Institutional Office365 not working

We are just getting the ball rolling, but from the looks of it, OAuth should be forthcoming in the next week or so.

I hope we will have a roadmap very soon.

2 Likes

Update: I’m still getting oriented to the timeline of the past year. The prior Office365 fixes were in 1.7.8 (May 2020). See CHANGELOG.

However, we’re hoping to have another release in the next couple of weeks, and this is a top priority.

2 Likes

Hi again

I just upgraded to the 1.8.0 version. Now it seems like there is some support for OAuth. At least I got directed to the login page for my office365 account. But still no luck in getting authenticated.

Here is the terminal output:

{ Error: Authentication Error - Check your username and password. (SMTP)
    at ChildProcess._proc.on.code (file:///tmp/nylas-build/electron-packager/linux-x64/mailspring-linux-x64/resources/app/src/mailsync-process.ts:222:27)
    at ChildProcess.emit (events.js:182:13)
    at ChildProcess.EventEmitter.emit (domain.js:442:20)
    at maybeClose (internal/child_process.js:962:16)
    at Socket.stream.socket.on (internal/child_process.js:381:11)
    at Socket.emit (events.js:182:13)
    at Socket.EventEmitter.emit (domain.js:442:20)
    at Pipe._handle.close (net.js:606:12)
  message:
   'Authentication Error - Check your username and password. (SMTP)',
  rawLog:
   '----------IMAP----------
connect <mailcore::IMAPSession:0x7ffeefdc61e0>
* OK The Microsoft Exchange IMAP4 service is ready. [===REMOVED===]
ssl connect outlook.office365.com 993 2
OpenSSL version: OpenSSL 1.1.0f  25 May 2017
1 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
1 OK CAPABILITY completed.
connect ok
login
2 AUTHENTICATE XOAUTH2 ===REMOVED===
2 OK AUTHENTICATE completed.
3 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CLIENTACCESSRULES CLIENTNETWORKPRESENCELOCATION BACKENDAUTHENTICATE CHILDREN IDLE NAMESPACE LITERAL+
3 OK CAPABILITY completed.
4 NAMESPACE
* NAMESPACE (("" "/")) NIL NIL
4 OK NAMESPACE completed.
login ok
5 LIST "" "*"
* LIST (\\HasNoChildren) ===Removed===
* LIST ........
* LIST ........
* LIST ........
5 OK LIST completed.


----------SMTP----------
connect smtp.office365.com 587
220 OL1P279CA0035.outlook.office365.com Microsoft ESMTP MAIL Service ready at Thu, 21 Jan 2021 07:51:07 +0000
init
EHLO hkorsvoll-Latitude-E7450
250-OL1P279CA0035.outlook.office365.com Hello [2a02:1660:6186:e00:f83b:79fa:d2c2:e17b]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
start TLS
STARTTLS
220 2.0.0 SMTP server ready
done
OpenSSL version: OpenSSL 1.1.0f  25 May 2017
init after starttls
EHLO hkorsvoll-Latitude-E7450
250-OL1P279CA0035.outlook.office365.com Hello [2a02:1660:6186:e00:f83b:79fa:d2c2:e17b]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH LOGIN XOAUTH2
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
AUTH XOAUTH2 ===REMOVED===
451 4.7.0 Temporary server error. Please try again later. PRX4  [OL1P279CA0035.NORP279.PROD.OUTLOOK.COM]


SASL_PATH: /snap/mailspring/498/usr/share/mailspring/resources/app.asar.unpacked

SMTP Last Response Code: 451
SMTP Last Response: 4.7.0 Temporary server error. Please try again later. PRX4  [OL1P279CA0035.NORP279.PROD.OUTLOOK.COM]


mailsmtp Last Error Code: 1
mailsmtp Last Error Explanation: MAILSMTP_ERROR_UNEXPECTED_CODE
mailsmtp Last Error Location: 10
mailsmtp Last Auth Type: 256' } { pluginIds: [] }
Raven: 429 - undefined

It looks like the IMAP login is OK, but it fails on SMTP login. I can confirm that both IMAP and SMTP is working in my Thunderbird setup.

