Net_SMTP icon indicating copy to clipboard operation
Net_SMTP copied to clipboard
verified publisher icon pear

SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) supports

Open Neustradamus opened this issue 6 years ago • 29 comments

Can you add the SCRAM supports?

For example Rouncube has needed: https://github.com/roundcube/roundcubemail/issues/6917

Cyrus SASL supports:

  • SCRAM-SHA-1
  • SCRAM-SHA-1-PLUS
  • SCRAM-SHA-224
  • SCRAM-SHA-224-PLUS
  • SCRAM-SHA-256
  • SCRAM-SHA-256-PLUS
  • SCRAM-SHA-384
  • SCRAM-SHA-384-PLUS
  • SCRAM-SHA-512
  • SCRAM-SHA-512-PLUS

-> https://cyrusimap.org/sasl/sasl/authentication_mechanisms.html -> https://github.com/cyrusimap/cyrus-sasl/commits/master

Dovecot SASL supports:

  • SCRAM-SHA-1
  • SCRAM-SHA-256

-> https://doc.dovecot.org/configuration_manual/authentication/password_schemes/

GNU SASL supports:

  • SCRAM-SHA-1
  • SCRAM-SHA-1-PLUS
  • SCRAM-SHA-256
  • SCRAM-SHA-256-PLUS

-> http://www.gnu.org/software/gsasl/

"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]".

  • SCRAM-SHA-1(-PLUS): -- https://tools.ietf.org/html/rfc5802 -- https://tools.ietf.org/html/rfc6120

  • SCRAM-SHA-256(-PLUS): -- https://tools.ietf.org/html/rfc7677 since 2015-11-02 -- https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA

  • SCRAM-SHA-512(-PLUS): -- https://tools.ietf.org/html/draft-melnikov-scram-sha-512

  • SCRAM-SHA3-512(-PLUS): -- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512

  • SCRAM BIS: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms: -- https://tools.ietf.org/html/draft-melnikov-scram-bis

https://xmpp.org/extensions/inbox/hash-recommendations.html

-PLUS variants:

  • RFC5056: On the Use of Channel Bindings to Secure Channels: https://tools.ietf.org/html/rfc5056
  • RFC5929: Channel Bindings for TLS: https://tools.ietf.org/html/rfc5929
  • Channel-Binding Types: https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml
  • RFC 9266: Channel Bindings for TLS 1.3: https://tools.ietf.org/html/rfc9266

IMAP:

  • RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2: https://tools.ietf.org/html/rfc9051

LDAP:

  • RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803

HTTP:

  • RFC7804: Salted Challenge Response HTTP Authentication Mechanism: https://tools.ietf.org/html/rfc7804

2FA:

  • Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: https://datatracker.ietf.org/doc/html/draft-ietf-kitten-scram-2fa

IANA:

  • Simple Authentication and Security Layer (SASL) Mechanisms: https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml

Linked to:

  • https://github.com/scram-xmpp/info/issues/1

Neustradamus avatar Nov 17 '19 18:11 Neustradamus

I don't have any plans to implement this myself, but I would gladly review a patch that adds this support.

jparise avatar Nov 30 '19 23:11 jparise

@jparise: 11 months after, have you looked?

I have added drafts "Channel Bindings for SCRAM over TLS 1.3 / SCRAM-SHA-512(-PLUS) / SCRAM-SHA3-512(-PLUS) / 2FA" and added details of Cyrus SASL / Dovecot SASL / GNU SASL.

Thanks a lot in advance.

Neustradamus avatar Oct 31 '20 19:10 Neustradamus

As I said earlier, I'd be glad to review a Pull Request that adds support for these new algorithms.

jparise avatar Mar 18 '21 18:03 jparise

@Neustradamus I have developed a first draft of SCRAM support, but i have to test it first before i can create a pull request. Do you have a docker container within a SMTP server wich supports any or all kinds of SCRAM?

schengawegga avatar Sep 29 '22 06:09 schengawegga

@schengawegga: Nice, thanks a lot for your work!

I think that @mbhangui or @maranda can help you for a test account.

cc: @nevans, @hsbt, @shugo.

Neustradamus avatar Oct 11 '22 23:10 Neustradamus

indimail has docker images at https://hub.docker.com/r/cprogrammer/indimail. Some documentation is here.

The steps would be to

  1. Create a domain using vadddomain
  2. create an user using vadduser
  3. Modify user password using vmoduser for SCRAM-SHA1, or SCRAM-SHA-256 (and the PLUS methods).

