Not able to login IMP4 outlook email with azure resgistration

Question

import imaplib
import msal

imap_filter = '(FROM "xxxxxxxxxxxx@maybank.com" SINCE "SINCE 13-Jul-2023" BEFORE "BEFORE 17-Jul-2023")'

email_user = 'xxxxxxxxxx@aarna.capital'
email_host = 'smtp.office365.com'
port = 993

mail = imaplib.IMAP4_SSL(email_host,port)

conf = {
            "authority": "https://login.microsoftonline.com/xxxxxxxxxxxxxxx",
            "client_id": "xxxxxxxxxxxxxxxxxx", #AppID
            "scope": ['https://outlook.office365.com/.default'],
            "secret": "xxxxxxxxxxxxxxxxxxxxxxxxx", #Key-Value
            "secret-id": "xxxxxxxxxxxxxxxxxxxxxx", #Key-ID
        }

def generate_auth_string(user, token):
    return f"user={user}\x01auth=Bearer {token}\x01\x01"    

app = msal.ConfidentialClientApplication(conf['client_id'], authority=conf['authority'],
                                         client_credential=conf['secret'])

result = app.acquire_token_silent(conf['scope'], account=None)

if not result:
    print("No suitable token in cache.  Get new one.")
    result = app.acquire_token_for_client(scopes=conf['scope'])
    print(result)
if "access_token" in result:
    print(result['token_type'])
    print(result)
else:
    print(result.get("error"))
    print(result.get("error_description"))
    print(result.get("correlation_id"))

mail = imaplib.IMAP4('smtp.office365.com')
mail.debug = 4
mail.starttls()
mail.authenticate("XOAUTH2", lambda x: generate_auth_string(email_user, result['access_token']).encode("utf-8"))

This code was working fine from last one year. suddenly it stop working. credentials all ok. successfully able to generate token.

The error I am getting is after line mail.starttls() at this line it goes to stuck. Error 12:08.14 > b'EMFF1 STARTTLS' TSL version I am using is TLS 1.2

As ref Office 365 IMAP authentication via OAuth2 and python MSAL library still not success.

You may have better luck trying IMAP4_SSL on port 993 (ie always TLS, rather than starttls). — Max, Jul 17 '23 at 16:25

score 1 · Answer 1 · answered Jul 21 '23 at 13:55

Perhaps Microsoft has temporarily broken the starttls command. There's an alternative you can use which does TLS from the start, rather than upgrading a plaintext connection:

mail = imaplib.IMAP4_SSL('smtp.office365.com')
mail.debug = 4
...

Note, you should probably also be using the hostname outlook.office365.com (ref). SMTP is for outgoing mail and may not, in the future, point to the same host as the IMAP servers are hosted on. It also appears full TLS on port 993 is preferred as well.

Not able to login IMP4 outlook email with azure resgistration

1 Answers1