O365 - Not Fetching POP3 OAuth2 mails.

Topic Resolution: Answered

Ansicht von 5 Antwort-Themen

Autor

Beiträge
- 7. August 2023 um 15:28 Uhr - Views: 593 #15485
  Answered
  Jos jos
  Teilnehmer
  I’ve looked through the other posts on this forum but can’t seem to find a solution for our problem:
  
  I have a Docker Otobo installation and O365 where I have multiple mailboxes. I want to grab the mails out of those mailboxes using Oauth2/POP3. I have setup the App regristration using the explanation provided here:
  https://doc.otobo.org/manual/admin/10.1/en/content/communication-notifications/postmaster-mail-accounts.html#pop3-and-imap-oauth2-authentification
  
  I now know that there is some outdated information in here which I have figured out, incorrectID which caused a message about return URL not valid. What I am now stuck on is that after clicking save it asks me to fill in a password, and grant admin acces. I do this and get: Mail account updated! In Communicationlogbook is see:
  
  1
  Kernel::System::MailAccount::POP3
  Open connection to 'outlook.office365.com' (e-mailadres).
  07-08-2023 13:10:09
  2
  
  Kernel::System::MailAccount::POP3
  5 messages available for fetching (e-mailadres/outlook.office365.com).
  07-08-2023 13:10:10
  3
  
  Kernel::System::MailAccount::POP3
  Fetched 0 message(s) from server (e-mailadres/outlook.office365.com).
  07-08-2023 13:10:10
  4
  
  Kernel::System::MailAccount::POP3
  Connection to 'outlook.office365.com' closed.
  
  The mail however isnt grabed. I can see in the firewall it makes a succesvol pop3 connection to the o365 server.
  
  If I run:
  docker exec -t -u otobo otobo_web_1 bin/otobo.Console.pl Maint::PostMaster::MailAccountFetch --debug
  
  I get a bunch of text with at the end:
  Net::POP3::_SSL=GLOB(0x56525c2fdc78)<<< ********ERR Authentication failure: unknown user name or bad password. Net::POP3::_SSL=GLOB(0x56525c2fdc78)>>> LIST Net::POP3::_SSL=GLOB(0x56525c2fdc78)<<< ********ERR Command is not valid in this state. Net::POP3::_SSL=GLOB(0x56525c2fdc78)>>> QUIT Net::POP3::_SSL=GLOB(0x56525c2fdc78)<<< +OK Microsoft Exchange Server POP3 server signing off. Done.
  
  The username and password I’ve put in is correct.
  
  Does anybody have a clue what the issue could be?
- 8. August 2023 um 8:16 Uhr #15486
  marcel-graf
  Teilnehmer
  Hello Jos,
  
  was Pop3OAuth2 used and does the mailbox user have POP3 rights?
  
  You can also read the Post in the Following Link: https://community.znuny.org/viewtopic.php?t=43332
  
  Greetings,
  
  Marcel
- 8. August 2023 um 16:06 Uhr #15489
  Jos jos
  Teilnehmer
  Hi Marcel,
  
  Thanks for replying. Yes as far as I can see the user has the rights and I’m using the POP3Auth:
  
  Perhaps I’m missing something. What I do see in the logbooks it says that it fails on:
  
  Reden van fout
  Admin consent is required for the permissions requested by this application.
  
  Aanvullende details
  Ask your tenant administrator to provide consent for this application.
  
  Now I use an admin account to provide the concent. I even see a status Passed on that user at the time of concent.
  
  I’ve read through the post you added, but I had already seen that. Actually retreiving e-mails from a diffrent pop3 server actually works, but as O365 doesnt support Basic Authentication I cant use that. I’d be thankfull for any help on this as I’m pretty much stuck.
- 9. August 2023 um 10:20 Uhr #15492
  marcel-graf
  Teilnehmer
  Hello Jos,
  
  you can check the following Post with the same problem:
  
  https://otobo.io/en/forums/topic/exchange-online-oauth2-authentication/
  
  And have you checked the section „Switch to API permissions and add IMAP.AccessAsUser.All and POP.AccessAsUser.All“ in the Documentation, with your Settings in Azure and also the mailbox settings in Exchange Online for yout otobo user?
  
  Printscreen from german language
  
  i hope this helps
  
  Greetings,
  
  Marcel
- 9. August 2023 um 12:03 Uhr #15493
  Best Answer
  Jos jos
  Teilnehmer
  Hi Marcel,
  
  That was also not the issue and already setup correctly. I have however found the issue and fixed it although not in the way I expected:
  
  Under Enterprise application, all application, search for otobo and click on the Otobo application. Under manage and owners I only had my admin account. This is the admin account I used to concent, but didn’t work. I have added the otobo user and now there is no question for concent (user having to concent for it’s own actions wouldn’t make much sense either way) and it works. I don’t know if this is working as intended, as I don’t see the requirement or explanation in the manual that concent can’t be given by another user. The one difference between the 2 users I can think of is that the otobo user does not have MFA requirments enabled, where the admin user has. Perhaps this is causing the problem.
  
  For now this works and I can continue with my tests.
  
  Thank you for helping me with this issue.
- 9. August 2023 um 12:21 Uhr #15494
  marcel-graf
  Teilnehmer
  That sounds good :)
  
  In our setup (we use http, not https) , each otobo mailbox user is MFA enabled.
  
  After add an mailbox in otobo, the Microsoft Auth. website opens and i set the credentials, on the following open site I need to switch from https to http, only then the account is added in otobo.
  
  In case anyone needs it.
  
  Marcel
Autor

Beiträge

Ansicht von 5 Antwort-Themen

Du musst angemeldet sein, um auf dieses Thema antworten zu können.

Unternehmen

Software

Services

Community