Authenticate Outgoing Mail with OAuth

Authenticate Outgoing Mail with OAuth

by Geoffrey Van Wyk -
Number of replies: 4
Picture of Plugin developers

Is it possible to configure outgoing mail to use OAuth for authentication? We want to use Microsoft Exchange Server via Azure Active Directory (https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth). 

It does not appear to be the case when one looks at the SMTP Auth Type drop-down on the Site Administration > Server > Email > Outgoing Mail Configuration form.

Has a plug-in been created for that yet? I checked on the plug-ins directory, but could not find any. It does not look like any of the Office 365 plug-ins include this feature.

If default Moodle cannot be configured to do it, and there is no plug-in available, it seems we will have to create a custom plug-in.

Average of ratings: -
In reply to Geoffrey Van Wyk

Re: Authenticate Outgoing Mail with OAuth

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
You could send the mail to a local "smarthost" and then get that to authenticate using OAuth. No idea how easy that is.

However, there's a Postfix plugin it appears - https://github.com/tarickb/sasl-xoauth2/blob/master/README.md

Sounds like a lot of grief to me and I'm struggling to see what it's buying you.
Average of ratings: Useful (1)
In reply to Howard Miller

Re: Authenticate Outgoing Mail with OAuth

by Geoffrey Van Wyk -
Picture of Plugin developers
Thanks for the reply, Howard.

This is for a client. Microsoft Security Defaults do not allow the use of SMTP Auth only (see the note under option 1 on https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365).

This seems like a good option to try. I think it will be less work than a plug-in.
Average of ratings: -
In reply to Geoffrey Van Wyk

Re: Authenticate Outgoing Mail with OAuth

by Visvanath Ratnaweera -
Picture of Particularly helpful Moodlers Picture of Translators
I'm ignorant in everything Microsoft. My comment is general on how mail notifications of Moodle are sent.

There are two different authentication processes: 1. Users authenticate on Moodle 2. Moodle authenticates (explicitely or implicitely) on a SMTP server or a SMTP relay, which relays the mail in the direction of the receipient's MX.

The latter authentication has no connection to users' credentials.

Long story short, you tell the Microsoft MX to accept mails coming from the Moodle server. Here is the complication: Moodle is just a MUA, not a MTA. Moodle needs one. The most common solution here if the forums is to run Postfix on the Moodle server itself, limiting it to accept connections from localhost only.

Well, I assumed that the Moodle server is Linux. Discard the answer if it is not!
wink
Average of ratings: -
In reply to Geoffrey Van Wyk

Ri: Authenticate Outgoing Mail with OAuth

by Francesco Bianco -

Hi , please, get you a chance to PHP-IMAP2 (https://github.com/javanile/php-imap2)
This is a FULL implementation of standard PHP IMAP functions like (imap_open, imap_getmailboxes, imap_*, etc...)

This was full tested, every input to imap2_* functions get back the same output of imap_* equivalent

The IMAP2 works well with OAUTH

This libray can be installed with composer

composer require javanile/php-imap2

This libray introduce a easy way to replace the old PHP-IMAP with new one:

JUST replace all imap_(...) functions with imap2_(...)

NO OTHER AMENDS are required.

Please give me the opportunity to make my sacrifices useful to the community.


Average of ratings: -