WPO365 | MS GRAPH MAILER provides you with a modern, reliable and efficient way to send WordPress transactional emails from one of your Microsoft 365 / Exchange Online / Mail enabled accounts.

The plugin re-configures your WordPress website to send emails using the Microsoft Graph API instead of – for example – SMTP. Sending WordPress emails using the Microsoft Graph API has become the only available alternative after Microsoft has disabled basic authentication (username and password) over the SMTP protocol.


  • Send WordPress transactional emails from one of your Microsoft 365 Exchange Online / Mail enabled accounts using Microsoft Graph instead of – for example – SMTP.
  • Choose between delegated (send mail as a user) and application-level (send mail as any user) type permissions.


  • Send emails formatted as HTML.


  • Emails sent will be saved in the account’s mailbox in the Sent Items folder, further helping to track (successful) mail delivery.


  • Send files from your WordPress website as attachments.


  • Easy configuration with detailed step-by-step Getting started guide and video.
  • Send test email to recipients incl. CC, BCC and attachment.


The following features can be unlocked with the WPO365 | MAIL extension.


  • Add support to send WordPress emails with attachments larger than 3 MB using Microsoft Graph.


  • Send email as / on behalf of another user or distribution list.


  • Send email from Microsoft 365 Shared Mailbox.


  • Mail Staging Mode is useful for debugging and staging environments. WordPress emails will be logged and saved in the database instead of being sent.


  • Further improve overall security by choosing to store Azure Active Directory secrets in your WordPress WP-Config.php (on disk) and have those secrets removed from the database.


  • Log every email sent from your WordPress website, review errors and (automatically) try to send unsuccessfully sent mails again.


  • Allow forms to override “From” address e.g allow Contact Form 7 to dynamically configure the account used to send the email from (requires application-level Mail.Send permissions).


  • Throttle the number of emails sent from your website per minute.


  • Send emails as BCC instead and prevent reply-to-all mail pollution.


  • Configure a default reply-to mail address if this should differ from the account’s mail address that is used to send WordPress transactional emails from.


  • We have tested our plugin with WordPress >= 5.0 and PHP >= 5.6.40.
  • You need to be (Office 365) Tenant Administrator to configure both Azure Active Directory and the plugin.


We will go to great length trying to support you if the plugin doesn’t work as expected. Go to our Support Page to get in touch with us. We haven’t been able to test our plugin in all endless possible WordPress configurations and versions so we are keen to hear from you and happy to learn!


We are keen to hear from you so share your feedback with us on LinkedIn and help us get better!

Open Source

When you’re a developer and interested in the code you should have a look at our repo over at WordPress.


  • Configuration page
  • Mail audit log


Please refer to these Getting started articles for detailed installation and configuration instructions.


18 May 2023 1 reply
I've been using Mail Integration for Outlook for a few years and the migration to this plugin was so smooth and easy!
14 April 2023
This plugin does EXACTLY what it promises. Documentation is well prepared, thorough, and current. You don't need to be MS Azure AD certified to setup this plugin if you just follow the documentation step-by-step. And if you do run into issues, customer service is top notch! I was amazed by the response time. They really do seem to care about their customers and want to make sure the plugin is working correctly for you. I cannot say enough good things about this plugin and company. I HIGHLY recommend!
16 March 2023 1 reply
Everything worked smoothly as expected! Also the documentation is very clear and easy to follow. This is a great solution to send emails from Microsoft Office 365 from submited WordPress contact forms. Also it's a safer way to connect to a email system rather than SMTP.
10 March 2023 1 reply
The site I was working for had their emails migrated to 365. All the links/tutorials the host gave were basic assuming you had set up everything correctly like permissions and smtp authentications.. Was working on enabling SMTP for weeks. Till I found your plugin. And the step by step tutorial.. after almost a month trying all of the known SMTP plugins.. I would like to thank you for this one... You save me a lot of time... Thank you..
28 November 2022 1 reply
I have tried different solutions on different times. But this plugin really works and so much simpler settings. Really good plugin with detailed and easy to follow documentation. Thank you so much for this lovely plugin, Marco!
Read all 9 reviews

Contributors and Developers

“WPO365 | MICROSOFT 365 GRAPH MAILER” is open source software. The following people have contributed to this plugin.


