Hello Morten. Morten Bo Johansen wrote in <slrnul9ipu.63hr.mbj@localhost.localdomain>: |Is anybody able to send mail with s-nail through the outlook.com smtp \ |server?
Just yesterday (because on some other list someone had problems) i logged into IMAP. (I use v14.10 development branch though.) |I have this in my ~/.mailrc: | | set v15-compat | | account hotmail { | localopts yes | set from="Morten Bo Johansen <morte...@hotmail.com>" | set imap-keepalive=240 | shortcut imap imaps://outlook.office365.com | set tls-config-pairs=MinProtocol=TLSv1.2 | set smtp-use-starttls | set mta=smtp://mortenbo%40hotmail.com:sec...@smtp-mail.outlook.com:58\ | 7 Microsoft likely enforces OAuth. I have written a Python program (Python because it ships all necessary modules out of the box) which handles the stuff: curl -b ./TMPCOOKIE -c ./TMPCOOKIE \ -O https://git.sdaoden.eu/browse/s-toolbox.git/plain/oauth-helper.py (No longer authentication required, but sets HTTP cookie.) It needs a configuration file, python3 oauth-helper.py -p Microsoft -R morten.rc --action=template creates it (see --help). flow= must be auth however, i think. Last night i had # /home/steffen/sec.arena/mail/.sitm-ms.oauth, written 2023-11-15 00:29:01.875595 authorize_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/authorize devicecode_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/devicecode token_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/token redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient tenant=common scope=https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send flow=auth access_token= client_id=bf0f4488-089e-46ee-a48d-8f0717388be3 login_hint=sugar.in.the.morn...@outlook.com ^ change this timeout=3600 timestamp= refresh_token= Last October i posted a v14.9.* script that makes use of this (but do not use oauth-helper.py from that post, current is beter); i no longer have it nor tried it ever since, i am all forward on v14.10 [1]. [1] https://lists.sdaoden.eu/pipermail/s-mailx/2022-October/001650.html Note Microsoft uses grazy-long tokens and requires a browser visit each and every time the token expires (ie a normal refresh will not work out). The new token is also only seen in the browser address line. |I get various error messages, no matter what I try, e.g.: | | $ mail -s "Test" morte...@hotmail.com < /dev/null | | mail: SMTP server: 504 5.7.4 Unrecognized authentication type | [MM0P280CA0062.SWEP280.PROD.OUTLOOK.COM 2023-11-15T13:28:04.587Z | 08DBE55409C962D3] | |If I try with smtps://.. instead of smtp, I get | | $ mail -s "Test" morte...@hotmail.com < /dev/null | mail: could not initiate TLS connection: error:0A00010B:SSL routines::w\ | rong | version number | |I have also tried to remove the "tls-config-pairs" line to no effect. | |These are my "tls-features": ... IMAP works fine. It is just smtp that doesn't work. Oh. Wait. SMTP i have not tried. $ s-nail -A sitm-ms -s 'SMTP should work' stef...@sdaoden.eu ! Warning: --resource mode permissions other than user read/write: 0640: /home/steffen/sec.arena/mail/.sitm-ms.oauth ! refresh_token response: HTTP Error 400: Bad Request ! Let us try --authorize instead (sleeping 3 seconds) ^ Always with Microsoft :( Yandex is much more relaxex. Even Google. * OAuth 2.0 RFC 6749, 4.1.1. Authorization Request . To create an authorization code, please visit the shown URL: lynx-redux 'https://login.microsoftonline.com/[.]' ^ $BROWSER that is - Shall i invoke this command? [y/else] n Please enter authorization [URI?code=]token: [.] * OAuth 2.0 RFC 6749, 4.1.3. Access Token Request s-nail: .. updating password to OAuth token [.] s-nail: Conditional expression: expected an operator: stop during: =~ ^imaps?://: of: =~ ^imaps?:// (oops, a bug) s-nail: Obsoletion warning: conditional expressions exclusively use shell-style notation; compatibility shims were removed! ... (Preliminary) Envelope contains: ... Send this message [yes/no, empty: recompose]? y ... #?0|kent:nail.git$ Works! Now i hope this works with v14.9.24 also. Its oauthbearer authentication should be xoauth2 indeed, please complain if it does not work. (I hate OAuth.) I am undecided how to do it for this MUA indeed. I personally now do "call oauth-activate sitm-ms" from within my account: define oauth-activate { \se password imap-auth=xoauth2 [.] \call oauth-check-token-init \se oauth-helper='$HOME/src/toolbox.git/oauth-helper.py \ --resource $HOME/sec.arena/mail/.'$1'.oauth' \ oauth-helper-times=$HOME/sec.arena/mail/.$1.oauth \ on-oauth-password-change=_oauth-on-new-token } define _oauth-on-new-token { \if -n "$1" \echoe ' .. updating password to OAuth token '$1 \se password=$1 \if $mailbox-resolved =~ ^imaps?:// \echoe ' .. reconnecting IMAP mailbox after password change' \disco \conn \en \el \echoe ' .. deleting password' \uns password \en } These then get driven by the code that i posted in October last year (at least in its current v14.10-and-above form, but i *think* nothing has changed regarding that). Since you seem to drive it from the command line only you can as well simply call the python script, and then call the MUA with the password already resolved, no? Ring through on problems! --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)