Office365 SMTP fails

Description

Using the wizard to add a Office 365 account, fails.
The checkout page https://id.getmailspring.com/oauth/finished does tell “You’re all set”.

Inbox authentication seems to work:

    '2 OK AUTHENTICATE completed.\r\n' +
    '3 CAPABILITY\r\n' +
    '* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CLIENTACCESSRULES CLIENTNETWORKPRESENCELOCATION BACKENDAUTHENTICATE CHILDREN IDLE NAMESPACE LITERAL+\r\n' +
    '3 OK CAPABILITY completed.\r\n' +
    '4 NAMESPACE\r\n' +
    '* NAMESPACE (("" "/")) NIL NIL\r\n' +
    '4 OK NAMESPACE completed.\r\n' +
    'login ok\r\n' +
    '5 LIST "" "*"\r\n' +
    '* LIST (\\HasNoChildren) "/" Archiv\r\n' +

(listing of folders continues)

Problems start with outgoing authentication:

    '----------SMTP----------\n' +
    'connect smtp.office365.com 587\r\n' +
    '220 <subdomain>.outlook.office365.com Microsoft ESMTP MAIL Service ready at Tue, 16 Nov 2021 10:15:24 +0000\r\n' +
    'init\r\n' +
    'EHLO <local_hostname>\r\n' +
    '250-<subdomain>.outlook.office365.com Hello [176.96.155.207]\r\n' +
    '250-SIZE 157286400\r\n' +
    '250-PIPELINING\r\n' +
    '250-DSN\r\n' +
    '250-ENHANCEDSTATUSCODES\r\n' +
    '250-STARTTLS\r\n' +
    '250-8BITMIME\r\n' +
    '250-BINARYMIME\r\n' +
    '250-CHUNKING\r\n' +
    '250 SMTPUTF8\r\n' +
    'start TLS\r\n' +
    'STARTTLS\r\n' +
    '220 2.0.0 SMTP server ready\r\n' +
    'done\r\n' +
    'OpenSSL version: OpenSSL 1.1.0f  25 May 2017\r\n' +
    'init after starttls\r\n' +
    'EHLO <local_hostname>\r\n' +
    '250-<subdomain>.outlook.office365.com Hello [176.96.155.207]\r\n' +
    '250-SIZE 157286400\r\n' +
    '250-PIPELINING\r\n' +
    '250-DSN\r\n' +
    '250-ENHANCEDSTATUSCODES\r\n' +
    '250-AUTH LOGIN XOAUTH2\r\n' +
    '250-8BITMIME\r\n' +
    '250-BINARYMIME\r\n' +
    '250-CHUNKING\r\n' +
    '250 SMTPUTF8\r\n' +
    'AUTH XOAUTH2 <secret stripped>'  +
    '451 4.7.0 Temporary server error. Please try again later. PRX5  [<subdomain>.PROD.OUTLOOK.COM]\r\n' +
    '\n' +
    '\n' +
    'SASL_PATH: /usr/share/mailspring/resources/app.asar.unpacked\n' +
    '\n' +
    'SMTP Last Response Code: 451\n' +
    'SMTP Last Response: 4.7.0 Temporary server error. Please try again later. PRX5  [ZR0P278CA0186.CHEP278.PROD.OUTLOOK.COM]\n' +
    '\n' +
    '\n' +
    'mailsmtp Last Error Code: 1\n' +
    'mailsmtp Last Error Explanation: MAILSMTP_ERROR_UNEXPECTED_CODE\n' +
    'mailsmtp Last Error Location: 10\n' +
    'mailsmtp Last Auth Type: 256'
} { pluginIds: [] }
(node:227164) [DEP0066] DeprecationWarning: OutgoingMessage.prototype._headers is deprecated
Raven: 429 - undefined

Adding the same account on the same machine using i.e. evolution-ews works.
This is why assume no DNS or other misconfiguration.

To Reproduce…

Steps to reproduce the behavior:

  1. use the wizard to add an “Office 365” account
  2. authenticate in your web browser

Expected Behavior

No authentication error

Screenshots

Setup

  • OS and Version: debian 11.1
    • Installation Method: .deb
  • Mailspring Version: 1.9.2

Additional Context