Re: support for Office365?
On 2020-09-28 09:36+1000, raf wrote: > One reason is MFA. Where I work, we are often receiving > emails from the hacked email accounts of our clients. That would help some of the problems, I suppose. But a compromised copy of Outlook would still act as a spam mill once the login connection is established. I think what would happen is that between your login to exchange and getting 'a ok login' in response the MFA device needs to approve. Malware surely just waits a little longer, it would look like normal behaviour to someone who just started outlook, I would have thought. I seem to remember Outlook being one of the more buggy mail clients. There was a nasty issue without Outlook Express that would execute code in mail headers prior to display. Unless my memory is wrong. Exploitation doesn't go away with MFA, it might reduce some issues with compromised clients, but I think MFA is supposed to give some protection for that, unless you authorise the client connection. I really don't know, and I'm trying to see sense. It seems like wilful look-in, there's avenues for alternatives with things like BYOD becoming commonplace, but then to enforce Outlook or Office 365 rubs me the wrong way. Ed
Re: support for Office365?
On Sun, Sep 27, 2020 at 12:05:36PM +0100, ed neville wrote: > On 2020-06-26 14:20-0400, Andrew D. Arenson wrote: > > My organization is moving to Office365 and have decided, sadly, not to > > support IMAP. > > > > Anyone have insight in how mutt might still be able to connect to > > Office365? > > > > A co-worker has been investigating a project called davmail, which > > provides a gateway that sort of translates from Office365's other > > protocols to IMAP, as they use a (non-mutt) IMAP mail client. > > > > So, I'll follow up with using that intermediary if need be, but would > > love to hear that mutt could talk directly to Office365 without using > > IMAP. > > Just out of interest, does anyone know /why/ organisations, in their > rampant desire to outsource to the cloud disable IMAP and SMTP protocols > whilst doing that? Is something to be feared? Surely MS cares only that > people pay the monthly rent on Office 365? > > -- > Best regards, > Ed http://www.s5h.net/ One reason is MFA. Where I work, we are often receiving emails from the hacked email accounts of our clients. cheers, raf
Re: support for Office365?
On Fri, Jun 26, 2020 at 02:20:25PM -0400, Andrew D. Arenson wrote: > My organization is moving to Office365 and have decided, sadly, not to > support IMAP. > > Anyone have insight in how mutt might still be able to connect to > Office365? > > A co-worker has been investigating a project called davmail, which > provides a gateway that sort of translates from Office365's other > protocols to IMAP, as they use a (non-mutt) IMAP mail client. DavMail worked well last time I tried to use it against an Office365 server. Great that it exists. Pity that it should have to. -- A: When it messes up the order in which people normally read text. Q: When is top-posting a bad thing? () ASCII ribbon campaign. Please avoid HTML emails & proprietary /\ file formats. (Why? See e.g. https://v.gd/jrmGbS ). Thank you.
Re: support for Office365?
On Sun, Sep 27, 2020 at 10:16:07AM -0400, Spackman, Chris wrote: > On 2020/09/27 at 12:05pm, ed neville wrote: >> Just out of interest, does anyone know /why/ organisations, in their >> rampant desire to outsource to the cloud disable IMAP and SMTP >> protocols whilst doing that? Is something to be feared? Surely MS >> cares only that people pay the monthly rent on Office 365? > > [..] I can't speak to the actual security benefits, but I suspect that > most IT people at the organization assume or expect that everyone uses > Outlook, so why would they need IMAP? This. It is the sort of view that I have encountered in several organisations abandoning sensible email systems in favour of proprietary mainframe spyware. Many of today's IT staff/managers aren't sysadmins in the traditional sense (often don't even have OS-level access to the servers their organisations software runs on, let alone hardware-level), don't know how email systems work under the hood, and are heavily targeted with marketing from companies like Microsoft telling them that if they buy a service like Outlook365 (or whatever it's called these days), then it will handle everything email-related for them and their users and they will never have to understand or be accountable for anything ever again. All too often their response is, "Great!" > It is possible that [Microsoft] also "highly recommend" turning off > "legacy protocols". Again, this. They just go through the process and select the "recommended" settings. If they think about it at all, it doesn't go very deep: they conclude (wrongly, of course) that forcing users off IMAP is an "upgrade" that the users will thank them for :( In short, if your organisation moves its email to something like O365 or Gmail, then your organisation is managed by thoughtless authoritarians, and if you stay there after a change like that then you are only enabling them. If reasoning with them fails, then cut your losses and run. -- A: When it messes up the order in which people normally read text. Q: When is top-posting a bad thing? () ASCII ribbon campaign. Please avoid HTML emails & proprietary /\ file formats. (Why? See e.g. https://v.gd/jrmGbS ). Thank you.