Change Log


  • Feature: (Auto-) Retry sending failed emails using Microsoft Graph. See the online documentation for details. [MAIL]
  • Feature: Throttle nr. of emails send per minute using Microsoft Graph. See the online documentation for details. [MAIL]
  • Improvement: The WPO365 | MAIL premium addon now also unlocks the option to use WP-Config.php to override (some) config options. Now administrators can – for example on their staging environment – enable mail-staging mode, simply by adding a global constant to the WP-Config.php file. See the updated documentation. [MAIL]
  • Fix: Tested with PHP 8.2. [ALL]


  • Fix: The plugin update checker did not always return the expected result. [LOGIN, MS GRAPH MAILER]


  • Fix: Various modifications to Microsoft Graph Mailer configurator should make it easier and more intuitive to configure it.
  • Fix: In an attempt to prevent the error “cURL error 28: Operation timed out after 15001 milliseconds with 0 bytes received” when integrating with Microsoft Graph, the use of the Expect: header has been disabled by default.
  • Fix: [PREMIUM] The Log Viewer – to view and optionally resend emails sent using the Microsoft Graph Mailer – now calculates the last inserted logged item ID using MAX() instead of looking up the AUTO INCREMENT value, which may not be up-to-date.
  • Fix: [PREMIUM] If the license key can not be verified, it will not be deleted. The corresponding error is logged as an error.


  • Fix: The built-in Microsoft Graph Mailer for WordPress will now exclude any custom headers that do not start with x- or X-, to prevent Microsoft Graph from not sending the message and reporting the following error instead: “The internet message header name […] should start with ‘x-‘ or ‘X-‘.”. [LOGIN, MICROSOFT GRAPH MAILER]


  • Improvement: The WPO365 | MICROSOFT GRAPH MAILER plugin can now also log remotely to ApplicationInsights, allowing administrators to configure Azure’s Monitoring / Alerts feature e.g. to send an SMS whenever an exception is logged.
  • Fix: The Microsoft Graph Mailer for WordPress no longer “unauthorizes” itself, after it fails to retrieve an access token. Instead, WPO365 Health Messages are created and administrators should regularly check for errors.
  • Fix: Refactored the flow when sending emails from a different account than the one submitting the request to send an email to Microsoft Graph (= the default “From” account) to improve consistency, even when the alternative sending-from account is a Shared Mailbox, a Distribution List or Group or normal User Mailbox. [PREMIUM]


  • Feature: Administrators can now enable Mail Staging Mode. If enabled, the WPO365 plugin will not send emails using Microsoft Graph anymore but instead will write them to the central Mail Log. This makes especially sense for a staging environment. [PREMIUM]
  • Improvement: The WPO365 plugin will now handle forms (e.g. Contact Form 7) that propose to send emails from a different account than the “default from” mail account, after it handles any other option (e.g Shared Mailbox or Send as / Send on behalf of). The proposed “alternative from” therefore always prevail. It can also be any type of mailbox e.g. User Mailbox, Shared Mailbox or Distributionlist. But it’s up to the adminstrator to ensure that the “default from” mail account is a either a member (e.g. of the Shared Mailbox) or has sufficient permissions to send emails as / on behalf of an alternative account (e.g. the Distributionlist). [PREMIUM]
  • Fix: The initial OpenID Connect authorization request will now always include https://graph.microsoft.com/User.Read.
  • Fix: A public property $ErrorInfo has been added to the PHPMailer object to support integration with Gravity Forms.
  • Fix: The plugin now better understands – in the context of WordPress Multisite installations – whether the configuration must be retrieved / stored at site or at network level.


  • Fix: ID Token validation now also validates audiences that are defined using an Application ID URI instead of the Application ID (e.g. this is the case for Microsoft Teams). [LOGIN, MICROSOFT GRAPH MAILER]
  • Fix: The plugin does no longer rely on the HTTP_HOST key of the global $_SERVER variable, which – if not initialized – may cause a critical error on the website. [LOGIN, MICROSOFT GRAPH MAILER]
  • Fix: The link to launch the Mail Log Viewer would return “false” for FireFox users. [MAIL]


  • Improvement: The Microsoft Graph Mailer for WordPress will notify the administrator in the form of a WPO365 Health Message when another plugin with mail-sending capabilities is detected.
  • Fix: An alternative system for nonces has been introduced to work around the fact that some browsers would not send the WordPress auth cookie along with HTTP 302 redirect requests, causing WordPress nonce verification to fail unexpectedly, in which case the plugin would then log the warning “Could not successfully validate oidc nonce with value xyz”.