You can reach out to me privately if you need any help in setting up accounts using indimail docker.

gsasl also has a tiny smtp server in the examples directory. One can compile it and do a basic test. AFAIK, The gsasl utility too can act as a server using the --server option. But I have never tried those option. But I have used the client options to test SCRAM auth methods against indimail server.

mbhangui avatar Oct 12 '22 12:10 mbhangui

@schengawegga: Have you seen the @mbhangui comment?

Neustradamus avatar Oct 14 '22 21:10 Neustradamus

@Neustradamus @mbhangui Yes, i´ve seen @mbhangui comment. Thanks you for the detailed instructions. But my time is very short at the moment. I will have a closer look on the docker container when i´m not so busy anymore.

schengawegga avatar Oct 18 '22 07:10 schengawegga

@mbhangui now i tried about 4 hours to run and configure indimail to test my developement, but it won´t work on my own. It is possible, that you can give me a fully configured indimail server within an .vbox image? My problem at the moment is a mysql certificate error on vadduser command.

schengawegga avatar Mar 26 '23 11:03 schengawegga

@mbhangui now i tried about 4 hours to run and configure indimail to test my developement, but it won´t work on my own. It is possible, that you can give me a fully configured indimail server within an .vbox image? My problem at the moment is a mysql certificate error on vadduser command.

Which image did you use? Sure I can give a full configured indimail server with .vbox image, but that could take me a day or two.

mbhangui avatar Mar 30 '23 05:03 mbhangui

So I tried this and it worked. You can repeat the steps exactly as below

  1. Pull the image $ podman pull ghcr.io/mbhangui/indimail:rockylinux8

  2. List the image $ podman images|grep rocky ghcr.io/mbhangui/indimail rockylinux8 274da2d2b6d7 2 months ago 1.09 GB

  3. Run docker or podman command. This will run SMTP on port 25 without authentication and on port 587 with authentication. You can use port 2587 on the host where you run podman command to use SMTP for testing SCRAM methods.

$ podman run --rm -d --publish-all --name indimail -h indimail.org --cap-add SYS_PTRACE --cap-add SYS_ADMIN --cap-add IPC_LOCK --cap-add SYS_RESOURCE --cap-add=NET_ADMIN --cap-add=CAP_NET_RAW --cap-add=SYS_NICE -p 2025:25 -p 2587:587 274da2d2b6d7
2e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048
  1. Open a shell on the running container
$ podman exec -ti indimail bash
indimail.org:(root) / >
  1. In the container, create domain using vadddomain and one user testuser01 that support SCRAM authentication using vadduser
indimail.org:(root) / > vadddomain example.com password
indimail.org:(root) / > vadduser -C -m SCRAM-SHA-256 -d [email protected] somepassword
  1. On the host where you ran the podman command, test SCRAM-SHA-256 with the gsasl command. You will require to install the gsasl RPM or debian package on your host. Alternatively you can run gsasl command on the indimail container on port 587 instead of port 2587
a) without channel binding
$ gsasl -d --no-cb --hostname=argos.indimail.org --x509-ca-file="" -a [email protected] --password 'somepassword' --mechanism SCRAM-SHA-256 --smtp --connect localhost:2587

b) or you can use channel binding
$ gsasl -d --hostname=argos.indimail.org --x509-ca-file="" -a [email protected] --password 'somepassword' --mechanism SCRAM-SHA-256-PLUS --smtp --connect localhost:2587

Any issue let me know. You can replace podman with docker command. The syntax is the same for both. I prefer podman because it runs without needing a daemon running as root.

The response to the gsasl command will be like this and in the end you should get 235 ok, go ahead (#2.0.0)