Re: support for Office365?
On 2020/09/27 at 12:05pm, ed neville wrote: > Just out of interest, does anyone know /why/ organisations, in their > rampant desire to outsource to the cloud disable IMAP and SMTP > protocols whilst doing that? Is something to be feared? Surely MS > cares only that people pay the monthly rent on Office 365? One educational organization that I work with describes POP3 and IMAP as "legacy" protocols that are not as secure as "modern" ones. "Modern" ones being things like OAUTH2. I can't speak to the actual security benefits, but I suspect that most IT people at the organization assume or expect that everyone uses Outlook, so why would they need IMAP? Of course, these same IT people still require us to change our passwords every 3 months. Guess they didn't get that memo. I've heard (don't remember where) that for a while at least, MS required password changes as part of their security requirements. It is possible that they also "highly recommend" turning off "legacy protocols". To be fair, the IT people were also nice enough to leave IMAP on for me, at least for a while. I think they are going to turn it off, no exceptions for anyone, next summer. -- Chris Spackman ch...@osugisakae.com ESL Coordinator The Graham Family of Schools ESL Instructor Columbus State Community College Japan Exchange and Teaching Program Wajima, Ishikawa 1995-1998 Linux user since 1998 Linux User #137532
Re: support for Office365?
On 2020-06-26 14:20-0400, Andrew D. Arenson wrote: > My organization is moving to Office365 and have decided, sadly, not to > support IMAP. > > Anyone have insight in how mutt might still be able to connect to > Office365? > > A co-worker has been investigating a project called davmail, which > provides a gateway that sort of translates from Office365's other > protocols to IMAP, as they use a (non-mutt) IMAP mail client. > > So, I'll follow up with using that intermediary if need be, but would > love to hear that mutt could talk directly to Office365 without using > IMAP. Just out of interest, does anyone know /why/ organisations, in their rampant desire to outsource to the cloud disable IMAP and SMTP protocols whilst doing that? Is something to be feared? Surely MS cares only that people pay the monthly rent on Office 365? -- Best regards, Ed http://www.s5h.net/
Re: support for Office365?
> > I'm not familiar with fetchmail. Would you mind saying more about how > > you use fetchmail and what you did to get davmail to work? For davmail, I just followed the Linux setup instructions on their web site, nothing more. For the added bonus, I set it up for imaps with a self-signed cert. Wrt fetchmail, I prefer to have a clean sheet on the mail server and download everything to my Linux box. Maybe there's a bit of nostalgia about the days when mail spools were local (or NFS-mounted).` >I'm happy to report that I got this to work. Changes: Glad to hear it :)
Re: support for Office365?
On Tue, Sep 15, 2020 at 01:45:01PM -0400, Andrew D. Arenson wrote: > On Sat, Jun 27, 2020 at 07:49:14AM +0100, isdtor wrote: > > > Andrew D. Arenson writes: > > > My organization is moving to Office365 and have decided, sadly, not to > > > support IMAP. > > > > > > Anyone have insight in how mutt might still be able to connect to > > > Office365? > > > > > > A co-worker has been investigating a project called davmail, which > > > provides a gateway that sort of translates from Office365's other > > > protocols to IMAP, as they use a (non-mutt) IMAP mail client. > > > > I was never able to get davmail to work in the past but now, preparing for > > a potential future like yours, I looked at it again and did get it to work. > > I tested it in conjunction with fetchmail and ran into two problems. One I > > was able to work around, the other not, but most importantly, the setup > > seems to download mails ok. > > > > That's for imaps access only. I don't need pop and haven't tested smtp or > > caldav and ldap. > > > > Well, I got word today that my work inbox is being migrated by the 29th > of this month from local Exchange to Office365, so can't put this off any > longer. > > I don't need caldav or ldap. Not sure if I'll need smtp in the future, > but I don't need it immediately. > > I'm not familiar with fetchmail. Would you mind saying more about how > you use fetchmail and what you did to get davmail to work? > > I'm using a very old version of mutt, the latest available on RHEL6: > Mutt 1.5.20 (2009-12-10) > > My current .muttrc IMAP config: > > set imap_pass="*" > set spoolfile="{aaren...@imap.exchange.iu.edu/ssl}INBOX" > mailboxes ! > mailboxes "{aaren...@imap.exchange.iu.edu/ssl}Junk E-mail" > set certificate_file=~/.mutt/certificates > set ssl_starttls=yes > set ssl_force_tls=yes > set imap_keepalive = 10 > > I don't really know what I'm doing with mutt. I've cobbled > things together over the years and they mostly work well enough. Just > trying to figure out how to keep it going. I'm happy to report that I got this to work. Changes: 58c58,59 < set spoolfile="{aaren...@imap.exchange.iu.edu/ssl}INBOX" --- > set spoolfile="{aarenson\@iu.edu@localhost:1143}INBOX" 139,141c140,142 < set ssl_starttls=yes < set ssl_force_tls=yes < set imap_keepalive = 10 --- > #set ssl_starttls=yes > #set ssl_force_tls=yes > #set imap_keepalive = 10 I'm sorry that I can't easily report what was needed in the davmail.properties file, as I simply borrowed one from a co-worker who had already set up davmail for use with Thunderbird. Andy -- Andrew D. Arenson (he/him) H 317.964.0493 arenson (at) spatzel.netC 317.679.4669
Re: support for Office365?
On Sat, Jun 27, 2020 at 07:49:14AM +0100, isdtor wrote: > Andrew D. Arenson writes: > > My organization is moving to Office365 and have decided, sadly, not to > > support IMAP. > > > > Anyone have insight in how mutt might still be able to connect to > > Office365? > > > > A co-worker has been investigating a project called davmail, which > > provides a gateway that sort of translates from Office365's other protocols > > to IMAP, as they use a (non-mutt) IMAP mail client. > > I was never able to get davmail to work in the past but now, preparing for a > potential future like yours, I looked at it again and did get it to work. I > tested it in conjunction with fetchmail and ran into two problems. One I was > able to work around, the other not, but most importantly, the setup seems to > download mails ok. > > That's for imaps access only. I don't need pop and haven't tested smtp or > caldav and ldap. > Well, I got word today that my work inbox is being migrated by the 29th of this month from local Exchange to Office365, so can't put this off any longer. I don't need caldav or ldap. Not sure if I'll need smtp in the future, but I don't need it immediately. I'm not familiar with fetchmail. Would you mind saying more about how you use fetchmail and what you did to get davmail to work? I'm using a very old version of mutt, the latest available on RHEL6: Mutt 1.5.20 (2009-12-10) My current .muttrc IMAP config: set imap_pass="*" set spoolfile="{aaren...@imap.exchange.iu.edu/ssl}INBOX" mailboxes ! mailboxes "{aaren...@imap.exchange.iu.edu/ssl}Junk E-mail" set certificate_file=~/.mutt/certificates set ssl_starttls=yes set ssl_force_tls=yes set imap_keepalive = 10 I don't really know what I'm doing with mutt. I've cobbled things together over the years and they mostly work well enough. Just trying to figure out how to keep it going. Andy -- Andrew D. Arenson (he/him) H 317.964.0493 arenson (at) spatzel.netC 317.679.4669
Re: support for Office365?
Andrew D. Arenson writes: > My organization is moving to Office365 and have decided, sadly, not to > support IMAP. > > Anyone have insight in how mutt might still be able to connect to > Office365? > > A co-worker has been investigating a project called davmail, which > provides a gateway that sort of translates from Office365's other protocols > to IMAP, as they use a (non-mutt) IMAP mail client. I was never able to get davmail to work in the past but now, preparing for a potential future like yours, I looked at it again and did get it to work. I tested it in conjunction with fetchmail and ran into two problems. One I was able to work around, the other not, but most importantly, the setup seems to download mails ok. That's for imaps access only. I don't need pop and haven't tested smtp or caldav and ldap.
Re: support for Office365?
On Fri, Jun 26, 2020 at 02:20:25PM -0400, Andrew D. Arenson wrote: > My organization is moving to Office365 and have decided, sadly, not to > support IMAP. > > Anyone have insight in how mutt might still be able to connect to > Office365? If app passwords are enabled, you can just do that https://support.microsoft.com/en-us/office/create-an-app-password-for-microsoft-365-3e7c860f-bda4-4441-a618-b53953ee1183 If your org's policy doesn't support app passwords (which will get phased out sometime in 2021, I think), there's no current option, but see the recent threads on mutt-devel mailing list about Office365 and XOAUTH2. http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20190401/thread.html#291 There's been some recent work towards adding support for the less preferred / older way that MS is supporting it: http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20200615/000839.html Doing this will require that this work be released, as well as the use of an external script / tool. w
support for Office365?
My organization is moving to Office365 and have decided, sadly, not to support IMAP. Anyone have insight in how mutt might still be able to connect to Office365? A co-worker has been investigating a project called davmail, which provides a gateway that sort of translates from Office365's other protocols to IMAP, as they use a (non-mutt) IMAP mail client. So, I'll follow up with using that intermediary if need be, but would love to hear that mutt could talk directly to Office365 without using IMAP. Andy -- Andrew D. Arenson (he/him) H 317.964.0493 arenson (at) spatzel.netC 317.679.4669