To connect Outlook email to OpenClaw via IMAP and SMTP, add your Outlook account credentials and server settings to OpenClaw's config — no Azure app registration required. OpenClaw can then read, search, and send Outlook emails through standard IMAP and SMTP protocols. This is the simpler Outlook integration, suited for basic email workflows without the full Microsoft Graph API setup.
Why Use Outlook IMAP/SMTP in OpenClaw?
The Outlook IMAP/SMTP integration is the quickest path to connecting Outlook email to OpenClaw. Unlike the Microsoft Graph integration, which requires registering an Azure application and configuring API permissions, IMAP/SMTP works with just your Outlook credentials — the same username and password (or App Password) you use to sign in. For users who need to read and send Outlook emails in OpenClaw workflows without calendar access, this is the right starting point.
IMAP gives OpenClaw read access to your mailbox: list folders, fetch messages by filter or date range, mark messages as read, and move them between folders. SMTP gives OpenClaw the ability to send emails from your account. Together, these two protocols cover the core email use cases — inbox monitoring, automated responses, notification sending, and email-triggered workflows — without requiring any Microsoft developer tooling.
The main limitation is scope: IMAP and SMTP cover email only. If your workflow needs calendar events, contacts, Teams integration, or other Microsoft 365 data, the Microsoft Graph integration is the correct path. IMAP also has an important caveat for Microsoft 365 organizational accounts: Microsoft has been disabling 'basic authentication' (username/password IMAP) in favor of OAuth-based IMAP. If you are on a work Microsoft 365 account and IMAP authentication fails, your organization may have disabled basic auth and you will need to use the Graph API integration instead.
Integration method
This integration connects OpenClaw to Outlook email using standard IMAP (for reading mail) and SMTP (for sending mail) protocols. It does not require an Azure app registration or Microsoft Graph API setup — only your Outlook account credentials and the standard Microsoft IMAP/SMTP server addresses. This makes it the fastest way to get Outlook email flowing through OpenClaw, though it is limited to email only (no calendar or contacts access without the Graph API integration).
Prerequisites
- OpenClaw installed and running (version 1.0 or later)
- An Outlook.com account or Microsoft 365 email account
- IMAP access enabled for your Outlook account (on by default for Outlook.com; may need IT admin for Microsoft 365 org accounts)
- If your account has two-factor authentication enabled: an App Password generated from your Microsoft account security settings
- Knowledge of whether your account is a personal Outlook.com address or an organizational Microsoft 365 address (determines which server settings to use)
Step-by-step guide
Enable IMAP Access and Generate an App Password
Enable IMAP Access and Generate an App Password
For personal Outlook.com accounts, IMAP is enabled by default. Verify by going to outlook.com > Settings (gear icon) > Mail > Sync email > and checking that IMAP is on. The toggle should read 'IMAP enabled'. For Microsoft 365 organizational accounts, IMAP may be disabled by your IT administrator. Contact IT to confirm IMAP is enabled for your mailbox, or check via PowerShell if you have admin rights. If your Microsoft account has two-factor authentication (2FA) enabled — which is strongly recommended — you cannot use your regular account password for IMAP. Instead, you need an App Password: a one-time-use 16-character password that works without 2FA prompts. To generate an App Password: go to account.microsoft.com > Security > Advanced security options > App passwords > Create a new app password. Name it 'OpenClaw IMAP'. Microsoft generates and displays the password — copy it immediately. This is what you will use as your password in the OpenClaw config (not your regular account password). If your account does not use 2FA (not recommended), use your regular password. Note that Microsoft may prompt you to set up 2FA; doing so improves account security.
1# Outlook IMAP server settings:2# IMAP host: outlook.office365.com3# IMAP port: 993 (SSL)4# SMTP host: smtp.office365.com5# SMTP port: 587 (STARTTLS)67# For personal Outlook.com accounts:8# IMAP host: imap-mail.outlook.com9# IMAP port: 993 (SSL)10# SMTP host: smtp-mail.outlook.com11# SMTP port: 587 (STARTTLS)1213# Test IMAP connection (requires openssl):14openssl s_client -connect outlook.office365.com:993 -quiet15# Should connect and show server greeting16# Press Ctrl+C to exitPro tip: Always generate an App Password rather than using your real account password for IMAP — if the App Password is ever compromised, you can revoke only that password without changing your main account password or disrupting other services.
