OAUTH E-Mail

SMTP email proxy and relay server

Brought to you by: graeme_walker

#60 OAUTH E-Mail

Milestone: v1.0 (example)

Status: closed

Owner: nobody

Labels: None

Priority: 5

Updated: 2022-11-16

Created: 2021-11-16

Creator: Patrick Gregorius

Private: No

Hi there,
we already use the E-MailRelay for many years and we are happy with it. Now we have a new task to implement an E-MailRelay in connection with Exchange Online and OAUTH.

I already read in another support case, that E-MailRelay is working with OAUTH but I canno´t find the documentation for the setup. (Syntax for the Config and Auth File)

Have someone an documentation or an sample configuration and Auth file for us?

Thank you very much in advance.

Best regards
Patrick

Discussion

Graeme Walker - 2021-11-17

The configuration is through the secrets file, with "--client-auth" on the command-line to point to the it. The client secret must have a password type of "oath", so a line like "client oauth alice+20smith ZXhhbXBsZSBvYXV0aCB0b2tlbg==". Obtaining the token is not something I can help with because when I read the google or microsoft documentation I die a little inside, but I too would be interested in hearing from anyone who has it working.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Graeme Walker - 2022-03-12

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jerry Kowalewski - 2022-11-15

Hi Graeme, with office365 forcing oauth2 by end of year, is there any official docmentation on the setup process in e-mailrelay? I've come across 3 other threads in support and there isn't a decisive answer explaining how to configure for oauth.

In Azure, I successfully register an app and have obtained a client ID and secret. I have successfully sent a test email using mailkit in c#. For e-mailrelay, do you know if the just the secret should be encoded (base64 Windows-1254), or do I combine the clientID and secret. ex. clientid:ZXhhbXBsZSBvYXV0aCB0b2tlbg== and encode that?

client oauth email@domain.com ZXhhbXBsZSBvYXV0aCB0b2tlbg==

I've tried many combinations, and keep getting:

smtp error: authentication failed using mechanism [xoauth2] and oauth secret for email@domain.com from line 1: [5.7.3 Authentication unsuccessful]

Thank you for creating this project! It has been very helpful.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Graeme Walker - 2022-11-16

You're right that I haven't helped with oauth queries and that's because as far as emailrelay is concerned it's up to you to obtain an authorisation token and stuff it in the secrets file. How you obtain a token will depend on your service provider and I'm afraid that I loose the will to live whenever I try to read the relevant documentation from google or microsoft.

You don't think you should concatenate the id with the token. Try without the "==" padding.

Note that the oauth protocol extension allows for diagnostic information to be sent back from the service provider, so please examine the --verbose emailrelay log file carefully.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.