rule that includes the Duo control? Or maybe exclude the IP of the ERP system? I have not explored all possible CA policy conditions.

Duo, not DUO.
0 Helpful

ITEM93
Level 1
Level 1

‎11-22-2021 07:55 AM

I was able to bypass the password requirements by setting up M365 SMTP Relay.

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents