On 2019-09-18 at 23:05 +0200, Heiko Schlittermann via Exim-users wrote: > Wouldn't it be better to integrate it into Exim itself? > Can't we use the authenticators for this? Write a new > driver, xoauth2, and use it in the transport section?
If recollection serves, XOAUTH2 can require prompting for reconfirmation via opening a web-browser and after "whatever happens there" POSTing back to a localhost listening port to provide the actual credential. XOAUTH2 is really for desktop apps, like email clients talking to the submission port, and not well suited to an MTA performing unattended delivery. So from Exim's side, this would be "Okay, what hooks can we provide for 'mostly unattended' delivery, grabbing a human for intervention when needed". So if this were to be in Exim, it would instead need to be something like: "keep using this credential in this file, but when it fails, execute this other command instead and pause usage of this authenticator until the mod-time on the credential file changes" and an external tool to manage the refresh. And suggested monitoring integrations. At which point, a local sidecar proxy for talking to Gmail where the proxy manages all of that might actually be the better approach, thus the OP's design. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
