Microsoft's retirement of basic authentication / OAUTH2 and RT

Hi all - our RT instance uses getmail (getmail version 5) to shuttle email into RT. The accounts are Microsoft Office365 addresses provided by our central IT service. With Microsoft announcing the retirement of Basic Authentication and move to their own flavor of OAUTH2, does anyone have any solution for getting Office365 mail into RT?

Getmail supports OAUTH2 for Gmail but only with IMAP and as of now, MS has not provided an IMAP/OAUTH solution.

The alternatives I see so far:

  1. Somehow running our own mail server again. This would bump up against “rules” from above so would likely be a last resort if even at all possible.
  2. Forward emails to a third-party provider that still supports standard IMAP accounts.
  3. Hoping that Microsoft will release an IMAP solution and that some Linux client (getmail, fetchmail, something else) will support this in the future.

I’d be curious if anyone else is in the same boat and what you’re planning on doing about it.

Thanks all!

Can you have the mail forward to the RT server from Exchange and then have the alias tell the server how to get the email to RT?

Hi Miturria,
I had the same problem. I solved it with a small python script and the o365 library.
I got from our IT a ClientID and ClientSecret and some rights for Email.Read an Email.Send.
So currently I’m connecting to Microsoft for authentication and using the MSGraph API to pull the mails like fetchmail or getmail did. Please have a look at O365 .

1 Like

Thank you! I will check this out soon. My Python skills may just be enough to write a script to fetch mail using this library. :slight_smile:

Does anyone have a replacement for GetMail to retrieve email for RT4.4?

Since our university offers both O365 and GApps, we wound up changing the email addresses for RT to Google. Getmails OAUTH implementation works OK with Google. getmail-5.6 XOAUTH2 configuration for gmail

Hey guys,
I wrote a simple script to catch my emails from O365. It’s no rocket science and striped down for my specific needs but maybe it will help you to get an idea.

Please let me know in case you have improvements.

I see there are options to read shared mailboxes in Graph, is there something that needs to be changed in the scripts so ican get the mail for shared mailbox? in graph i gave acces to the shared mailbox and am able to read mailbox from the graph explorer.
It would be great if you could make it work in the script.

An example how to call shared mailboxes is on the library page. Have a look here:

that was not to difficult, fixed my problems request tracker is up and running now :slight_smile:

For anyone still landing here, although I’m sure the Python scripts work well, there appears to be a solution developed by bestpractical that is worth checking out now too.

See Fetch email from o365 - modern way for more details.

You now have one more alternative available to you. We’ve recently released a utility, App-wsgetmail, that will fetch mail from Office 365 and route it into RT. You can read more about it on our blog.

If you check it out, let us know how it works out for you.