Expected result: IMAP is enabled for your Outlook account and you have either an App Password (if 2FA is on) or your account password ready to configure in OpenClaw.
Configure IMAP and SMTP Settings in OpenClaw
Configure IMAP and SMTP Settings in OpenClaw
Open `~/.openclaw/config.yaml` and add the Outlook email integration block. The config needs your email address, password or App Password, and the IMAP/SMTP server settings for your account type. Use `outlook.office365.com` for Microsoft 365 organizational accounts and `imap-mail.outlook.com` for personal Outlook.com accounts. Both use port 993 for IMAP with SSL. For SMTP, both support port 587 with STARTTLS. The `poll_interval` setting controls how often OpenClaw checks the IMAP inbox for new messages. 300 seconds (5 minutes) is a good default for most workflows — shorter intervals are possible but increase server load and may trigger Microsoft's rate limiting if set below 60 seconds. The `folders` setting specifies which IMAP folders to monitor. `INBOX` is the standard inbox. You can add `Junk`, `Drafts`, or custom folders if your workflows need to process email from those locations.
1# ~/.openclaw/config.yaml2integrations:3 outlook-imap:4 # Account credentials5 email: "your-email@outlook.com"6 password: "YOUR_APP_PASSWORD_OR_ACCOUNT_PASSWORD"78 # IMAP settings (for reading email)9 imap_host: "imap-mail.outlook.com" # Use outlook.office365.com for M365 org accounts10 imap_port: 99311 imap_ssl: true12 folders:13 - "INBOX"14 # - "Junk" # Uncomment to monitor junk folder too1516 # SMTP settings (for sending email)17 smtp_host: "smtp-mail.outlook.com" # Use smtp.office365.com for M365 org accounts18 smtp_port: 58719 smtp_starttls: true2021 # Behavior settings22 poll_interval: 300 # Seconds between inbox checks23 mark_as_read: false # Mark fetched emails as read (default: false)24 fetch_body: true # Include email body text in queriesPro tip: Set `mark_as_read: false` (the default) unless your workflow explicitly needs to track read state — accidentally marking all fetched emails as read can be disruptive if you also read your inbox through a regular email client.
Expected result: Config saves without errors. `openclaw reload` logs a successful IMAP connection and lists the configured folders.
Test IMAP Email Reading
Test IMAP Email Reading
With the config in place, test that OpenClaw can successfully read emails from your Outlook inbox via IMAP. The test commands below use the direct IMAP query syntax that OpenClaw exposes for email integrations. Start by retrieving the most recent emails from the inbox without any filters. This confirms authentication and basic connectivity. Then test a filtered query to verify the search functionality works — this is the basis for trigger conditions in automation workflows. If the initial connection fails with an authentication error, verify you are using an App Password (not your real account password) if 2FA is enabled. If the connection times out, check that your firewall allows outbound connections on port 993. OpenClaw stores the timestamp of the last-fetched email and only returns newer messages on subsequent queries — this prevents duplicate processing in polling workflows.
1# Test reading recent emails via OpenClaw's IMAP integration2# These commands test the integration directly from the config:34# Verify IMAP connection and list folders:5curl -v --silent imaps://imap-mail.outlook.com \6 --user "your-email@outlook.com:YOUR_APP_PASSWORD" 2>&1 | grep '\*'78# Use openssl for a more detailed IMAP test:9openssl s_client -connect imap-mail.outlook.com:993 -quiet <<EOF10A001 LOGIN your-email@outlook.com YOUR_APP_PASSWORD11A002 LIST "" "*"12A003 EXAMINE INBOX13A004 LOGOUT14EOF1516# Expected output includes:17# OK LOGIN completed18# INBOX details (number of messages, recent messages)19# OK LOGOUT completedPro tip: If the IMAP test returns 'AUTHENTICATE failed' specifically (not a network timeout), your account has modern authentication enabled and basic IMAP auth is blocked. In this case, use the Microsoft Graph integration instead — it supports OAuth-based IMAP.
Expected result: The IMAP test connection succeeds, shows your inbox folder details, and lists recent messages. OpenClaw can read your Outlook inbox.
