chatmail
Office/Outlook 365 will no longer support Basic Auth by Oct 1st, 2022
- Android version: 10
- Device: redmi note 7
- Delta Chat version: 1.28.3
- Expected behavior: Receive mail normally.
- Actual behavior:Unable to receive mail normally. Login failed, but mail can be sent.
- Steps to reproduce the problem:Log in to office 365 or outlook mailbox using IMAP protocol.
- Screenshots:
- Logs:
I have no error log because I have enabled IMAP protocol manually. However, I learned from Microsoft that the IMAP protocol will be completely closed and cannot be re enabled by October 2022.This will affect the recipients of all outlook users who use Delta chat.At present, there is no appropriate solution. Their official suggestion is to use modern verification.
See here: https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-september-2021-update/ba-p/2772210
I feel sad about it. I wonder if delta chat can support office365 in the future.
Add: smtp protocol won't be affected . It means that we can still send emails.
I have no error log because I have enabled IMAP protocol manually.
so, as of now, IMAP works with Outlook for you (after manually having it enabled in some settings)?
Yes, it works normally now.
p.s. I just looked at the relevant notice and found that the users of personal outlook may not be affected, but I am sure that the users of office 365 will be affected.
@Micraow Thank you for your report.
I feel sad about it. I wonder if delta chat can support office365 in the future.
The article points out that "Basic Auth" can be reenabled by the user, and opt-outing from this procedure can be requested, too. Therefore I see no issue that Outlook 365 would not comply with clients using basic authentification, like Delta Chat does.
@Micraow Thank you for your report.
I feel sad about it. I wonder if delta chat can support office365 in the future.
The article points out that "Basic Auth" can be reenabled by the user, and opt-outing from this procedure can be requested, too. Therefore I see no issue that Outlook 365 would not comply with clients using basic authentification, like Delta Chat does.
I know, but it can only be enabled temporarily.
There is a sentence in the notice:
starting October 1, 2022, we’ll begin turning off Basic Auth in all tenants, regardless of usage.
I think it means that on October 1, 2022, all users can no longer use IMAP.
(I come from a non English speaking country and English is not my mother tongue. If I have a wrong understanding of this notice, please point out that ,maybe I just understand the wrong meaning.)
The article says:
In 2022, as we roll out the changes necessary to support this effort, we will begin disabling Basic Auth for some customers with usage on a short-term and temporary basis.
So I think Microsoft mean the performance of disabling Basic Auth itself to be temporary. And still you have the possibility to opt out from this action, so before they decide to apply it again, just opt out and you should not be bothered again.
@Micraow I believe there is nothing we could or should do, so I am closing this issue. In case you feel closing here was not justified, please let us know, thank you.
Eh, but i think here's something that we should know: At the end of this article, there is such a Q & A:
How can I get a longer exception? I still want to use Basic Auth after October 2022
We are not providing the ability to use Basic Auth after October 2022. You should ensure your dependency on Basic Auth in Exchange Online has been removed by that time.
@Micraow You are right, I should have read the whole article, therefore reopening and renaming your issue adequately. :)
Microsoft 365 and Outlook.com support the OAuth 2.0 protocol, and so does Delta Chat. You could give it a try and report back here, we appreciate your valueable feedback in this regard. You may want to start with reading this Microsoft article:
https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
Thank you in advance!
Can you tell me how to do it? I don't seem to have found the relevant options. I just changed the authentication mode from automatic to OAuth. However, it doesn't work.Prompt failed to get token.
Here is my log: https://pastebin.com/rwtgraEz
Can I make a request by the way? 163 mailbox, the most popular mailbox in China, has the widest user group (many people even think of 163 mailbox when they think of mailbox), and it is very fast.however, Delta Chat doesn't support it. The reason is that it needs an "IMAP ID". I don't think it seems to be a very troublesome thing. Can the developers of delta chat make efforts to make 163 mail available?
