From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Thomas Fitzsimmons Newsgroups: gmane.emacs.devel Subject: Re: gmail+imap+smtp (oauth2) Date: Thu, 05 May 2022 17:44:01 -0400 Message-ID: References: <871qxbdulc.fsf@mat.ucm.es> <87k0b2tkg1.fsf@mat.ucm.es> <87zgjx4qhs.fsf@gmail.com> <87bkwcgmr3.fsf@mat.ucm.es> <87levfzqj2.fsf@yale.edu> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="17494"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux) Cc: emacs-devel@gnu.org To: "Jorge A. Alfaro-Murillo" Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu May 05 23:45:16 2022 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nmjHf-0004LO-Mk for ged-emacs-devel@m.gmane-mx.org; Thu, 05 May 2022 23:45:15 +0200 Original-Received: from localhost ([::1]:40756 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nmjHe-0000rG-Bz for ged-emacs-devel@m.gmane-mx.org; Thu, 05 May 2022 17:45:14 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:55340) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nmjGZ-00007S-7S for emacs-devel@gnu.org; Thu, 05 May 2022 17:44:07 -0400 Original-Received: from mail-qt1-x82e.google.com ([2607:f8b0:4864:20::82e]:33530) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nmjGW-0005gB-U5 for emacs-devel@gnu.org; Thu, 05 May 2022 17:44:06 -0400 Original-Received: by mail-qt1-x82e.google.com with SMTP id hf18so4226751qtb.0 for ; Thu, 05 May 2022 14:44:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fitzsim-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=xtwEEFY8VWpuoKyDpBF6uftVV6co1wGtk+i6LwJcQX8=; b=5lL0mZeRIwyMokz/nWnTUHY+D5y+NOQoGo8/U1mtYI4QbAawVx/gqhIwGQXD3urQUd ujpx4lCA56uUQo4pLAuo24er0W6COTG+mJN6LOnyLUEiCtGYSPu06LgDCytYPaHjd8uB jX04YSs2N8zMdRAxgk8oaaJsEzR7ujX1PFBtKxtqBohzVbqsadFQC+uogauhLgdssqpt de/ScSnZtzumJxkLq78A2PICakMUr9W23epl2qU741fjnyvxgzNWYqWAbsLZgojT7bHh nUz4XgWOiXngjpp3JjHQX2XRdemakpgpFfAswSjuByW0D+/X7caOKucfyVCHUVIwbqht 5z4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=xtwEEFY8VWpuoKyDpBF6uftVV6co1wGtk+i6LwJcQX8=; b=50/QLHqnldagiH0C52W9qsyrcqKdFmIbMSYslQLBxQRCaWfrKZ0e1Um2lpLrdsIb7D CqTVBL6C1wzQu/0D+1NJfrCpoBR0xnmLjXgLfTJt+xwjrax7bfbjWCn2da+xX7p6uu3b 5cTOOuSb81jqOhR8JaUYrT7G+KCVK/+QMmGoO6TWSoV/a0Z5nR3hp59pzjTKIGZYb1fk Dj2TqVnS5xnJvscTmWy+ZIuR6v04xtLCeQeyVJrDBJv0gz8E/Gdj95NircMTwe9XxJDA PoWlV2DsheqOX2a/5/42XX/QhOWPszxvRjYj8JnwJlvYHeCHbu7ur8d6z9oWqGuBnkF/ 96Dg== X-Gm-Message-State: AOAM533CVaJehlgnQSxTR10Pq9WUez+NwNC5qZiWnk59FSQwZbnP22vw M6gS4Hp3xo2SD+7lARbKKztKnjTk2SkkFw== X-Google-Smtp-Source: ABdhPJz/ZT+2kLSMO1JCNmQc3DxlQBfjOtwZ07GqH5+ElMtkZHQDf0NectBdCmVE+jxkoae8OC9Uag== X-Received: by 2002:a05:622a:145:b0:2f3:82ed:4b62 with SMTP id v5-20020a05622a014500b002f382ed4b62mr134096qtw.590.1651787042970; Thu, 05 May 2022 14:44:02 -0700 (PDT) Original-Received: from localhost.localdomain (69-165-165-189.dsl.teksavvy.com. [69.165.165.189]) by smtp.gmail.com with ESMTPSA id 69-20020a370448000000b0069fc13ce231sm1423014qke.98.2022.05.05.14.44.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 05 May 2022 14:44:01 -0700 (PDT) In-Reply-To: <87levfzqj2.fsf@yale.edu> (Jorge A. Alfaro-Murillo's message of "Thu, 05 May 2022 16:13:37 -0400") Received-SPF: pass client-ip=2607:f8b0:4864:20::82e; envelope-from=fitzsim@fitzsim.org; helo=mail-qt1-x82e.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:289284 Archived-At: Hi Jorge, "Jorge A. Alfaro-Murillo" writes: > On Thu, May 05 2022, Filipp Gunbin wrote: > >> Just FTR, with Outlook from Office365 (we had that at work), it is >> just that - you create an app password in web interface (yes, >> non-free JS), and then just put it in authinfo instead of your >> "account password". > > Just to let you know that (sadly) we have Office365 at my institution > but that they do not allow app passwords. It is something that IT has > to allow from the Office 365 Admin Center. When I called them about > it, they told me that they were only supporting email clients that had > 2-factor authentication. > > I haven't been able to use gnus with my work email (@yale.edu) since > then. I wonder if the same is true for other institutions that use > Google Workspace. > > FYI, two free open-source email projects thunderbird (MPL-2.0) and > fairmail (GPL3) work with 2-factor authentication. Is there anyway to > use their method of authentication in gnus? In my case I had to request that my Microsoft Office 365 administrators leave IMAP and SMTP enabled. Apparently each of these protocols can be enabled or disabled for individual users, groups, etc., or organization-wide. (This is another variable that frustrates the writing of a generic set of instructions for "Using Emacs with MSO365".) This setting is orthogonal to whether Microsoft-Office-365-OAuth-2.0 is required for each of the protocols, as far as I can tell. Assuming you can have your administrators enable IMAP and SMTP for your accounts, and assuming that application passwords are not enabled, using Gnus for email is still achievable in my experience. Ideally I would like to use the Emacs IMAP and SMTP implementations, with the oauth2 package from GNU ELPA. However, I haven't got there yet. I haven't yet tackled whether oauth2.el supports Microsoft-Office-365's-take-on-OAuth-2.0-as-configured-by-my-organization (there should probably be a standard for naming OAuth 2.0 implementation and configuration variants; you know, to limit confusion). However, an interim solution I've landed on is to use Gnus's nnmaildir backend for reading a local archive of my IMAP emails, smtpmail for SMTP, and mbsync for synchronizing between the IMAP server and the local archive. Microsoft-Office-365-OAuth-2.0 is handled by a script, oauth2ms, which smtpmail and mbsync call out to: https://github.com/harishkrupo/oauth2ms Besides providing the script, the oauth2ms repository has thorough documentation that explains all the Emacs-vs-MSO365 considerations better than any other resource I've seen. Thomas