App Passwords for some email accounts

Problem reported by Pusparaj Raut - 2/18/2026 at 2:52 AM

Submitted

Hi,

In our environment, we enforce a strict password expiration policy (for example, every 90 days). However, certain email accounts are used exclusively for automated purposes such as:

Auto‑responders
System or application notifications
OTP or transactional email delivery

Similar to App Passwords in Google Workspace, I would like to understand:

Does SmarterMail support application‑specific passwords or tokens that can bypass standard password expiration policies?
If supported, can these app passwords be restricted in scope (e.g., IMAP/SMTP only) and managed independently of the primary user password?

3 Replies

Reply to Thread

Douglas Foster Replied

2/18/2026 at 12:51 PM

See my post about user categories. My request is similar, and probably a superset, to what you want to do. Th le request has been accepted as a feature request to go into the development planning process, but of course no commitment and no completion date

sbh Replied

2/18/2026 at 1:25 PM

If an account has 2FA enabled, it automatically makes 3 app passwords that are limited by protocol if that's any help? Not spotted a way to manually create them, but the functionality seems to be there at least. Clicking the view button lets you regenerate a new random password but doesn't look like you can pick a custom password.

sswords (IMAP/POP/SMTP, WebDAV, and LDAP)

Douglas Foster Replied

2/18/2026 at 1:28 PM

Been there, done that. The API is integral to webmail, so it handled using webmail rules, which require a response to the 2FA prompt

OUr direction is to run scripts with a system admin account that impersonates as needed. It will be protected by IP rather than 2FA.

Back to Community Threads

Please leave this box unchecked

Reply to Thread

Enter the verification text