We need to report whether SMTP AUTH is disabled at the tenant level. Today the inspector output doesn’t include an attribute that represents this setting, which blocks compliance reporting and alerting.