Test SMTP Email Sending
Test SMTP Email Sending
Verify that OpenClaw can send emails from your Outlook account via SMTP. This is needed for any workflow that sends notifications, replies, or outbound messages using your Outlook account as the sender. The test below sends a message to yourself — this is the safest way to verify SMTP without accidentally sending test emails to real contacts. If you see the message arrive in your own inbox within a minute, SMTP is configured correctly. Microsoft's SMTP servers require STARTTLS on port 587 — plain text SMTP without TLS is rejected. Ensure `smtp_starttls: true` is set in your config. Port 465 with SSL is also supported; the config uses 587 with STARTTLS by default because it is more widely compatible with network firewall rules. Note that Microsoft imposes daily sending limits on SMTP: up to 300 messages per day for personal Outlook.com accounts and up to 10,000 per day for Microsoft 365 plans. For high-volume sending needs, consider the Microsoft Graph integration which has better rate limit handling.
1# Test SMTP sending with swaks (install with: brew install swaks or apt install swaks)2swaks --to your-email@outlook.com \3 --from your-email@outlook.com \4 --server smtp-mail.outlook.com \5 --port 587 \6 --auth LOGIN \7 --auth-user your-email@outlook.com \8 --auth-password YOUR_APP_PASSWORD \9 --tls \10 --header 'Subject: OpenClaw SMTP Test' \11 --body 'This is a test email from OpenClaw SMTP configuration.'1213# Alternative with openssl:14openssl s_client -starttls smtp -connect smtp-mail.outlook.com:587 -quiet15# Then manually type SMTP commands to test authenticationPro tip: If SMTP authentication fails for a Microsoft 365 organizational account, your tenant may have disabled SMTP AUTH. Check with your IT admin — they can enable it per-mailbox in the Microsoft 365 admin center under Active users > your account > Mail > Manage email apps > Authenticated SMTP.
Expected result: The test email arrives in your inbox within 60 seconds. SMTP is configured correctly and OpenClaw can send emails from your Outlook account.
Configure Inbox Monitoring and Email Workflows
Configure Inbox Monitoring and Email Workflows
With both IMAP read and SMTP send verified, build OpenClaw workflows that use the Outlook email integration. The most common pattern is a trigger-based workflow: OpenClaw polls the IMAP inbox on the configured interval, finds new messages matching your conditions, and executes downstream actions for each match. The workflow config uses the `outlook-imap` integration key. Trigger conditions can filter by sender email, subject text, or whether an attachment is present. The email fields available in workflow actions include `subject`, `from`, `body`, `date`, and `attachments`. For notification workflows that send outbound emails in response to other trigger events — a new Calendly booking, a system alert, a scheduled digest — configure the SMTP send action directly in the actions block without a polling trigger. RapidDev's team recommends keeping inbox monitoring workflows simple at first — start with subject line filtering before adding body text analysis, since body parsing logic can get complex with HTML email formatting.
1# ~/.openclaw/config.yaml — Outlook IMAP workflow examples2workflows:3 outlook-subject-monitor:4 trigger:5 integration: outlook-imap6 event: new-message7 conditions:8 - field: subject9 contains: ["urgent", "action required", "invoice"]10 actions:11 - type: log12 message: "Flagged email: {{message.subject}} from {{message.from}}"1314 daily-inbox-summary:15 trigger:16 type: schedule17 cron: "0 9 * * MON-FRI" # Weekdays at 9 AM18 actions:19 - type: integration-query20 integration: outlook-imap21 query: messages22 params:23 folder: "INBOX"24 since_hours: 2425 unread_only: true26 - type: log27 message: "You have {{result.count}} unread emails from the last 24 hours"2829 send-notification:30 trigger:31 type: manual32 actions:33 - type: integration-call34 integration: outlook-imap35 action: send-email36 params:37 to: "recipient@example.com"38 subject: "OpenClaw Notification"39 body: "This message was sent automatically by OpenClaw."Pro tip: Use the `since_hours` parameter in polling queries rather than a fixed timestamp — this creates a sliding window that always looks back a consistent amount of time, rather than a fixed date that becomes stale and stops returning new emails.
Expected result: OpenClaw monitors the Outlook inbox and sends emails via SMTP as configured in the workflow definitions.
Common use cases
Inbox Monitoring and Alert Triggers
Configure OpenClaw to monitor your Outlook inbox via IMAP and trigger automation workflows when specific emails arrive — from particular senders, with specific subject keywords, or with attachments. This is the simplest form of email automation and requires no Azure setup.
