none
SMTP OAuth 2.0 - Client was not authenticated to send anonymous mail during MAIL FROM RRS feed

  • Question

  • I am testing OAuth 2.0 integration for SMTP and POP3 in a desktop application. The app has a service component that sends and receives emails from a single account in the background.

    I set up a @outlook.com online account to test with. I started a trial of Azure and Office 365 using this account.

    I registered my application in Azure and gave it permissions for the Graph API (Mail.ReadWrite, Mail.Send) as well as the Exchange API (full_access_as_app). In my app, I'm able to request and receive valid tokens from the endpoints for both APIs.

    When I pass either token to the mail component and try to send a test email, I get the following error:

    530 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM

    This error comes after what appears to be a successful login to the SMTP server:

    <smtpAuthenticate>

      <smtp_host>smtp.office365.com</smtp_host>

      <smtp_port>587</smtp_port>

      <smtp_user>[test]@outlook.com</smtp_user>

      <auth-method>XOAUTH2</auth-method>

      <smtpAuthMethod>XOAUTH2</smtpAuthMethod>

      <smtpAuthenticate>

          <login_method>NONE or already authenticated</login_method>

      </smtpAuthenticate>

      <ConnectionType>SSL/TLS</ConnectionType>

    </smtpAuthenticate>

    I'm using the smtp.office365.com server to send over port 587 and it is TLS encrypted. This works fine when I use Basic Auth instead of OAuth. But as soon as I use "XOAUTH2" for the authentication method and pass the auth token, the test send fails.

    When I research the error online, I get a lot of hits suggesting using the MX endpoint for the smtp server. I'm unfamiliar with MX endpoints, and it seems like this involves registering a domain on Azure, which I don't think is necessary in this case. Or am I wrong about that?

    Does anyone know what could be the cause of this error in my case, or how to troubleshoot this further?

    Thursday, March 26, 2020 5:47 PM

Answers

  • Office 365 SMTP servers do not currently support OAuth (despite advertising that capability during the SMTP handshake). That capability is supposed to be added later this year.

    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

    • Marked as answer by gsi_rex Thursday, April 2, 2020 8:41 PM
    Thursday, March 26, 2020 6:12 PM

All replies

  • Office 365 SMTP servers do not currently support OAuth (despite advertising that capability during the SMTP handshake). That capability is supposed to be added later this year.

    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

    • Marked as answer by gsi_rex Thursday, April 2, 2020 8:41 PM
    Thursday, March 26, 2020 6:12 PM
  • Wow, I was not aware of that. Thanks for the info!

    I've also tried testing with an Exchange Online account and I receive the same error. Since posting this question, I saw someone mention in another post that O365 doesn't support SMTP OAuth, but Exchange EWS does support SMTP OAuth.

    However, I believe the recommendation for EWS is to use the O365 SMTP/POP/IMAP servers. As such I'm confused how SMTP OAuth could be available for EWS but not for O365. I could be making a wrong assumption though.

    Are you able to shed any light on this?

    Thursday, April 2, 2020 8:41 PM
  • I am not sure what you mean by "EWS does support SMTP OAuth".

    EWS supports both OAuth and Basic (is that what you mean by SMTP?) authentication.

    SMTP, POP3, IMAP4 are all very different APIs that have absolutely nothing to do with EWS.


    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

    Thursday, April 2, 2020 11:08 PM