Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IMAP with outlook.office365.com and XOAUTH2 fails since 18-Feb-2024 with command LIST illegal in state NONAUTH #187

Open
weisslj opened this issue Feb 27, 2024 · 3 comments
Open

IMAP with outlook.office365.com and XOAUTH2 fails since 18-Feb-2024 with command LIST illegal in state NONAUTH #187

weisslj opened this issue Feb 27, 2024 · 3 comments

Comments

@weisslj
Copy link

weisslj commented Feb 27, 2024
edited
Loading

Bug description

Since around 18-Feb-2024 fetching email with offlineimap via IMAP from my work account outlook.office365.com via XOAUTH2 fails with command LIST illegal in state NONAUTH. Nothing was changed on my laptop as far as I know, and also not on the remote side according to our administrators. Accessing via mutt, thunderbird, and mbsync still works!

First I thought this is related to the changed Thunderbird client ID from 08162f7c-0fd2-4200-a84a-f25a4db0b584 to 9e5f94bc-e8a4-4e73-b8be-63364c29d753, but that does not seem to be the case!

General informations

  • system/distribution (with version): Debian GNU/Linux Stable (Bookworm)
  • offlineimap version (offlineimap -V): offlineimap v8.0.0, imaplib2 v3.06, Python v3.11.2, OpenSSL 3.0.11 19 Sep 2023 (also latest master v8.0.0-38-gd29a4dc = d29a4dc)
  • Python version: Python 3.11.2
  • server name or domain: outlook.office365.com
  • CLI options: offlineimap -o -1

Configuration file offlineimaprc

[general]
accounts = work
pythonfile = ~/.offlineimap.py

[Account work]
localrepository = work-Local
remoterepository = work-Remote

[Repository work-Local]
type = Maildir
localfolders = ~/mail/work
sep = /

[Repository work-Remote]
type = IMAP
ssl = yes
sslcacertfile = /etc/ssl/certs/ca-certificates.crt
auth_mechanisms = XOAUTH2
oauth2_request_url = https://login.microsoftonline.com/common/oauth2/v2.0/token
# from https://hg.mozilla.org/comm-central/file/tip/mailnews/base/src/OAuth2Providers.jsm
oauth2_client_id = 9e5f94bc-e8a4-4e73-b8be-63364c29d753
oauth2_client_secret = 
# via https://github.com/UvA-FNWI/M365-IMAP
oauth2_refresh_token_eval = keyring.get_password('offlineimap-refresh-token', '[email protected]')
remotehost = outlook.office365.com
remoteuser = [email protected]
remotepasseval = keyring.get_password('offlineimap', '[email protected]')
createfolders = no

pythonfile (if any)

import keyring

Logs, error

OfflineIMAP 8.0.0
  Licensed under the GNU GPL v2 or any later version (with an OpenSSL exception)
imaplib2 v3.06, Python v3.11.2, OpenSSL 3.0.11 19 Sep 2023
Account sync work:
 *** Processing account work
 Establishing connection to outlook.office365.com:993 (work-Remote)
 ERROR: While attempting to sync account 'work'
  command LIST illegal in state NONAUTH
 *** Finished account 'work' in 0:00
 ERROR: Exceptions occurred during the run!
 ERROR: While attempting to sync account 'work'
  imaplib2.imaplib2.IMAP4.error: command LIST illegal in state NONAUTH
@filipe3x
Copy link

Asking for help as well. outlook.office365.com stopped working here since 23 september

@weisslj
Copy link
Author

weisslj commented Oct 3, 2024
edited
Loading

@filipe3x sadly I never managed to get it running with offlineimap, but I got it running with mbsync (from isync) and mutt_oauth2.py, here is my ~/.mbsyncrc, I hope that helps! If not, feel free to contact me privately for help!

IMAPAccount mycompany
Host outlook.office365.com
User [email protected]
SSLType IMAPS
CertificateFile /etc/ssl/certs/ca-certificates.crt
AuthMechs XOAUTH2
PassCmd "mutt_oauth2.py [email protected]"

IMAPStore mycompany-remote
Account mycompany

MaildirStore mycompany-local
# note trailing slash
Path ~/mail/mycompany/
Inbox ~/mail/mycompany/INBOX
# use subfolders and not weird dot-folders
Subfolders Verbatim

Channel mycompany
Far :mycompany-remote:
Near :mycompany-local:
# include everything
Patterns *
# create new folders only locally
Create Near
# enable this only after everything seems to work
Expunge Both
# save sync state inside local maildir folder
SyncState *

But I would very much return to offlineimap (as I use this for my non-work mailserver).

@filipe3x
Copy link

filipe3x commented Oct 19, 2024
edited
Loading

Hi weisslj
I got offlineimap to work by a rather complicated work around. See the final answers here: simonrob/email-oauth2-proxy#297

And my ~/.offlineimaprc configuration

`
[Repository Outlook365-Remote]
type = IMAP
remotehost = 127.0.0.1
remoteport = 1993
remoteuser = [email protected]
ssl = no
folderfilter = lambda foldername: foldername in ['Receipts']
auth_mechanisms = PLAIN
remotepass = xxxxxxxx
sslcacertfile = /etc/ssl/certs/ca-certificates.crt
realdelete = no

`

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@weisslj @filipe3x