[MlMt] MailMate and Exchange

[Benny Kjær Nielsen]

On 22 Jan 2019, at 13:27, Alain Israel wrote:

> Same for me, Mailmate wors fine with Exchange (potential caveat , 
> there are multiple Exchange versions), except for handling the 
> keywords. I have never heard of Exchange that does not support 
> imap/smtp, neither forwarding. But I am not an expert.

If I understand correctly then some users of Office365 are also forced 
to use two factor authentication (which for IMAP means the XOAUTH2 
capability). The combination of IMAP and XOAUTH2 is not supported by 
Microsoft on `outlook.office365.com` even though it does work for 
`outlook.com`.

Strangely, the office365.com IMAP server does advertise support for 
XOAUTH2, but there is no way for me (MailMate) to register at Microsoft 
to get the credentials needed to actually use it. A cynical brain like 
mine could see this as proof that the lack of support for XOAUTH2 is 
primarily a strategical decision.

I'll go a bit off topic here. As [I wrote 
about](https://blog.freron.com/2015/is-oauth2-support-a-good-thing/) a 
few years ago I worry about the use of OAuth2 in general. My worry is 
that big companies can use it to lock out specific email clients 
whenever they feel like it. This hasn't happened yet, but we are in a 
situation with the 3 big players using 3 different strategies:

* Google: Supports OAuth2 and makes it easily available for developers, 
but they also make non-OAuth2 access practically useless by making it 
hard to enable and to stay enabled. In the process, they don't hold back 
on scaring users with claims of third party email client access being 
insecure. In addition to this, Gmail IMAP (Gimap) is really not IMAP at 
all. It is perhaps one of the most successful examples of Microsoft's 
[“Embrace, extend, and 
extinguish”](https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguish) 
strategy.
* Microsoft: Supports OAuth2 on `outlook.com` but refuses to support it 
on `office365.com` essentially preventing Office 365 users from using 
email clients which do not have native support for their proprietary 
Exchange email protocols. In addition to this, Exchange IMAP is possibly 
one of the most buggy IMAP implementations in widespread use.
* Apple: Probably supports something very similar to OAuth2, but they 
don't make it available for third party developers. When two factor 
authentication is enabled Apple's own applications work very nicely, 
while third party applications need the users to create application 
specific passwords.

There are no signs that any of the above will change in the future.

-- 
Benny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20190122/7bf4d3a1/attachment.html>