[BlueOnyx:24100] Outlook for Android failure

Tue, 14 Jul 2020 14:29:12 -0700

We've recently had cause to come across a user trying to use Outlook for Android to connect to their IMAP account on a 5209R.    They were getting constant errors in authentication, so we tried installing Outlook on one of our Android devices and set up the account using known-good credentials.   We duplicated the failure.
In the process, we discovered that the actual authentication isn't taking place between the device running Outlook and the BlueOnyx server.   The login is coming from an IP address assigned to Microsoft.   Observe the following from the logfile: 


Jul 14 15:38:31 web dovecot: imap-login: Disconnected (no auth attempts 
in 0 secs): user=<>, rip=52.125.128.99, lip=208.77.216.244, 
session=<bHhVymyqVIU0fYBj>
Jul 14 15:38:31 web dovecot: imap-login: Disconnected (no auth attempts 
in 0 secs): user=<>, rip=52.125.128.99, lip=208.77.216.244, 
session=<QWRWymyqWIU0fYBj>
Jul 14 15:38:31 web dovecot: imap-login: Login: user=<usernamehere>, 
method=LOGIN, rip=52.125.128.99, lip=208.77.216.244, mpid=19719, TLS, 
session=<iSleymyqWoU0fYBj>

Jul 14 15:38:32 web dovecot: imap(usernamehere): Logged out in=11 out=436

Jul 14 15:38:32 web sendmail[19816]: 06EKcWdS019816: [52.125.128.99] did 
not issue MAIL/EXPN/VRFY/ETRN during connection to MSA
Jul 14 15:38:32 web sendmail[19819]: STARTTLS=server, 
relay=[52.125.128.99], version=TLSv1/SSLv3, verify=NO, 
cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jul 14 15:38:32 web sendmail[19819]: AUTH=server, relay=[52.125.128.99], 
authid=usernamehere, mech=LOGIN, bits=0
Jul 14 15:38:32 web sendmail[19819]: 06EKcWmJ019819: [52.125.128.99] did 
not issue MAIL/EXPN/VRFY/ETRN during connection to MSA


So now I have two questions:


#1:  Does anyone else have experience using/supporting Outlook for 
Android who has gotten this to work?    FWIW, we are cognizant that 
Outlook, like most email programs these days, defaults to using the 
email address as the username and has to be manually subverted.   We've 
accounted for that and the maillog reflects the correct username being used.



#2:  Do I just need to find myself a nice tinfoil hat or does this 
bother anyone else?   Microsoft / Outlook is essentially inserting 
themselves as a "man in the middle" and any encryption of the traffic 
that the user would assume exists between the server and the device is 
actually getting bypassed.   Which means that you're giving Microsoft / 
Outlook unfettered access to any of the messages stored on the server or 
that you send from your device.


--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ

_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx






















					Reply via email to