On 2020-02-07 12:51:24 (-0800), Jesse Thompson via mailop wrote:
Microsoft O365 and Google G Suite are both retiring basic
authentication for client access to mailboxes. As a result, ALL
clients will need to support OAuth on a very short timeline.
End-user MUAs aside, I'm worried about systems that rely on a mailbox
for integration (RT, and the like). I suspect that there is a long
tail of those systems that are critical to line-of-business operations
which don't switch to OAuth in time (for a variety of reasons).
I was holding on to "app passwords" as the last bastion for these
systems to integrate.
It's unclear if Microsoft will continue to support app passwords with
their Azure AD MFA product, which only works for organizations who
don't federate authentication to a local IdP anyway. Google plans to
stop creation of App Specific passwords in June 15th, 2020 and
grandfathering in the rest until February 2021.
Thoughts?
I think the only viable solution will be to set up forwarders to forward
the email out of Microsoft/Google to a mailbox that does support working
authentication for systems that don't come with web browsers and human
operators.
Unless fetchmail starts supporting Oauth, I will lose access to certain
customer mailboxes when Google decides to stop accepting "app
passwords". Unless those customers can forward my email elsewhere, I
guess I'll have to find some new customers? Thanks Google! (Microsoft
is probably also part of the larger problem but I don't have any
customers insisting I have a mailbox in their domain.)
Philip
--
Philip Paeps
Senior Reality Engineer
Alternative Enterprises
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop