search

jstedfast / MailKit

A cross-platform .NET library for IMAP, POP3, and SMTP.
http://www.mimekit.net
MIT License
6.19k stars 821 forks source link

Shared Mailbox Office 365 #1770

Closed p3root closed 3 months ago

p3root commented 3 months ago

Hi @jstedfast !

I have some issues authenticating the SMTPClient to Office365 using a shared mailbox. Connecting to my personal account works, but the shared mailbox is not possible.

I have attached some logs for you:

S: 220 AM0PR02CA0134.outlook.office365.com Microsoft ESMTP MAIL Service ready at Thu, 11 Jul 2024 11:46:42 +0000 C: EHLO ..... S: 250-AM0PR02CA0134.outlook.office365.com Hello [212.52.200.46] S: 250-SIZE 157286400 S: 250-PIPELINING S: 250-DSN S: 250-ENHANCEDSTATUSCODES S: 250-STARTTLS S: 250-8BITMIME S: 250-BINARYMIME S: 250-CHUNKING S: 250 SMTPUTF8 C: STARTTLS S: 220 2.0.0 SMTP server ready C: EHLO .... S: 250-AM0PR02CA0134.outlook.office365.com Hello [212.52.200.46] S: 250-SIZE 157286400 S: 250-PIPELINING S: 250-DSN S: 250-ENHANCEDSTATUSCODES S: 250-AUTH LOGIN XOAUTH2 S: 250-8BITMIME S: 250-BINARYMIME S: 250-CHUNKING S: 250 SMTPUTF8 C: AUTH XOAUTH2 dXNlcj1wYXRy... S: 535 5.7.3 Authentication unsuccessful [AM0PR02CA0134.eurprd02.prod.outlook.com 2024-07-11T11:46:49.042Z 08DCA18218166FB4]

I always get the "S: 535 5.7.3 Authentication unsuccessful". I have enabled SMTP AUTH in my tenant and for my user.

Token seems to be valid, I can connect to my personal mailbox. 

mailbox.Username = "office@.."; //personal user is patrik....

var token = await OAuthUtils.GetValidMailboxAccessToken(db, mailbox.Id);
var oauth = new SaslMechanismOAuth2(mailbox.Username, token); 
await client.AuthenticateAsync(oauth);

I also tried it with "patrik@...\office". Did not work either. Could you provide any help? Or do I need to ask MS.

THANKS Patrik

jstedfast commented 3 months ago

You probably need to ask Microsoft Support because I don't know how to format the username string to do what you are trying to do.

jstedfast commented 3 months ago

If you find out, can you share the answer here? If you can do that, I'll update the FAQ to add this. I'm sure I've gotten other questions about this but I don't remember if/what the answer was.

FWIW, there were other questions about this in the past: https://github.com/jstedfast/MailKit/issues?q=is%3Aissue+is%3Aclosed+shared+mailbox

This is probably the most likely answer to your question: https://github.com/jstedfast/MailKit/issues/1412#issuecomment-1196872919

p3root commented 3 months ago

https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#sasl-xoauth2-authentication-for-shared-mailboxes-in-office-365

Check this link. But does not work either. I will contact MS and let you know.

p3root commented 1 month ago

@jstedfast After several weeks of phone calls, emails, etc. with microsoft we got a solution.

For IMAP you need to use the shared mailboxes email address. For SMTP use your users email address Token is the same for both!

p3root commented 1 month ago

Make sure to have SMTP Authentication enabled. Can also be that the shared mailbox needs to have a license. but I could not verify this right now. Updates pending!

jstedfast commented 1 month ago

For IMAP you need to use the shared mailboxes email address.

So would you use "sharedMailbox@outlook.com", for example? Or would it be "username@outlook.com\\sharedMailbox"?

p3root commented 1 month ago

You need to use sharedMailbox@outlook.com