After a weeks worth of experimentation, frustration and reading, trying to get the mailer plugin to be be able to send out email to smtp.office365.com, I found that it could be solved without code modification, but this is truly an annoyance of poor documentation (making users wade through countless different web sites to glean out what is truly needed), and perhaps an inadequate user interface.
On the Windows platform, the solution to this particular problem, required modification of the jenkins.xml file (adding -Dmail.smtp.starttls.enable=true to the java "arguments" XML node) and settings within two areas of the Jenkins overall configuration, at the "Jenkins Location" section and the "E-mail Notification" section.
For TLS (Transport Layer Security) to work on smtp.office365.com, the additional following settings needed to be part of the Jenkins configuration (via Manage Jenkins>Configure System).
It is IMPORTANT to note that BOTH the "E-mail Notification" section User Name AND the "Jenkins Location" section System Admin e-mail address must be valid smtp.office365.com users. If either one is not found in smtp.office365.com, one gets a "Client does not have permissions to send as this sender" error, but won't know which one is causing the problem. (Now why would one expect the System Admin e-mail address to be involved in this transaction when the focus is on the E-mail Notification User for SMTP Authentication? Coding defect perhaps?)
It is also important that the "Use SSL" element is UNCHECKED (SSL is not TLS, even though some programming references confuse the matter). If "Use SSL" is checked, the error "Unrecognized SSL message, plaintext connection?" will be generated.
Improving the Mailer plugin interface would go a long way to avoiding this general confusion/frustration.
First, the User Name under SMTP Authentication should be the sole entry which represents the "From" field (owner) of the message. That is, it should override the usage the System Admin e-mail address. Perhaps, when the User Name field is empty, it should contain 'hint' text of what is to be used (eg. System Admin e-mail, or the actual value of that entry). A help circle explaining the default contents of the field would be useful too, telling the user where the contents of the field is being obtained.
Second, replace the "Use SSL" checkbox with a "Security Protocol" dropDown/comboBox with the choices of SSL and TLS (spelled out too perhaps, eg. Transport Layer Security (TLS)). The selection of SSL would modify the "Port" entry to the standard default of 465. The selection of TLS would modify the "Port" entry to the standard default of 587. (The "Port" field would still be able to be manually modified.) If placing values into "Port" field is not palatable, certainly explain which default port will be used for which protocol in help documentation.
These changes would keep the users out of hacking at the java command line and more than likely make them successful the first time, instead of the umpteenth time,if at all.