Trying ‘localhost’...
220 indimail.org (NO UCE) ESMTP IndiMail 1.285 Thu, 30 Mar 2023 09:17:45 +0000
EHLO [127.0.0.1]
250-indimail.org
250-AUTH LOGIN PLAIN CRAM-MD5 CRAM-SHA1 CRAM-SHA224 CRAM-SHA256 CRAM-SHA384 CRAM-SHA512 CRAM-RIPEMD DIGEST-MD5 SCRAM-SHA-1 SCRAM-SHA-256
250-PIPELINING
250-8BITMIME
250-SIZE 20971520
250-ETRN
250-STARTTLS
250 HELP
STARTTLS
220 ready for tls
TLS X.509 Verification: The certificate is NOT trusted. The certificate chain is revoked. The certificate doesn't match the local copy (TOFU). The revocation or OCSP data are old and have been superseded. The revocation or OCSP data are issued with a future date. The certificate issuer is unknown. The certificate issuer is not a CA. The certificate chain uses insecure algorithm. The certificate chain violates the signer's constraints. The certificate chain does not match the intended purpose. The certificate chain uses not yet valid certificate. The certificate chain uses expired certificate. The signature in the certificate is invalid. The name in the certificate does not match the expected. The certificate requires the server to include an OCSP status in its response, but the OCSP status is missing. The received OCSP status response is invalid. The certificate contains an unknown critical extension.
EHLO [127.0.0.1]
250-indimail.org
250-AUTH LOGIN PLAIN CRAM-MD5 CRAM-SHA1 CRAM-SHA224 CRAM-SHA256 CRAM-SHA384 CRAM-SHA512 CRAM-RIPEMD DIGEST-MD5 SCRAM-SHA-1 SCRAM-SHA-256 SCRAM-SHA-1-PLUS SCRAM-SHA-256-PLUS
250-PIPELINING
250-8BITMIME
250-SIZE 20971520
250-ETRN
250 HELP
AUTH SCRAM-SHA-256
334
biwsbj10ZXN0dXNlcjAxQGV4YW1wbGUuY29tLHI9TlNqa1pCSjdkSGc4NEpHcGVLRVJjYS9w
334 cj1OU2prWkJKN2RIZzg0SkdwZUtFUmNhL3AwU1M2M3c1Z2RLUkZBQm1ZeTQ1b1pyZDEscz13YitqSjBvMTB5bWJoSHdZLGk9NDA5Ng==
Yz1iaXdzLHI9TlNqa1pCSjdkSGc4NEpHcGVLRVJjYS9wMFNTNjN3NWdkS1JGQUJtWXk0NW9acmQxLHA9U1FTN1lCR0Z0cXlnM1NrZWVDQzVxbStqTGdYUzBrNVlCQ0hFY1NSREFvRT0=
334 dj1zaDlVUEJtSDZvcTVtQ2NNZWpVRStQd2hmNFhrQW53Y0F0VHBzUHorejRnPQ==

235 ok, go ahead (#2.0.0)
Client authentication finished (server trusted)...
Session finished...
QUIT
221 indimail.org closing connection

mbhangui avatar Mar 30 '23 09:03 mbhangui

@mbhangui Thanks for your manual. But when i do step 3, i get the following errormessage

Error: initializing source docker://registry.redhat.io/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest: reading manifest latest in registry.redhat.io/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048: unknown: Not Found

Maybe can you please provide a vbox image to me? That will be very helpful. I am not in a hurry, so it is okay if it takes some time.

schengawegga avatar Mar 31 '23 09:03 schengawegga

Not sure why you are getting error with docker. This is cut-paste of what I tried just now with docker. I will try make a vbox image tonight

$ docker pull ghcr.io/mbhangui/indimail:rockylinux8
rockylinux8: Pulling from mbhangui/indimail
5461c86c2e54: Pull complete 
dd6dc7d0a3df: Pull complete 
8e0fd9e8bca9: Pull complete 
Digest: sha256:412400049a452f1d50f065fa2929a0998b0a64aa8aa4fe0fe6d274d67aafa24b
Status: Downloaded newer image for ghcr.io/mbhangui/indimail:rockylinux8

$ docker images|grep rockylinux8
ghcr.io/mbhangui/indimail   rockylinux8   274da2d2b6d7   2 months ago   1.07GB

$ docker run --rm -d --publish-all --name indimail -h indimail.org --cap-add SYS_PTRACE --cap-add SYS_ADMIN --cap-add IPC_LOCK --cap-add SYS_RESOURCE --cap-add=NET_ADMIN --cap-add=CAP_NET_RAW --cap-add=SYS_NICE -p 2025:25 -p 2587:587 274da2d2b6d7
3b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96

$ docker exec -ti indimail bash
indimail.org:(root) / >

mbhangui avatar Mar 31 '23 10:03 mbhangui

No i´m sorry. Either i get this error:

Trying to pull registry.redhat.io/274da2d2b6d73b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96:latest... WARN[0003] Failed, retrying in 1s ... (1/3). Error: initializing source docker://registry.redhat.io/274da2d2b6d73b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96:latest: reading manifest latest in registry.redhat.io/274da2d2b6d73b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96: unknown: Not Found

Or this error:

Trying to pull docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest... Error: initializing source docker://274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest: reading manifest latest in docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048: errors: denied: requested access to the resource is denied unauthorized: authentication required

Although i entered the needed credentials via:

podman login docker.io

and

podman login registry.redhat.io

Maybe i do not have the needed permissions?

