You may want to consider utilizing an ESP’s SMTP services rather than the SMTP services intended to be used with standalone email client apps.
The OAuth 2.0 trend is for the latter.
App passwords are discouraged by Google (but still supported at the moment if you enable 2FA) and completely deprecated by Microsoft. Also app passwords are revoked when your main password is changed.
The other thing using an ESP avoids is volume limits, policy violation issues, etc.
ESPs tend to use long strong API keys for the SMTP “username/password” on the SMTP side And know how to support web apps because that’s their business. As a result, ESPs are much more likely to be compatible with web apps like Nextcloud Server.
For small volumes many ESPs have free levels so there’s really no downside either.
I’ve had many years of excellent results with the ESP Mailgun myself (in my home/SMB and with some low volume clients), but that’s just anecdotal. There are many well established ESPs. Others that I’ve also used with success are AWS SES (more enterprise-y) and Twilio Sendgrid.