I'm developing a WPF email client application using MailKit. I was facing with an interesting issue. Basically, I can not connect to the outlook's imap server.
This is the way how I try to connect:
var client = new ImapClient();
client.Connect("imap-mail.outlook.com", 993);
client.Authenticate(new SaslMechanismOAuth2('<username>', '<accessToken>'));
The SMTP connection and auth works fine. And the most interesting thing is that, with another outlook account, there is no issue connecting to the IMAP server.
Here are the protocol logs when it fails:
Connected to imaps://imap-mail.outlook.com:993/
S: * OK The Microsoft Exchange IMAP4 service is ready. [VgBJADEA...BNAA==]
C: D00000000 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
S: D00000000 OK CAPABILITY completed.
C: D00000001 AUTHENTICATE XOAUTH2 dXNlcj1vcml...YTZiMURBZz09AQE=
S: D00000001 OK AUTHENTICATE completed.
C: D00000002 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CLIENTACCESSRULES CLIENTNETWORKPRESENCELOCATION BACKENDAUTHENTICATE CHILDREN IDLE NAMESPACE LITERAL+
S: D00000002 OK CAPABILITY completed.
C: D00000003 NAMESPACE
S: D00000003 BAD User is authenticated but not connected.
I checked the settings on outlook, if the IMAP protocol could be disabled, but I did not found any settings for this. As I know this option is just possible with an exchange account, but the one I'm using, it's a simple outlook account.
Here I found an explanation for the problem, and okay I understand that the problem could be on outlook's side, but anyway I have to do something to be able to use my account.
Any ideas?
Related
I am trying to setup saml sso configuration for my application which is deployed in websphere.
Idp- Azure AD
SP - Websphere application server when my target application deployed
Done TAI configuration as per the Ibm document . But when I hit the test button from idp I could see the saml response in network tab. but i couldn't login to my application and also didn't get any trace related to saml in log files also however i have enabled logs for saml in Troubleshoot. My doubt is sometimes am getting trace which are related to TAI during server stop. For each request should i be getting TAI trace ? and why my saml response not getting intercepted in TAI. How exactly the interception happen with saml response and how do we get to know that saml response got validated.
[15/4/21 16:18:42:855 IST] 00000096 TrustAssociat A SECJ0121I: Trust Association Init class com.ibm.ws.security.web.saml.ACSTrustAssociationInterceptor loaded successfully
acs url -> https://localhost:/browserTest (which is my actual target application url)
metadata and signing certificates also imported correctly.
Thanks for your help.
The acs URL has format like this:
https://<hostname>:<sslport>/samlsps/<any URI pattern string>
if you want to use your application URL
https://localhost:/browserTest
as acs URL, this UR must be able to accept HTTP POST.
We have an iOS app connected to an AppAngine backend and we have implemented basic emailing functionality using the GMail API (from the backend) however reply to still has a small problem: we noticed that the reply arrow is not shown in desktop email client (eg. Apple Mail app in my tests) when we reply from our app. (We have set the required headers (In-Reply-To and References) and the threadId, as described in the API docs, and the email was sent succesfuly)
Then we figured it out after reading (https://www.rfc-editor.org/rfc/rfc3501#section-2.3) and experimenting with IMAP using a local script:
for marking the message as replied we had to set the \Answered flag; then the small arrow icon will be shown in email clients.
Is there any way to set the \Answered flag using the GMail API?
SOLVED: For other people having this error, please check this:
I configured my endpoint/reply address as http:// whilst my app was running https://.. After changing it to https things worked as expected and I could login on the v2 endpoint as well as query the graph api.
It's also a restriction on the v2 endpoint, so beware of that. It just needs to be in https, see the docs:
Restrictions on redirect URIs
Currently, apps that are registered in the Application Registration Portal are restricted to a limited set of redirect URI values. The redirect URI for web apps and services must begin with the scheme https.
source: https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-limitations
I have configured an application via the apps.dev.microsoft.com portal as described in this sample project.
I was running under a different port though, so when I set up the URLs in the app registrations I changed them to match my port number.
Now I'm receiving this error after the flow is trying to connect back to my application.
How can I debug this, or how do I know what is happening?
Additional technical information:
Correlation ID: 145d8f37-7229-4dce-8ace-c777e4aeef94
Timestamp: 2017-11-02 08:41:21Z
AADSTS50011: The reply address 'http://localhost:60761/signin-oidc'
does not match the reply addresses configured for the
application: '8b640f9d-e7d8-4c41-8a40-15069f5712ee'.
More details: not specified
I also get the notification that this application will be fed to the Azure AD Portal (app registrations) - but I can't find it there.
I have been using java mail to send mail from jsp to send emails.
But google is blocking my request and I am getting a message from gmail to my inbox as Signin attempt blocked.
In order to send mails from my account I have to update my security setting access permission to less secureapps but I don't want to do it.
So how to send mails using ssl in java mail?
The sample code I am using is:
properties.put("mail.smtp.auth", "true");
properties.put("mail.smtp.starttls.enable", "true");
The "less secure apps" setting has nothing to do with SSL. It's required to allow you to login using just a username and password, instead of using the (more complicated, but presumably more secure) OAuth2 authentication technique.
I'm working on an embedded application (running MQX RTOS, written in C) which has SMTP functionality. Recently, TLS support was added using the Mocana NanoSSL library. I'm currently able to successfully send emails using Gmail, Yahoo, and private exchange servers. Unfortunately, Hotmail does not work. Here's the connection parameters i've used:
Server: smtp.live.com
Port: 25 and 587
AUTH method: PLAIN and LOGIN
Basically, i'm able to successfully connect to the server, perform the SSL/TLS handshake (using STARTTLS), and send the encrypted EHLO message to the server (receiving a response). According to this response, the server supports both AUTH PLAIN and AUTH LOGIN. However, once I send either of these commands, the following SSL_recv() call I make to get the response fails with either a timeout or connection reset by peer.
UPDATE:
OK, so after some experimentation it would appear that my issue lies at the SSL library level and not with Microsoft's SMTP server. I tried replacing the SSL_recv() calls with standard RTCS socket recv() calls and was able to receive and view encrypted data. By disabling my response verification, I was then able to continue through the SMTP process and successfully send a message. At this time i'm not sure why the SSL_recv() calls are unable to get the socket data, but i'll keep digging and will hopefully find an answer.
Well, I also got it working here too. I had to replace the
ssl_ctx=SSL_CTX_new(SSLv23_client_method());
with either:
ssl_ctx=SSL_CTX_new(SSLv3_client_method());
or
ssl_ctx=SSL_CTX_new(TLSv1_client_method());
My understanding is that the 23_client method sends a SSL2 client hello first and this confuses the server.
I read this in the HP SSL programming tutorial:
http://h71000.www7.hp.com/doc/83final/ba554_90007/ch04s03.html
it says: "However, the SSL client using the SSLv23 method cannot establish connection with the SSL server with the SSLv3/TLSv1 method because SSLv2 hello message is sent by the client."
SSL3 works too since you can continue after STARTTLS with SSL, you do not have to use TLS.
See here:
https://www.fastmail.fm/help/technology_ssl_vs_tls_starttls.html
So, it's the SSL library itself that appears to be failing me here. I was able to bypass the issue and successfully send email by simply not calling SSL_recv() to verify the server responses. I'm obviously not able to error check or get any meaningful failure feedback, but for a successful use case where the server accepts all of my SMTP messages the email is sent.