Configure OpenClaw to check the Outlook inbox every 5 minutes via IMAP and log the subject and sender of any unread emails received in the last hour
Copy this prompt to try it in OpenClaw
Automated Email Sending from Workflows
Use OpenClaw to send Outlook emails as part of larger automation workflows. When a triggered event occurs — a new booking, a completed task, a system alert — OpenClaw composes and sends a notification email via SMTP using your Outlook account as the sender.
Set up OpenClaw to send an Outlook email via SMTP to admin@company.com when a configured trigger fires, with the subject 'OpenClaw Alert' and a body summarizing the trigger event details
Copy this prompt to try it in OpenClaw
Email Search and Extraction
Search your Outlook mailbox for emails matching specific criteria and extract data from them — useful for pulling order confirmations, invoice details, or status updates from incoming emails without manually reviewing the inbox.
Query my Outlook inbox via IMAP for the 10 most recent emails with 'invoice' in the subject line and extract the sender, date, and first line of the body from each
Copy this prompt to try it in OpenClaw
Troubleshooting
IMAP authentication fails with 'Authentication failed' even though credentials look correct
Cause: If your account has 2FA enabled, you must use an App Password rather than your regular account password. Regular passwords are rejected by IMAP when 2FA is active. Alternatively, your Microsoft 365 organization may have disabled basic authentication (username/password IMAP).
Solution: Generate an App Password at account.microsoft.com > Security > Advanced security options > App passwords. Use the generated password (not your account password) in the OpenClaw config. If your org has disabled basic auth entirely, you will need to use the Microsoft Graph integration instead.
1# Test with App Password:2curl -v imaps://imap-mail.outlook.com \3 --user "your-email@outlook.com:16_CHAR_APP_PASSWORD"4# 200 = authenticated, 'Authentication failed' = wrong password or 2FA blockingSMTP sending fails with '535 Authentication unsuccessful'
Cause: SMTP AUTH may be disabled for your mailbox (common in Microsoft 365 organizational accounts as a security measure) or the password is incorrect.
Solution: For Microsoft 365 org accounts: ask your IT admin to enable 'Authenticated SMTP' for your mailbox in the Microsoft 365 admin center (Active users > your account > Mail > Manage email apps). For personal accounts, verify you are using the App Password if 2FA is enabled.
1# Verify SMTP AUTH is enabled for your mailbox (admin PowerShell):2# Get-CASMailbox -Identity user@domain.com | Select SmtpClientAuthenticationDisabled3# If True, run:4# Set-CASMailbox -Identity user@domain.com -SmtpClientAuthenticationDisabled $falseOpenClaw receives duplicate emails — the same messages appear in every polling cycle
Cause: The last-seen message timestamp is not being persisted between OpenClaw restarts, or the `mark_as_read` option interacts unexpectedly with the duplicate detection logic.
Solution: Check that OpenClaw has write access to its data directory (`~/.openclaw/data/`) where it stores the last-fetched timestamp. Verify the data directory exists and is writable. If OpenClaw restarted recently, it may have lost the last-seen state and re-fetched recent messages once — this should resolve after the first successful polling cycle.
1# Check OpenClaw data directory permissions:2ls -la ~/.openclaw/data/3# Should show read/write permissions for your user4mkdir -p ~/.openclaw/data && chmod 700 ~/.openclaw/dataclawhub integration shows 429 rate limit after frequent IMAP polling
Cause: Microsoft imposes connection and request rate limits on IMAP connections. Polling more frequently than once per minute, or opening many simultaneous IMAP connections, can trigger rate limiting.
Solution: Increase `poll_interval` to at least 300 seconds (5 minutes). Avoid running multiple OpenClaw instances monitoring the same mailbox. If you need faster email processing, consider the Microsoft Graph integration, which has better-documented and more generous rate limits than IMAP.
1# In ~/.openclaw/config.yaml:2integrations:3 outlook-imap:4 poll_interval: 300 # Minimum recommended interval for Microsoft IMAPBest practices
- Always use an App Password for IMAP/SMTP rather than your main account password — this limits the blast radius of a credential compromise and lets you revoke IMAP access independently of your main account.
