Outlook SMTP is Microsoft’s outgoing mail server for sending emails through personal Outlook, Hotmail, and Live accounts. The server address for personal accounts is smtp-mail.outlook.com on port 587 with STARTTLS. Microsoft 365 business accounts use smtp.office365.com on the same port. Authentication requires your full Microsoft email address and either your account password or an App Password — depending on whether your admin has enabled Modern Authentication or kept SMTP AUTH active. This guide covers both scenarios, plus working code examples in PHP, Python, and Node.js.
:::note[TL;DR]
- Personal accounts (Outlook.com, Hotmail, Live):
smtp-mail.outlook.comon port 587 - Microsoft 365 business accounts:
smtp.office365.comon port 587 - Authentication: your Microsoft email + your account password (or App Password)
- For Microsoft 365: an admin must enable SMTP AUTH for your account
- Daily limit: ~300 emails/day for personal accounts :::
What are the Outlook SMTP server settings?
Two different server addresses depending on your account type:
Personal accounts (Outlook.com, Hotmail.com, Live.com):
| Setting | Value |
|---|---|
| SMTP Server | smtp-mail.outlook.com |
| Port | 587 |
| Encryption | STARTTLS |
| Authentication | Required |
| Username | Your full email (e.g. you@outlook.com) |
| Password | Your Microsoft account password |
Microsoft 365 business accounts:
| Setting | Value |
|---|---|
| SMTP Server | smtp.office365.com |
| Port | 587 |
| Encryption | STARTTLS |
| Authentication | Required |
| Username | Your full business email |
| Password | Your Microsoft 365 password (or App Password) |
Port 587 with STARTTLS is the only officially supported configuration for Outlook SMTP in 2026. Microsoft deprecated SSL on port 465 for Outlook accounts. Don’t use port 25 — it’s blocked for authenticated client submission.
What’s the difference between personal Outlook and Microsoft 365 SMTP?
Personal accounts (@outlook.com, @hotmail.com, @live.com) use smtp-mail.outlook.com and generally work out of the box with your email and password.
Microsoft 365 business accounts are more complicated. SMTP AUTH — the protocol that lets third-party apps send email — is disabled by default at the tenant level in many Microsoft 365 organizations. If you’re getting “535 Authentication unsuccessful” errors on smtp.office365.com despite correct credentials, this is why.
Your IT admin needs to enable SMTP AUTH for your specific account (or org-wide). See the section below.
How do I enable SMTP AUTH for a Microsoft 365 account?
This is the step that trips up everyone using Outlook SMTP in a work/school environment.
As an admin in Microsoft 365 admin center:
- Go to admin.microsoft.com
- Navigate to Users > Active users
- Select the user account
- Click the Mail tab
- Under “Email apps”, click Manage email apps
- Enable Authenticated SMTP
- Save
If you’re the user (not the admin), you need to ask your IT admin to do this. There’s no workaround.
The Scenario: You set up a contact form for a client who uses Microsoft 365. Everything looks correct — right server, right port, right credentials. But every time you test it, the form hangs and logs show “535 Authentication unsuccessful.” You spend two hours checking the code. The code is fine. The admin just needs to flip one toggle in the Microsoft admin panel.
How do I set up an App Password for Outlook?
For personal Microsoft accounts, you can use an App Password instead of your main account password — useful if you have 2FA enabled (which you should).
- Go to account.microsoft.com/security
- Click Advanced security options
- Under “App passwords”, click Create a new app password
- Microsoft generates a password — copy it immediately
Use this 16-character code as the password in your SMTP config. Your regular Microsoft account password won’t work if 2FA is on.
How do I send email via Outlook SMTP in code?
PHP with PHPMailer
Install PHPMailer via Composer if you haven’t already:
composer require phpmailer/phpmailerPHPMailer config for a personal Outlook.com account:
<?php
use PHPMailer\PHPMailer\PHPMailer;
require 'vendor/autoload.php';
$mail = new PHPMailer(true);
$mail->isSMTP();
$mail->Host = 'smtp-mail.outlook.com'; // Use smtp.office365.com for M365
$mail->SMTPAuth = true;
$mail->Username = 'you@outlook.com';
$mail->Password = 'your-password-or-app-password';
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = 587;
$mail->setFrom('you@outlook.com', 'Your Name');
$mail->addAddress('recipient@example.com');
$mail->Subject = 'Test via Outlook SMTP';
$mail->Body = 'Sent through Outlook SMTP with PHPMailer.';
$mail->send();
echo 'Message sent.';For Microsoft 365, change Host to smtp.office365.com — everything else stays the same.
