Comparison of the result by default setting (FortiGuard server).

The alert mail setting with the default settings below works expected:

Fortigate# get system email-server
type : custom
reply-to :
server : notification.fortinet.net
port : 465
source-ip : 0.0.0.0
source-ip6 : ::
authenticate : disable
validate-server : disable
security : smtps
ssl-min-proto-version: default
interface-select-method: auto

Verifying the results by setting up the office365 mail server but never getting a correct response:

config system email-server
    set reply-to "te@ten.com"
    set server "smtp.office365.com"
    set port 587
    set authenticate enable
    set username "te@ten.com"
    set password ENC uN/
    set security starttls

From the debug log found the mail server response code 554:

diag debug reset
diag debug enable
diag debug console timestamp enable
diag debug application alertmail -1

2024-05-03 16:32:09 session: 0x8d64e90, rsp_state: data2, code: 554  <----- Means mail server did not accept the email.
2024-05-03 16:32:09 details: SendAsDenied; te@ten.com not allowed to send as FG@ten.com;   <----- STOREDRV.Submission.Exception:SendAsDeniedException.MapiE
xceptionSendAsDenied; Failed to process message due to a permanent exception with message

Based on the error message containing the invalid sender for the SMTP server, Office365 only allows specific sender names.

Modified the alertmail setting below then the status that works as expected:

config alertemail setting
    set username "FG@ten.com" <----- Modify it to te@ten.com.
    set mailto1 "ha@ten.com"
    set mailto2 "jo@ten.com"
    set HA-logs enable
    set antivirus-logs enable
    set configuration-changes-logs enable
end