schengawegga avatar Mar 31 '23 10:03 schengawegga

No i´m sorry. Either i get this error:

Trying to pull registry.redhat.io/274da2d2b6d73b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96:latest... WARN[0003] Failed, retrying in 1s ... (1/3). Error: initializing source docker://registry.redhat.io/274da2d2b6d73b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96:latest: reading manifest latest in registry.redhat.io/274da2d2b6d73b88313aaad6d3bfeafe18fa4bce98a45e4e40b31b7691059495381cdace5a96: unknown: Not Found

This error is expected because redhat.io doesn't have the image. Only ghcr.io and docker.io has the images

Or this error:

Trying to pull docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest... Error: initializing source docker://274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest: reading manifest latest in docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048: errors: denied: requested access to the resource is denied unauthorized: authentication required

This indicates that you have not signed into the docker repository or the sign-in wasn't successful.

Login to docker

docker login docker.io

Also you can add ghcr.io to /etc/containers/registries.conf. This is my registries.conf

[registries.search]
registries = ['ghcr.io', 'docker.io', 'registry.fedoraproject.org', 'registry.redhat.io', 'registry.access.redhat.com', 'registry.opensuse.org', 'quay.io']

# # An array of host[:port] registries to try when pulling an unqualified image, in order.
unqualified-search-registries = ['ghcr.io', 'docker.io', 'registry.fedoraproject.org', 'quay.io', 'registry.access.redhat.com']

Then pull the image from the docker registory

docker pull cprogrammer/indimail:rockylinux8

mbhangui avatar Mar 31 '23 11:03 mbhangui

Login works

docker login docker.io Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg. Authenticating with existing credentials for docker.io Existing credentials are valid. Already logged in to docker.io

Pulling works

docker pull cprogrammer/indimail:rockylinux8 Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg. ✔ docker.io/cprogrammer/indimail:rockylinux8 Trying to pull docker.io/cprogrammer/indimail:rockylinux8... Getting image source signatures Copying blob 8e0fd9e8bca9 skipped: already exists Copying blob 5461c86c2e54 skipped: already exists Copying blob dd6dc7d0a3df skipped: already exists Copying config 274da2d2b6 done Writing manifest to image destination Storing signatures 274da2d2b6d794b20146c55ba394b0e4ab14a1417ba44036a57eb1d3e83e8a78

Step 3 works not

podman run --rm -d --publish-all --name indimail -h indimail.org --cap-add SYS_PTRACE --cap-add SYS_ADMIN --cap-add IPC_LOCK --cap-add SYS_RESOURCE --cap-add=NET_ADMIN --cap-add=CAP_NET_RAW --cap-add=SYS_NICE -p 2025:25 -p 2587:587 274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048 ✔ docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest Trying to pull docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest... Error: initializing source docker://274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048:latest: reading manifest latest in docker.io/library/274da2d2b6d72e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048: errors: denied: requested access to the resource is denied unauthorized: authentication required

schengawegga avatar Mar 31 '23 11:03 schengawegga

The error is because of error in step 3. Either you have to use docker throughout or you have to use podman throughout. As in

  1. docker pull cprogrammer/indimail:rockylinux8 -- Fine

In step 3 replace podman with docker. i.e.

docker run --rm -d --publish-all --name indimail -h indimail.org --cap-add SYS_PTRACE --cap-add SYS_ADMIN --cap-add IPC_LOCK --cap-add SYS_RESOURCE --cap-add=NET_ADMIN --cap-add=CAP_NET_RAW --cap-add=SYS_NICE -p 2025:25 -p 2587:587

mbhangui avatar Mar 31 '23 11:03 mbhangui

i found the problem. I used the wrong signature hash. Sorry, but i am not very known in docker/podman. Now it works. Thanks for your support. So now i can check the SCRAM-Authentication on my VM.

schengawegga avatar Mar 31 '23 11:03 schengawegga

Install gsasl package on your local machine where you are running the container. The gsasl command was the most useful tool for me when building SCRAM authentication. Now the docker run command I gave maps port 2587 on the local machine to port 587 on the container. The gsasl command also prints the SMTP dialog on the screen.

Once you have created a user on the container, you can connect and test authentication like this. You can create two users. One with SCRAM-SHA-256 and the other with SCRAM-SHA-1.