- Enable two-factor authentication on your Microsoft account if you have not already — this is an account security best practice independent of the OpenClaw integration.
- Use the Microsoft Graph integration instead of IMAP if your Microsoft 365 organization has disabled basic authentication — many organizations are moving to OAuth-only auth, and IMAP basic auth will eventually stop working for all M365 accounts.
- Set `poll_interval` to at least 300 seconds — Microsoft's IMAP servers throttle connections that poll more frequently, and email automation workflows rarely need sub-minute latency.
- Test workflows against a secondary or test email account before pointing them at your primary inbox — email automation bugs can generate floods of messages or incorrectly mark emails as read.
- For workflows that send emails via SMTP, include a rate limiting mechanism to stay under Microsoft's daily sending limits (300 for personal, 10,000 for M365).
- Document which App Passwords you have generated and what they are used for — Microsoft's App Password management interface shows passwords by name only, and an undocumented old password is easy to accidentally revoke.
Alternatives
Microsoft Graph provides full access to Outlook calendar, contacts, and Teams in addition to email — use it instead of IMAP if you need more than basic read/send email functionality, or if your organization has disabled basic IMAP authentication.
Gmail also supports IMAP/SMTP integration with OpenClaw and uses a similar App Password model — use it if your email is hosted with Google rather than Microsoft.
Email Daily Summary is a ClawHub skill for automated daily email digests — use it for lightweight email summarization without the manual IMAP configuration this integration requires.
Google Calendar via Maton is the Google equivalent for calendar automation — if you need calendar access rather than email, this is the integration to use on the Google side.
Frequently asked questions
How do I connect Outlook to OpenClaw using IMAP?
Add your Outlook email address and password (or App Password if 2FA is enabled) to the `outlook-imap` block in `~/.openclaw/config.yaml`, along with the IMAP server `imap-mail.outlook.com` on port 993. For Microsoft 365 organizational accounts, use `outlook.office365.com`. Reload OpenClaw to activate the connection.
Do I need an App Password for Outlook IMAP in OpenClaw?
Yes, if your Microsoft account has two-factor authentication (2FA) enabled — and it should for security reasons. Generate an App Password at account.microsoft.com > Security > Advanced security options > App passwords. Use this 16-character password in your OpenClaw config instead of your main account password.
What is the difference between Outlook IMAP and Outlook Microsoft Graph in OpenClaw?
The IMAP integration covers email read and send only — it uses standard protocols, requires no Azure setup, and works in minutes. Microsoft Graph provides the full M365 experience: email plus calendar, contacts, Teams meeting links, and advanced filtering. If you only need email, start with IMAP. If you need calendar data or your org has disabled basic IMAP auth, use the Graph integration.
Why is my Outlook IMAP authentication failing in OpenClaw?
The most common causes are: using your main account password instead of an App Password when 2FA is enabled (generate one at account.microsoft.com), or your Microsoft 365 organization has disabled basic authentication for IMAP (contact your IT admin or switch to the Microsoft Graph integration). Also verify IMAP is enabled in Outlook.com Settings > Mail > Sync email.
What Outlook IMAP and SMTP server settings should I use?
For personal Outlook.com accounts: IMAP host `imap-mail.outlook.com` port 993 SSL, SMTP host `smtp-mail.outlook.com` port 587 STARTTLS. For Microsoft 365 organizational accounts: IMAP host `outlook.office365.com` port 993 SSL, SMTP host `smtp.office365.com` port 587 STARTTLS.
Can RapidDev help set up Outlook email automation in OpenClaw?
Yes — RapidDev can help configure both the Outlook IMAP/SMTP integration and the more advanced Microsoft Graph integration for OpenClaw. If you are running into authentication issues specific to your organization's Microsoft 365 configuration, RapidDev's team can help diagnose the issue and choose the right integration approach for your environment.
Will Outlook IMAP continue to work in the future as Microsoft moves to OAuth?
Microsoft is gradually phasing out basic authentication (username/password IMAP) in favor of OAuth-based authentication. For Microsoft 365 organizational accounts, basic auth has been disabled in many tenants. For personal Outlook.com accounts, basic auth still works as of March 2026 with App Passwords. Long-term, the Microsoft Graph integration (which uses OAuth) is the more durable choice if you anticipate your org tightening authentication policies.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation