Dear Adrian, On Tue, 25 Oct 2022 12:48:44 +0200 GMT (25/10/2022, 17:48 +0700 GMT), Adrian wrote:
> Probably switching to oauth is enough. IMAP/POP can be disabled for an > organization when using Exchange Online though - if that's the case I'd reach > out to IT and see if they really want to disable it or maybe just weren't > awareof people using IMAP clients... > BTW, when testing TB's OAuth support recently I noticed that TB DOES NOT seem > to > use refresh tokens: > Once my SSO session (Exchange Online at my workplace) expires, I have to go > through SSO again - which is completely terrible because the browser is > embedded > in TB instead of using one of the oauth flows where the regular browser is > used. > This is NOT a restriction from our ExO configuration - I can get a refresh > token > and use it for a long time just fine. It's just that TB doesn't seem to make > use > of it... And in fact this would completely rule out TB with OAuth for me, > because > having to do a new SSO login with 2FA every day just for emails? Hell no! How do I activate this in TB!? Also, our IT is useless. So, if there is a setting they have change, is there a guidance on the web somewhere? >> Hi Thomas, >>> ... they told me that MS does not support POP or IMAP any more "for >>> security reasons" ... >> You are not alone. It seems the culprit is OAuth 2.0 [1], other email >> clients are affected too [2,3]. >> -Z. >> [1] >> https://devblogs.microsoft.com/microsoft365dev/end-of-support-for-basic-authentication-access-to-exchange-online-apis-for-office-365-customers/ >> [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1699487 >> [3] https://www.pmail.com/newsflash.htm -- Cheers, Thomas. Message reply created with The Bat! Version 10.2 (64-bit) under Windows 10.0 Build 19043 ________________________________________________________ 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
