[GTALUG] Fetchmail and Office365 and backslashes, oh my!
Myles Braithwaite 👾
me at mylesb.ca
Wed Jul 4 15:08:03 EDT 2018
Peter King via talk wrote on 2018-07-04 2:53 PM:
> Recently we were forcibly "migrated" to Office365 for our email services,
> and with the change numerous things were broken. One of the last things
> I cannot figure out how to solve is how to pass an alias email address to
> the MS server. So in .fetchmailrc I have a line like this:
>
> user "prof.bozo at utoronto.ca\department.chair at utoronto.ca" there with password "XYZZY" is bozo here
>
> But this fails, and in the fetchmail logfiles it represents the username as
> not having a backslash:
>
> Jul 4 14:35:14 fetchmail[13829]: IMAP> A0002 LOGIN "prof.bozo at utoronto.camedieval.philosophy@utoronto.ca" *
> Jul 4 14:35:14 fetchmail[13829]: IMAP< A0002 NO LOGIN failed.
> Jul 4 14:35:14 fetchmail[13829]: IMAP> A0003 LOGOUT
>
> If I double-backslash it, though, I get a double backslash in the username.
> Ditto for triple, quadruple, and quintuple backslashes. Nor does it work
> if I single-quote the backslash.
>
> According to the fetchmail manual, the backslash is used to communicate via
> ASCII sequences and codes with fetchmail, and it's pretty clear that this
> is part of the problem.
>
> Google turned up a few people with the same problem, but they seemed to
> have their problems (from 7+ years ago) fixed by multiple backslashes,
> which clearly aren't working for me.
>
> Any ideas? Our local people maintaining the MS Office365 nonsense dont'
> support fetchmail and are not interested in helping ...
I was having the same issues a year ago and basically gave up. I'm not
100% sure if this will work for you but it magically started working for me.
I switched my O365 account two-factor auth (they use SMS to transmit the
code, Ew) and had to create a bunch of app passwords[0] to be able to
connect with my main email client. Randomly one day decided to see if
this would work with fetchmail and lo and behold it did.
I don't know why it worked or if something was disabled in that year but
it works now.
[0]: The location where you generate new passwords is here:
<https://account.activedirectory.windowsazure.com/AppPasswords.aspx>
Off-Topic:
One of the scary things about finding URLs to generate passwords on
Super User is the fact the `windowsazure.com` whois lookup responds with
MarkMonitor Inc., they help corporations protect their domain names. So
you have to check the SSL certificate first to see if it's a valid
domain. I had to use this command:
echo | openssl s_client -showcerts -servername
account.activedirectory.windowsazure.com -connect
account.activedirectory.windowsazure.com:443 2>/dev/null | openssl x509
-inform pem -noout -text
to review if it's valid.
More information about the talk
mailing list