Python with smtplib
No extra packages needed:
import smtplib
from email.mime.text import MIMEText
smtp_server = "smtp-mail.outlook.com" # Use smtp.office365.com for M365
port = 587
sender = "you@outlook.com"
password = "your-password-or-app-password"
msg = MIMEText("Sent through Outlook SMTP.")
msg["Subject"] = "Test via Outlook SMTP"
msg["From"] = sender
msg["To"] = "recipient@example.com"
with smtplib.SMTP(smtp_server, port) as server:
server.ehlo()
server.starttls() # Required before login on port 587
server.login(sender, password)
server.sendmail(sender, "recipient@example.com", msg.as_string())
print("Email sent.")Node.js with Nodemailer
npm install nodemailerconst nodemailer = require("nodemailer");
const transporter = nodemailer.createTransport({
host: "smtp-mail.outlook.com", // Use smtp.office365.com for M365
port: 587,
secure: false, // STARTTLS — do NOT set to true on port 587
auth: {
user: "you@outlook.com",
pass: "your-password-or-app-password",
},
tls: {
ciphers: "SSLv3", // Some Outlook servers require this to avoid TLS negotiation errors
},
});
async function sendMail() {
await transporter.sendMail({
from: '"Your Name" <you@outlook.com>',
to: "recipient@example.com",
subject: "Test via Outlook SMTP",
text: "Sent through Outlook SMTP with Nodemailer.",
});
console.log("Email sent.");
}
sendMail().catch(console.error);The tls: { ciphers: "SSLv3" } option looks counterintuitive but fixes TLS negotiation errors that some Outlook SMTP endpoints throw in certain Node.js versions. Add it if you see ECONNRESET or wrong version number in your logs.
What are the Outlook SMTP sending limits?
| Account Type | Daily Limit |
|---|---|
| Personal Outlook.com / Hotmail | ~300 emails/day |
| Microsoft 365 (standard) | 10,000 recipients/day |
Personal account limits are tight. If you’re building anything that sends transactional email to more than a few hundred users per day, use a dedicated relay. For comparison, see how Gmail SMTP limits stack up — Gmail’s personal limit is 500/day, slightly higher.
Common Outlook SMTP errors and how to fix them
535-5.7.3 Authentication unsuccessful Most common cause on Microsoft 365: SMTP AUTH is disabled for the account. An admin needs to enable it (steps above). For personal accounts, check that you’re using the correct password or App Password.
530 5.7.57 SMTP; Client was not authenticated Same as above — SMTP AUTH issue on Microsoft 365.
ECONNRESET / TLS wrong version number (Node.js)
Add tls: { ciphers: "SSLv3" } to your Nodemailer transport config.
Connection refused on port 465 Microsoft deprecated SSL/port 465 for Outlook. Switch to port 587 with STARTTLS.
Relay access denied (550)
You’re trying to send from an address that doesn’t match the authenticated account. The From address must match the account you authenticated with.
If you need an alternative SMTP provider for custom domains, Zoho SMTP offers a free tier that’s simpler to configure for non-Microsoft domains.
FAQ
Can I use Outlook SMTP with a Hotmail address?
Yes. Hotmail, Live, and Outlook.com are all the same Microsoft account system. Use smtp-mail.outlook.com on port 587 regardless of which domain your address ends in.
Why does my Microsoft 365 SMTP keep failing even with the right password?
Most likely SMTP AUTH is disabled for your account at the tenant level. Your Microsoft 365 admin needs to enable it for your specific user account under Active Users > Mail > Manage email apps > Authenticated SMTP.
Does Outlook SMTP support OAuth 2.0?
Yes. Microsoft recommends OAuth 2.0 for production apps. Basic authentication (username + password / App Password) still works but Microsoft has been pushing organizations toward Modern Authentication. For a simple script or internal tool, password-based auth is fine.
Can I send emails from a custom domain using Outlook SMTP?
If your custom domain is connected to a Microsoft 365 account, yes — your you@yourdomain.com address can send through smtp.office365.com. Personal Outlook.com accounts only send from @outlook.com, @hotmail.com, or @live.com addresses.
What’s the difference between smtp.office365.com and smtp-mail.outlook.com?
smtp-mail.outlook.com is for personal Microsoft accounts (Outlook.com, Hotmail, Live). smtp.office365.com is for Microsoft 365 business/school accounts. Using the wrong one for your account type will cause authentication failures.
What to Read Next
- How to Use Gmail SMTP Server for Sending Email — Gmail’s setup, App Password process, and the 500/day personal limit
- How to Use Zoho Mail SMTP Server for Sending Email — good free SMTP option for custom domains
- The Gmail Secret: Unlimited Email Addresses from One Account — Plus and Dot addressing to track email leaks
