On 2020-05-28 at 13:35 -0600, Daniele Nicolodi via mailop wrote: > Does anyone know if there is any alternative to Outlook to access > Exchange Online mailboxes that require modern authentication? > > The IT department of the organization that is pushing thins says that > modern authentication and disabling IMAP (over SSL) enhance security. I > don't see how this is the case. Does anyone have an opinion?
There's two orthogonal things here: using temporary tokens for protocol login, and using IMAP. If you move a lot of the authentication into one common system which can present short-lived tokens for other application protocols to use, then you can start piling in more checks in one place. It becomes easier to require two-factor authentication, etc etc. Typically you then get an OAuth token out of that. You can use OAuth tokens in other protocols; within email and IMAP, Google use the `OAUTHBEARER` SASL mechanism, and Brandon Long of Google contributed support to mutt (requires external commands to handle the flow, in the usual mutt manner). As to IMAP/TLS -- I know of no security reason to mandate disabling IMAP as opposed to any other access protocol. This sounds more like the traditional Outlook FUD-spreading re open protocols. -Phil _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
