Sending EMail using SMTP with OAUTH
31 views
Skip to first unread message
Julian Ford
May 24, 2020, 12:10:42 PM5/24/20
to VA Smalltalk
Hello, all.
I have a few clients who have Hotmail, or Microsoft Live EMail accounts,
and these do not support the use of STARTTLS, to send EMails.
They do, however, support XOAUTH2.
I am using the EMan goodie to send EMails, and I have also been adding to that
goodie for the last few years.
Has anyone built an EMail client using OAUTH?
Any pointers, or a starting direction, would be greatly appreciated..
Thanks in advance....
And stay safe and healthy!
Regards,
Julian
Seth Berman
May 24, 2020, 1:06:47 PM5/24/20
to VA Smalltalk
Hi Julian,
Since 9.2, the mail application includes an authentication framework to implement SASL.
It supports CRAM-MD5, SCRAM-SHA-1, SCRAM-SHA-256, LOGIN, XOAUTH2 or a custom protocol you can define and hook into SASL.
It supports CRAM-MD5, SCRAM-SHA-1, SCRAM-SHA-256, LOGIN, XOAUTH2 or a custom protocol you can define and hook into SASL.
Load the ST:Server Smalltalk (SST) - Mail (IMAP/SMTP) feature and review the SstMailAuthenticationApp for some idea.
If you want see how that looks from a protocol conversation standpoint...run some of the SstSmtpClientExample>>exampleSasl* examples which has logging enabled and prints these out to the Transcript. You can then switch out the sasl authenticator used in the example with a SstSaslOAuth2Authenticator which requies a user and access token.
VAST just handles the SASL conversation and encoding for XOAUTH2...there are still specifics to understand with each provider (gmail, hotmail, yahoo...).
Of course, I know what we have in VAST is not EMan, but hopefully it may point you in the right direction.
Of course, I know what we have in VAST is not EMan, but hopefully it may point you in the right direction.
-------------------------------------------------------------------------------------
Back to your original problem, you said that they don't support a STARTTLS upgrade.
But what about just an initial SSL connection? If you login to their SSL/TLS port for Microsoft Live...what CAPABILITY listing does it answer?
But what about just an initial SSL connection? If you login to their SSL/TLS port for Microsoft Live...what CAPABILITY listing does it answer?
- Seth
Seth Berman
May 24, 2020, 1:08:16 PM5/24/20
to VA Smalltalk
BTW, I would get 9.2.1 if you are going to experiment.
There were some SMTP fixes that were necessary for certain SMTP servers.
There were some SMTP fixes that were necessary for certain SMTP servers.
- Seth
Julian Ford
May 24, 2020, 4:18:41 PM5/24/20
to VA Smalltalk
Thanks, Seth....
I will try what you have suggested.
And yes, I am already using 9.2.1, so should have what I need.
Greatly appreciate the response!
Julian
Seth Berman
May 24, 2020, 4:23:57 PM5/24/20
to VA Smalltalk
Hi Julian,
Sure. Just reach out to me if you get stuck.
- Seth
Julian Ford
May 24, 2020, 4:48:26 PM5/24/20
to VA Smalltalk
Sorry....missed the second part of your message....
After the EHLO, the capabilities listing I receive is as follows:
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH LOGIN XOAUTH2
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
Julian
On Sunday, May 24, 2020 at 1:06:47 PM UTC-4, Seth Berman wrote:
Seth Berman
May 24, 2020, 4:55:54 PM5/24/20
to VA Smalltalk
Hi Julian,
So it supports LOGIN? Can you just use that?
@see SstSaslLoginAuthenticator
@see SstSaslLoginAuthenticator
- Seth
Reply all
Reply to author
Forward
0 new messages