Azure AD Conditional Access has been updated and is now supporting legacy clients like POP, IMAP or SMTP.
If you wish to implement conditional access for these legacy clients/protocols, you need to choose the Other clients – available after click on the Advanced link – when configuring the conditional access
EWS (Exchange Web Service) will be identified as Other clients when it uses Basic authentication, otherwise will be identified as modern application and as such is covered by the Mobile apps and desktop clients option.
The “Other clients” option does not support controls like MFA, compliance or domain joined.