4 Likes

Since last update I have to reconnect everyday, because office365 is giving short lifetime tokens?

29612 [2021-02-04 15:11:13.495] [background] [info] Fetching XOAuth2 access token (office365) for d4f3745c
29612 [2021-02-04 15:11:13.495] [metadata] [info] Metadata delta stream starting...
29612 [2021-02-04 15:11:14.112] [background] [critical] 
***
*** Mailspring Sync 
*** An exception occurred during program execution: 
*** {"debuginfo":"https://login.microsoftonline.com/common/oauth2/v2.0/token RETURNED {\"error\":\"invalid_grant\",\"error_description\":\"AADSTS700081: The refresh token has expired due to maximum lifetime. The token was issued on 2021-02-03T13:56:36.8761451Z and the maximum allowed lifetime for this application is 1.00:00:00.\\r\\nTrace ID: c3669801-93e3-4b7b-9d76-c92b58b86900\\r\\nCorrelation ID: db8faa5a-70e6-4dac-b839-4e7a70dcaa54\\r\\nTimestamp: 2021-02-04 14:11:14Z\",\"error_codes\":[700081],\"timestamp\":\"2021-02-04 14:11:14Z\",\"trace_id\":\"c3669801-93e3-4b7b-9d76-c92b58b86900\",\"correlation_id\":\"db8faa5a-70e6-4dac-b839-4e7a70dcaa54\",\"error_uri\":\"https://login.microsoftonline.com/error?code=700081\"}","key":"Invalid Response Code: 400","retryable":false,"what":"std::exception"}
2 Likes

OAUTH succeeds yet

    ----------IMAP----------
    connect <mailcore::IMAPSession>
    * OK IMAP4 ready
    ssl connect mailservices.xxxx 993 2
    OpenSSL version: OpenSSL 1.1.0f  25 May 2017
    1 CAPABILITY
    * CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS SASL-IR AUTH=PLAIN AUTH=LOGIN
    1 OK completed
    connect ok
    login
    2 AUTHENTICATE XOAUTH2 xxxx
    2 BAD invalid command
1 Like

I have created a new topic (link) on this since I’m having the exact same problem as @anat0lius.

If you have found a way to fix this or have any updates please let me know

I am new to Mailspring as of this morning. I’ve set up my accounts, one of which is Office 365. I have successfully sent and received email with both accounts.

However, with my o365 account, it continually encounters a “connection issue” with that account. When I click “Try now,” it tries to sync again and then fails, says it encountered an error while syncing, and finally forces me to re-authenticate with o365. I’ve had to do this multiple times. After I re-auth, it works for a bit until it encounters the errors again.

I have a basic account as I am just getting familiar with the program.

I will include screenshots below. Please note: I am a mere mortal and not a developer. I appreciate any help!


Hi @erinanacker, I’ve migrated your post to the open issue about this. We’re hoping to fix this soon! Please vote for this issue — select Vote at the top — to help raise its priority.

2 Likes

Thank you Jason! Glad to hear I’m not just going crazy :slight_smile:

This is a pretty significant issue given that it completely disables use of one of the largest email provider in the world…!

I am experiencing the same exact issue. Mailspring on Arch.

Hey @CodeMouse92 — Just a quick update. The problem seems to either have gone away or reduced significantly after Mailspring completed it’s initial scan of my email and folders for o365. Thank you for your help and continued efforts on this.

1 Like

Hello, I was wondering if there is any intention to integrate with Duo 2FA? My college account uses it and it gives me error as of now to log in.

