Posts Tagged ‘POP3’

OAuth 2.0 password grant with Office365/Exchange IMAP/POP3/SMTP

Thursday, November 19th, 2020

First you need to register your application in Azure Portal.

Here’s a detailed guide how to do that:
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app

Enable additional flows:

Then you need to apply correct API permissions and grant the admin consent for your domain.

This image has an empty alt attribute; its file name is image-1.png

In the API permissions / Add a permission wizard, select Microsoft Graph and then Delegated permissions to find the following permission scopes listed:

  • offline_access
  • email
  • IMAP.AccessAsUser.All
  • POP.AccessAsUser.All
  • SMTP.Send

Remember to grant admin consent.

Use Microsoft Authentication Library for .NET (MSAL.NET) nuget package to obtain an access token:
https://www.nuget.org/packages/Microsoft.Identity.Client/

string clientId = "Application (client) ID";
string tenantId = "Directory (tenant) ID";

string userEmail = "Username for mailbox";
string userPassword = "Password for that user";

IPublicClientApplication app = PublicClientApplicationBuilder.Create(clientId)
    .WithAuthority(AzureCloudInstance.AzurePublic, tenantId)
    .Build();

var scopes = new string[] 
{
    "offline_access",
    "email",
    "https://outlook.office.com/IMAP.AccessAsUser.All",
    "https://outlook.office.com/POP.AccessAsUser.All",
    "https://outlook.office.com/SMTP.Send",
};

Now acquire the access token and user email address:

var accounts = await app.GetAccountsAsync();

AuthenticationResult result;
if (accounts.Any())
{
    IAccount account = accounts.FirstOrDefault();
    result = await app.AcquireTokenSilent(scopes, account).ExecuteAsync();
}
else
{
    SecureString securePassword = new SecureString();
    foreach (char c in userPassword)
    {
        securePassword.AppendChar(c);
    }
    result = await app.AcquireTokenByUsernamePassword(
        scopes, 
        userEmail, 
        securePassword).ExecuteAsync();
}

string user = result.Account.Username;
string accessToken = result.AccessToken;

Finally you can connect to IMAP/POP3/SMTP server and authenticate:

using (Imap client = new Imap())
{
    client.ConnectSSL("outlook.office365.com");
    client.LoginOAUTH2(user, accessToken);
 
    client.SelectInbox();

    // ...

    client.Close();
} 

OAuth 2.0 with Office365/Exchange IMAP/POP3/SMTP

Tuesday, June 23rd, 2020

First you need to register your application in Azure Portal.

Here’s a detailed guide how to do that:
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app

Remember to add authentication entries (localhost is needed for .net core):

Then you need to apply correct API permissions and grant the admin consent for your domain.

In the API permissions / Add a permission wizard, select Microsoft Graph and then Delegated permissions to find the following permission scopes listed:

  • offline_access
  • email
  • IMAP.AccessAsUser.All
  • POP.AccessAsUser.All
  • SMTP.Send

Remember to grant admin consent.

Use Microsoft Authentication Library for .NET (MSAL.NET) nuget package to obtain an access token:

https://www.nuget.org/packages/Microsoft.Identity.Client/

var pcaOptions = new PublicClientApplicationOptions
{
    ClientId = "Application (client) ID",

    TenantId = "Directory (tenant) ID",
    // -or-
    // for @outlook.com/@hotmail accounts instead of setting TenantId use:
    // AadAuthorityAudience = AadAuthorityAudience.PersonalMicrosoftAccount, 

    RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient"
    // RedirectUri = "http://localhost" // for .net core
};

var pca = PublicClientApplicationBuilder
    .CreateWithApplicationOptions(pcaOptions)
    .Build();

var scopes = new string[] 
{
    "offline_access",
    "email",
    "https://outlook.office.com/IMAP.AccessAsUser.All",
    "https://outlook.office.com/POP.AccessAsUser.All",
    "https://outlook.office.com/SMTP.Send",
};

In addition, you can request for offline_access scope. When a user approves the offline_access scope, your app can receive refresh tokens from the Microsoft identity platform token endpoint. Refresh tokens are long-lived. Your app can get new access tokens as older ones expire.

