Hi,
Typically we find IMAP can be authenticated against "normally" once
security defaults are disabled. They are working to enforce this onto
tenants, so it would be an uphill battle.
https://docs.microsoft.com/en-us/microsoft-365/business-premium/m365bp-conditional-access?view=o365-worldwide#security-defaults
Good luck,
Luke Thompson
Chief Technical Officer
The Network Crew Pty Ltd
https://thenetworkcrew.com.au
On 19 August 2022 8:01:16 pm [email protected] wrote:
Send mailop mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://list.mailop.org/listinfo/mailop
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of mailop digest..."
Today's Topics:
1. Re: Microsoft Office365 blocking non Oauth2 authentication on
IMAP and SMTP. (Gellner, Oliver)
----------------------------------------------------------------------
Message: 1
Date: Fri, 19 Aug 2022 09:08:08 +0000
From: "Gellner, Oliver" <[email protected]>
To: Benoît Panizzon <[email protected]>, "[email protected]"
<[email protected]>
Subject: Re: [mailop] Microsoft Office365 blocking non Oauth2
authentication on IMAP and SMTP.
Message-ID:
<am9pr01mb831352528b82774008ccade282...@am9pr01mb8313.eurprd01.prod.exchangelabs.com>
Content-Type: text/plain; charset="utf-8"
Hello,
IMAP, SMTP etc are still being supported with Office365. What gets disabled
is Basic Auth for some services. Microsoft announced the decomission of
Basic Authentication three years ago and all tenant administrators have
been notified several times in the meantime about this change. Originally
the change was planned for 2020, but due to interoperability issues it got
postponed until 2022. So while I'm no Microsoft fellow I don't think anyone
should be caught unprepared.
If you need POP3 or IMAP4 access with Basic Auth, then you can either put a
proxy or other email server in between which speaks Basic Auth on one side
and OAuth on the other. Or you can move the mailboxes somewhere else, if
necessary even to an Exchange server if you prefer to stay with Microsoft
for whatever reason.
Basic Auth with SMTP on the other hand is not being phased out, you can
still enable and use it.
--
BR Oliver
-----Ursprüngliche Nachricht-----
Von: mailop <[email protected]> Im Auftrag von Benoît Panizzon via
mailop
Gesendet: Freitag, 19. August 2022 08:41
An: [email protected]
Betreff: [mailop] Microsoft Office365 blocking non Oauth2 authentication on
IMAP and SMTP.
Hi Team
I am involved in a large non profit organisation in Switzerland.
A couple of years ago, that organisation got persuaded to switch to
Office365 as they got a good offer for non profit organisations. One of the
promises at that time: Everyone could continue working as before as all
clients could connect via IMAP and SMTP, so migration all existing
volunteer accounts and tools would work seamlessly.
Most email user are 'external' volunteers.
Now more and more co-volunteers, including myself get locked out of their
email accounts, because Microsoft disabled non Oauth2 token authentication.
Tools stop working. (usually found out after repeatedly going through the
password reset recovery procedure and still not being able to log in).
Using the web-based tools is not an option.
The Problem: Most client are unable to use Oauth2. There are mailinglist
tools which connect to a mailbox to process bounces as example. But any
other tool generating emails and sending them via SMTP is affected.
Some tools are able to do Oauth2, but the help from the 'Domain
Administrator' is needed, to register those tools as 'trusted app' with
Microsoft Azure to get a unique client-id for that tool, but then again the
token renewal then fails after some time (this needs to be done via a HTTP
request somehow) needing a lot of attention to keep those tools running.
Microsoft Support states, they won't re-enable tokenless authentication and
the provide no help at all to get tools back online which do not work any more.
I wonder: How do other Microsoft Office365 customers mitigate this situation?
________________________________
dmTECH GmbH
Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe
Telefon 0721 5592-2500 Telefax 0721 5592-2777
[email protected]<mailto:[email protected]> * www.dmTECH.de<http://www.dmtech.de>
GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927
Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher
________________________________
Datenschutzrechtliche Informationen
Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser
ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in
Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder
sich bei uns bewerben, verarbeiten wir personenbezogene Daten.
Informationen unter anderem zu den konkreten Datenverarbeitungen,
Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer
Datenschutzbeauftragten finden Sie
hier<https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832>.
------------------------------
Subject: Digest Footer
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
------------------------------
End of mailop Digest, Vol 25, Issue 38
**************************************
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