@Micraow Is it a free service or is it paid? Does it have IMAP? If it does not block foreign IPs, I try to create an account and see if there is any need to enter particular settings 🤔
In most cases, it's paid, but as a developer, you can easily get it for free. See here: https://developer.microsoft.com/microsoft-365/dev-program
Yes, it has IMAP, and can work well. It doesn't block any IPs. After you create a subscription , just create a user at admin.microsoft.com and test it.
Moreover, if you need a test mailbox, I am willing to offer one.
@Micraow Is it a free service or is it paid? Does it have IMAP? If it does not block foreign IPs, I try to create an account and see if there is any need to enter particular settings 🤔
I just misunderstood you.163 mail is free. And it has IMAP, but it needs some additional settings (like QQ mail). It doesn't block foreign IPs
Can the developers of delta chat make efforts to make 163 mail available?
@Micraow Do you have information on how other apps like Thunderbird connect to 163? In any case, please open a new issue in https://github.com/deltachat/provider-db/issues for your additional request, thank you. Regarding OAuth, I will see what I can find in the meantime and will come back here soon...
@Micraow Currently OAuth support is available for Gmail, but not for Outlook 365. Discussions and most likely a decision whether we are going to support Microsoft accounts, too, will follow at a later date. So no confirmation or denial, that is the current status...
Dear All
I would love to introduce Delta Chat to my colleagues.
Unfortunately, many of them use the Office365 mailboxes.
I was able to authenticate my corporate mailbox with K-9 on Android. This means, that properly implemented OAuth is allowed on the Microsoft's cloud.
What are the current obstacles to implementing the Office365 compatibility in Delta Chat?
I had a brief look at this. Il looks like it should suffices to register deltachat as an application with Microsoft here https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#register-your-application and to add the resulting info in deltachat-core-rust/src/oauth2.rs
I guess that some established delta chat developer should do the registration; who do I contact about this?
I'd like to recommend Delta Chat to far more people, but unfortunately a lot are using office365. Would love to help on this, if someone points me in the right direction, i'd give it a try.
Thing is that only Delta Chat Android supports OAUTH at all. We would need to start a serious "OAUTH" effort on all platforms and then register with Office365 -- for GMail/OAuth we had to produce three videos and argue in a very particular way until it was approved. So Office365/OAuth overall seems a pretty extensive effort and i think most of the currently active contributors are reluctant to prioritize support for Microsoft platforms -- also it's unclear if MS' Rate-limiting settings are fitting for chat-usage.
So unless there is a motivated developer (say for Desktop or iOS) who wants to first implement GMail/OAUTH, our overall story for Office365/OAuth will not improve in the next couple of month.
On Mon, Jun 26, 2023 at 22:08 -0700, buster wrote:
I'd like to recommend Delta Chat to far more people, but unfortunately a lot are using office365. Would love to help on this, if someone points me in the right direction, i'd give it a try.
-- Reply to this email directly or view it on GitHub: https://github.com/deltachat/deltachat-core-rust/issues/3196#issuecomment-1608807403 You are receiving this because you were mentioned.
Message ID: @.***>
I had no idea about this context. Thank you for providing it.
If Google was reluctant, even though they don't have a populat chat application, then MS is going to be straight hostile, as Delta is a competitor to Teams. RIP OAuth.
Microsoft themselves refer to the official OAuth 2.0 authorization code flow. As we already offer OAuth login for Gmail accounts, I expect efforts to implement support for the Microsoft identity platform to be less extensive, but that is just my interpretation, of course. I believe most work has already been done, and I would like to encourage the devs to read this article to surpass their "MS retention" ;) :
https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
Here is an answer saying it should not affect hotmail.com and outlook.com addresses: https://answers.microsoft.com/en-us/outlook_com/forum/all/basic-authentication-deprecation-in-exchange/97729922-c4bf-4e29-b068-812b595afc58
Given that it does not actually affect hotmail.com and outlook.com, should be closed without fixing I guess?
I hope not, as it does affect office365, which is the only reason I can't use delta chat and promote it in my social network.
I hope not, as it does affect office365, which is the only reason I can't use delta chat and promote it in my social network.
+1