Now acquire the access token and user email address:

var authResult = pca.AcquireTokenInteractive(scopes).ExecuteAsync().Result;

string user = authResult.Account.Username;
string accessToken = authResult.AccessToken;

Finally you can connect to IMAP/POP3/SMTP server and authenticate:

using (Imap client = new Imap())
{
    client.ConnectSSL("outlook.office365.com");
    client.LoginOAUTH2(user, accessToken);
 
    client.SelectInbox();

    // ...

    client.Close();
} 

As this is fairly new feature for Exchange/Office365, here are some useful links:

https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth

https://stackoverflow.com/questions/29747477/imap-auth-in-office-365-using-oauth2

https://stackoverflow.com/questions/43473858/connect-to-outlook-office-365-imap-using-oauth2

https://stackoverflow.com/questions/61597263/office-365-xoauth2-for-imap-and-smtp-authentication-fails

Using TLS 1.2 with POP3

Tuesday, July 2nd, 2019

By default most systems allow SSL 3.0, TLS 1.0, 1.2 and 1.2 to be used, when connecting using POP3 client.

TLS 1.2 is the most secure version of SSL/TLS protocols. It is easy to force the connection to use it. All you need to do is to set Pop3.SSLConfiguration.EnabledSslProtocols property to SslProtocols.Tls12:

// C#

using (Pop3 pop3 = new Pop3())
{
    pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12;

    pop3.ConnectSSL("pop.example.com");

    pop3.UseBestLogin("user","password");

    // ... 

    pop3.Close();
}
' VB.NET

Using pop3As New Pop3()
	pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12

	pop3.ConnectSSL("pop.example.com")

	pop3.UseBestLogin("user@example.com", "password")

	'...

	pop3.Close()
End Using

For explicit SSL/TLS, code is almost the same. You first connect to non-secure port and secure the connection using Pop3.StartTLS command:

// C#

using (Pop3 pop3 = new Pop3())
{
    pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12;

    pop3.Connect("pop.example.com");
    pop3.StartTLS();

    pop3.UseBestLogin("user@example.com","password");

    // ... 
    
    pop3.Close();
}
' VB.NET

Using pop3 As New Pop3()
	pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12

	pop3.Connect("pop.example.com")
	pop3.StartTLS()

	pop3.UseBestLogin("user@example.com", "password")

	'...

	pop3.Close()
End Using

To use TLS 1.2 at least .NET Framework 4.5+ must be installed on your machine and you application should target .NET 4.5+.

It is possible to use TLS 1.2 in applications targeting earlier .NET framework versions, but 4.5 must be installed on the machine. After you have .NET 4.5 installed, your 2.0-4.0 apps will use the 4.5 System.dll and you can enable TLS 1.2 using this code:

// C#

pop3.SSLConfiguration.EnabledSslProtocols = (SecurityProtocolType)3072;

Outlook365: IMAP, POP3, and SMTP settings

Wednesday, January 2nd, 2019

Outlook365 supports access via IMAP, POP3 and SMTP protocols. Below you can find the configuration settings for all protocols.

Latest Office 365 version

For latest Office 365 after the service upgrade, use the following settings:

IMAP

Server: outlook.office365.com
SSL: true-implicit, true-explicit (StartTLS)
Port: 993 (default), 143 (default)
User: pat@domain.onmicrosoft.com or pat@your-domain.com

POP3

Server: outlook.office365.com
SSL: true-implicit, true-explicit (StartTLS)
Port: 995 (default), 110 (default)
User: pat@domain.onmicrosoft.com or pat@your-domain.com

SMTP

Server: smtp.office365.com
SSL: true-explicit (StartTLS)
Port: 587(default)
User: pat@domain.onmicrosoft.com or pat@your-domain.com

IMAP and POP3 servers allow both: implicit/TLS SSL and explicit SSL/TLS, so you can ConnectSSL method -or- Connect and StartTLS.

SMTP server requires explicit SSL – use Connect and StartTLS method.

// C#

using (Imap client = new Imap())
{
    client.ConnectSSL("outlook.office365.com");
    client.UseBestLogin("user@domain.onmicrosoft.com", "password");
    ...
}

using (Pop3 client = new Pop3())
{
    client.ConnectSSL("outlook.office365.com");
    client.UseBestLogin("user@domain.onmicrosoft.com", "password");
    ...
}

using (Smtp client = new Smtp ())
{
    client.Connect("smtp.office365.com");
    client.StartTLS();

    client.UseBestLogin("user@domain.onmicrosoft.com", "password");
    ...
}
' VB.NET

Using client As New Imap()
	client.ConnectSSL("outlook.office365.com")
	client.UseBestLogin("user@domain.onmicrosoft.com", "password")
	...
End Using

Using client As New Pop3()
	client.ConnectSSL("outlook.office365.com")		
	client.UseBestLogin("user@domain.onmicrosoft.com", "password")
	...
End Using

Using client As New Smtp()
	client.Connect("smtp.office365.com")
	client.StartTLS()

	client.UseBestLogin("user@domain.onmicrosoft.com", "password")
	...
End Using

Office 365 pre-upgrade

For latest Office 365 pre-upgrade, use the following settings:

On the main screen go to “Options” / “See All Options…”:

Now click the “Settings for POP, IMAP, and SMTP access…” link:

You can find POP, SMTP and IMAP server addresses and settings on the popup window:

Office365 uses default ports for IMAP, POP3 and SMTP protocols. That means that you don’t need to remember port numbers, as Mail.dll .NET email component is going to use correct port numbers by default.

