Microsoft have been ramping up the security of their endpoints and its getting more complicated to get old devices to continue working.

TLS1.2 now required by default

https://docs.microsoft.com/en-us/microsoft-365/compliance/prepare-tls-1.2-in-office-365?view=o365-worldwide

My device is TLS 1.1 though, and i dont have a way to update the firmware to support TLS1.2 or TLS1.3

So Microsoft have a legacy TLS 1.1 endpoint endpoint which you can enable

https://techcommunity.microsoft.com/t5/exchange-team-blog/new-opt-in-endpoint-available-for-smtp-auth-clients-still/ba-p/2659652

Once enabled, you have to configured your devices to use smtp-legacy.office365.com

Microsoft is phasing out SMTP-AUTH in favour of OAUTH

SMTP-AUTH or basic auth is getting phased out. But similarly, devices dont support OAUTH yet.

So, you have to reenable SMTP-AUTH

https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/introducing-security-defaults/ba-p/1061414

You have to enable it in exchange in screen shot above, but ALSO you need to disable default security in azure.

Use app password since you have 2fa enabled

Finally since you have 2fa enabled, you will need to create an app password for you device to use.