{"error":null}
Manual update check (updates.getmailspring.com/check/linux/x64/1.8.0-8983dca2/545e9ea3
{ Error: Authentication Error - Check your username and password. (IMAP)
    at ChildProcess._proc.on.code (file:///tmp/nylas-build/electron-packager/linux-x64
    at ChildProcess.emit (events.js:182:13)
    at ChildProcess.EventEmitter.emit (domain.js:442:20)
    at maybeClose (internal/child_process.js:962:16)
    at Socket.stream.socket.on (internal/child_process.js:381:11)
    at Socket.emit (events.js:182:13)
    at Socket.EventEmitter.emit (domain.js:442:20)
    at Pipe._handle.close (net.js:606:12)
  message:
   'Authentication Error - Check your username and password. (IMAP)',
  rawLog:
   '----------IMAP----------\nconnect <mailcore::IMAPSession:0x7ffdebf367f0>\r\n* OK TBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]\r\nssl connect outlook.office365.com 993 2\r\nOpenSSL LUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+\r\n1 OK CAPABILITY completed.\r\...\r\n2 NO AUTHENTICATE failed.\r\n' } { 
Raven: 429 - undefined

The system is Debian 10 with KDE Plasma V5.14.

We actually don’t plan to support any form of 2FA. Most email clients don’t. You should use app passwords in those situations.

Is there an update on this, I am currently trying to connect my school office 365 account and it takes me to the page to verify and then shows this message. There is no 2FA setup.

I did look for logs but couldn’t find where they were.

If there was an update on this, it would have been posted here already.

Mailspring is developed entirely in free time, and there’s a lot to do in that extremely limited time. As a result, it’s not possible to provide timelines. Any development help fixing this would be appreciated.

Hi

I found the problem (and the solution) for my particular problem. The XOAUTH2 authentication feature is not truly set on the office account.
It can be fixed by following this walk-through.
https://www.limilabs.com/blog/office365-temporary-server-error-please-try-again-later-prx4

2 Likes

@pcbowers @anat0lius @TheOneKevin @juancho9303 @erinanacker @joshpack @liu2z2 @callum-osborne

Does the solution above solve it for anyone? Please report yes or no, so we know whether this issue is resolvable with a basic Q&A, or whether to leave this open as a bug.

Thanks for the detective work, @hkorsvoll!

Hello,

Thanks for keeping me updated in the loop! Unfortunately I am not able to test that because my account is under the the administration of my college IT department. But if it works for anyone else, I’m glad it worked out for you!

It should be noted that @hkorsvoll 's screenshot is fundamentally different from @callum-osborne 's. @hkorsvoll’s screenshot is an SMTP error whereas @callum-osborne 's is an IMAP error. While the SMTP error may be fixed using the walkthrough he provided, the IMAP error is inherently different.

I am receiving the IMAP error specifically, though I am also aware that my institution has disabled IMAP and POP3, leaving Exchange as the only viable alternative. While authentication is working properly, it could be the simple fact that Mailspring does not currently support Exchange protocols. Correct me if I’m missing something here though!

While looking into this, I did try @hkorsvoll 's fix. I ended up running into similar permission issues. It would seem if one is trying to fix the SMTP error, one would require elevated permissions to their Office365 account to be able to allow Authenticated SMTP. That, or submit a ticket to whoever is in charge of their email within their office with the request.

See the below screenshot for permission context:

2 Likes

I too hope that we can get MFA running against O365 with Modern Authentication. With the recent issues faced on Exchange Servers, as well as O365 Online, it is recommended that MFA be used to secure user accounts. Unfortunately, Microsoft decided they would run this via their own methods, which is where we are now stuck. As time passes, we will see more users of O365 setup with MFA as a method of stopping threat actors from being given access.

I agree on both stances here. This is a free application developed by a team of amazing people , not a paid application with SLAs. I do hope that the MFA Setup from Microsoft can be supported, but of course they only support this on their Microsoft Authenticator Application. As a workaround, I hope that MFA with a 2FA Code from any Authenticator app could be supported. This will of course have to be setup on the account in question. If the institution decides not to allow other authenticators, we’re not going to get anywhere with this.