IMAP

Server: podXXXX.outlook.com
SSL: true-implicit
Port: 993 (default)
User: pat@domain.onmicrosoft.com or pat@your-domain.com

POP3

Server: podXXXX.outlook.com
SSL: true-implicit
Port: 995 (default)
User: pat@domain.onmicrosoft.com or pat@your-domain.com

SMTP

Server: podXXXX.outlook.com
SSL: true-explicit
Port: 587 (default)
User: pat@domain.onmicrosoft.com or pat@your-domain.com

IMAP and POP3 servers use implicit SSL – use ConnectSSL method. SMTP server requires explicit SSL – use Connect and StartTLS method.

// C#

using (Imap client = new Imap())
{
    client.ConnectSSL("podXXXX.outlook.com");
    client.UseBestLogin("user@domain.onmicrosoft.com", "password");
    ...
}

using (Pop3 client = new Pop3())
{
    client.ConnectSSL("podXXXX.outlook.com");
    client.UseBestLogin("user@domain.onmicrosoft.com", "password");
    ...
}

using (Smtp client = new Smtp ())
{
    client.Connect("podXXXX.outlook.com");
    client.StartTLS();

    client.UseBestLogin("user@domain.onmicrosoft.com", "password");
    ...
}
' VB.NET

Using client As New Imap()
	client.ConnectSSL("podXXXX.outlook.com")
	client.UseBestLogin("user@domain.onmicrosoft.com", "password")
	...
End Using

Using client As New Pop3()
	client.ConnectSSL("podXXXX.outlook.com")		
	client.UseBestLogin("user@domain.onmicrosoft.com", "password")
	...
End Using

Using client As New Smtp()
	client.Connect("podXXXX.outlook.com")
	client.StartTLS()

	client.UseBestLogin("user@domain.onmicrosoft.com", "password")
	...
End Using

You can find more details about using implicit and explicit SSL or TLS with email protocols:

Logging in Mail.dll

Monday, August 1st, 2016

To enable logging for Mail.dll clients (Imap, Pop3, Smtp) you only need to add the following line before you connect:

// C# version:

Limilabs.Mail.Log.Enabled = true;

' VB.NET version:

Limilabs.Mail.Log.Enabled = True

You can observe the log output by:

  • looking at the Visual Studio’s output window (View/Output/’Show output from’: Debug)
  • subscribing to Log.WriteLine event
  • defining custom listeners using your application’s config file (App.config or Web.config)
  • using log4net

This is how the log looks like in the Visual Studio’s output window:

You can also enable logging using your application’s config file (App.config, Web.config):

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.diagnostics>

      <switches>
        <add name="Mail.dll" value="Verbose" />
      </switches>

    </system.diagnostics>
</configuration>

log4net

If you are using the latest version of log4net.dll, Mail.dll is going to use log4net instead of standard .NET System.Net.TraceSource class. Please refer to log4net manual on how to capture log entries.

Mail.dll uses logger called “Mail.dll” (_logger = LogManager.GetLogger(“Mail.dll”)) and level Info (_logger.Info(message)) to log information.

Please remember that even when using log4net, you need to enable logging by setting “Limilabs.Mail.Log.Enabled = True” or by setting Mail.dll trace switch in the config file (App.config, Web.config) to Verbose as shown above.

Log to file

You’ll need to define a TextWriterTraceListener that writes to a file and connect it with Mail.dll trace source. The easiest solution is to modify your application’s config file (App.config, Web.config) accordingly:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.diagnostics>

        <trace autoflush="true"/>
   
        <switches>
            <add name="Mail.dll" value="Verbose"/>
        </switches>
   
        <sources>
            <source name="Mail.dll">
                <listeners>
                    <add name="MailLogFile"/>
                </listeners>
            </source>
        </sources>
   
        <sharedListeners>
            <add 
                name="MailLogFile" 
                type="System.Diagnostics.TextWriterTraceListener" 
                initializeData="c:\folder-with-write-access\mail.log"/>
        </sharedListeners>

    </system.diagnostics>
</configuration>

Log.WriteLine

Log class exposes WriteLine event. You can use that event to subscribe your own logging library.

// C#

Limilabs.Mail.Log.WriteLine += Console.WriteLine;
' VB.NET

AddHandler Limilabs.Mail.Log.WriteLine, AddressOf Console.WriteLine