  • Fix: The recently added ID token verification did not take the mail-authorization flow into account.
  • Improvement: Administrators can now re-configure the WPO365 | LOGIN plugin to skip the ID token verification altogether, on the plugin’s Miscellaneous configuration page (but this is not recommended for production environments).


  • Fix: Various issues with the builtin license and update checker for premium extensions and bundles.


  • Fix: License check for WPO365 | MAIL extension would show “unknown error occurred” for valid licenses.
  • Fix: Update check for WPO365 | MAIL extension now better aligned with the recently updated license management service.


  • Fix: The Allow forms to override “From” address was only enabled for application-level Mail.Send permissions.
  • Fix: Overriding the “From” address was sometimes ignored.
  • Fix: Sending from a Shared Mailbox was sometimes ignored.



  • Fix: The mail authorization may falsely indicate that the plugin is not authorized to send emails using Microsoft Graph due to how the plugin compared permissions.


  • Feature: Websites that are using the [Mail Integration for Office 365/Outlook](https://wordpress.org/plugins/mail-integration-365/] are now urged to switch to WPO365 | MICROSOFT GRAPH MAILER or configure the builtin Microsoft Graph mail function of the WPO365 | LOGIN plugin. Consult the online migration guide for further details. [ALL]


  • Feature: The (premium version of the) Microsoft Graph Mailer can now send attachments larger than 3 MB.
  • Feature: The (premium version of the) Microsoft Graph Mailer can now send emails from a Shared Mailbox.
  • Improvement: Some parts of the source code have been updated to improve compatibility with PHP 8.1.


  • Fix: Mail authorization would fail with the error “Could not retrieve a tenant and application specific JSON Web Key Set and thus the JWT token cannot be verified successfully”.


  • Fix: The delegated mail authorization feature would – under circumstances – fail to get the mail specific tenant ID and as a result an attempt to refresh the access token may fail.


  • Fix: The Redirect URL field for the mail authorization is no longer greyed out and can be changed by administrators. [LOGIN]


  • Fix: Added missing files.


  • Change: Sending WordPress emails using Microsoft Graph can now also be configured with delegated permissions. Administrators are urged to review the documentation and to update their configuration. [LOGIN, MICROSOFT GRAPH MAILER]
  • Feature: Azure Active Directory secrets can now be stored in the website’s WP-Config.php and removed from the database. [MAIL]


  • Fix: If the plugin is configured to send WordPress emails using Microsoft Graph then it will now always replace the “from” email address if WordPress tries to sent emails from “wordpress@[sitename]”. WordPress will propose this email address is no email is set by the plugin sending the email (e.g. Contact Form 7). This email may pass checks as a valid email address but in reality this email address most likely does not exist. The option to fix the “localhost” issue has been removed since this fix improves the behavior for all hosts (incl. localhost). [ALL]


  • Improvement: When specified in – for example – an email form the “From” address will be used to send the email from (instead of the configured “From” address and if the address specified in the form appears to be valid). This behavior is a premium feature and not enabled by default.


  • Change: Sending mail as HTML is no longer a premium feature.
  • Change: Saving a sent mail in the Sent Items folder is no longer a premium feature.
  • Improvement: The Graph Mailer components have been refactored for improved logging / auditing.
  • Fix: Sending a test email with attachment is now supported by all versions.
  • Fix: The plugin will not try and send attachments larger than 3 Mb (the prevent the mail being refused by the Microsoft Graph API).


  • Fix: Several issues related to PHP 8.x have been fixed.


  • Updated README.txt


  • Improvement: The plugin will now honor a reply-to email address defined “externally” e.g. when using Contact Form 7.
  • Fix: Activating the plugin would case a critical error due to a class-loading error.


  • Fix: Compatibility update.


  • Fix: Some minor code issues were fixed after review.


  • Initial version.