And then for each mechanism, you have two methods (the non-plus variant where you don't do channel binding and the PLUS variant where you do channel binding).

a) without channel binding
$ gsasl -d --no-cb --hostname=argos.indimail.org --x509-ca-file="" -a [email protected] --password 'somepassword' --mechanism SCRAM-SHA-256 --smtp --connect localhost:2587

b) or you can use channel binding
$ gsasl -d --hostname=argos.indimail.org --x509-ca-file="" -a [email protected] --password 'somepassword' --mechanism SCRAM-SHA-256-PLUS --smtp --connect localhost:2587

mbhangui avatar Mar 31 '23 12:03 mbhangui

@mbhangui Thanks for your support. The pull request for adding SCRAM support is already done. Next steps will be adding SCRAM-PLUS support. For this, the PEAR/Auth_SASL Class must support channel binding. I will try to do a pull request there. But a first question to you. Do your container indimail support channel binding?

schengawegga avatar Aug 02 '23 06:08 schengawegga

Do your container indimail support channel binding?

Yes it does support channel binding (SCRAM-SHA1-PLUS and SCRAM-SHA256-PLUS) but not SCRAM-SHA512-PLUS

mbhangui avatar Aug 02 '23 07:08 mbhangui

Additionally you will need to create users which support channel binding

indimail.org:(root) / > vadddomain example.com password
indimail.org:(root) / > vadduser -C -m SCRAM-SHA-1-PLUS -d [email protected] sompassword
indimail.org:(root) / > vadduser -C -m SCRAM-SHA-256-PLUS -d [email protected] somepassword

mbhangui avatar Aug 02 '23 13:08 mbhangui

@mbhangui Thanks for the example. I will try this soon.

schengawegga avatar Aug 02 '23 20:08 schengawegga

@mbhangui can you send me the vadduser statements for adding users with CRAM-MD5 and DIGEST-MD5 authentication methods? Then I can check several changes in pear/Net_SMTP and pear/Auth_SASL Thank you.

schengawegga avatar Aug 12 '23 05:08 schengawegga

@mbhangui: Have you seen the last @schengawegga comment?

Neustradamus avatar Aug 15 '23 13:08 Neustradamus

@mbhangui can you send me the vadduser statements for adding users with CRAM-MD5 and DIGEST-MD5 authentication methods? Then I can check several changes in pear/Net_SMTP and pear/Auth_SASL Thank you.

Totally slipped my mind that I have to reply. Here is the command. You just have to use -C option and it will support all CRAM methods. The -C option can be used with SCRAM methods too. However, the default setting of SMTP service in indimail doesn't support CRAM because of the danger of storing clear text passwords in the database. If someone steals the database, the person will walk away happily with un-encrypted passwords. To enable CRAM in SMTP a one time setting of ENABLE_CRAM variable is required, which is given below

create a user that supports all CRAM Methods
# vadduser -C [email protected] somepassword

Enable CRAM authentication in SMTP service

# echo 1 > /service/qmail-smtpd.587/variables/ENABLE_CRAM

Restart SMTPD

# svc -r /service/qmail-smtpd.587

Test using swaks. You can use port 2587 on your host where you are running docker command. If doing the test in the container then use port 587

Test CRAM-MD5 using swaks

swaks --to [email protected] --from [email protected] --server localhost --port 587 -a CRAM-MD5 -au [email protected] -ap somepassword

Test DIGEST-MD5 using swaks
swaks --to [email protected] --from [email protected] --server localhost --port 587 -a DIGEST-MD5 -au [email protected] -ap somepassword

In fact You can use use CRAM-MD5 CRAM-SHA1 CRAM-SHA224 CRAM-SHA256 CRAM-SHA384 CRAM-SHA512 CRAM-RIPEMD DIGEST-MD5 methods if the client support those methods

There is a detailed topic on setting up authenticated smtp mechanisms in indimail here. But feel free to post any doubts/clarification here itself

mbhangui avatar Aug 15 '23 13:08 mbhangui

@mbhangui: Have you seen the last @schengawegga comment?

Thanks for reminding me. It had totally slipped my mind as I was busy planning a vacation. I have updated the above post with few things that I had missed out

mbhangui avatar Aug 15 '23 14:08 mbhangui

@mbhangui Do indimail support XOAuth and OAuthbearer? And how do i configure this methods? Thanks you :-)

schengawegga avatar Jan 08 '24 23:01 schengawegga

On Tue, 9 Jan 2024 at 04:44, Armin Graefe @.***> wrote:

@mbhangui https://github.com/mbhangui Do indimail support XOAuth and OAuthbearer? And how do i configure this methods? Thanks you :-)

No. None of these two are supported ATM.

mbhangui avatar Jan 09 '24 03:01 mbhangui