Well over a year ago my workplace turned off access to Exchange email via most older tools; they want us to use Outlook or not at all. They had turned off most access a few years before that, but I had been able to keep using my mail reader of choice (mutt) via combination of davmail and mbsync. But when the authentication stopped working, I gave up and started just using Outlook Web. Things were sad.
A few weeks ago I found out that there is a workaround: Thunderbird + Owl for Exchange allows me to authenticate properly. Hooray! So I've started using that, and indeed, things are somewhat better?
But now that it's working, I have to ask: what is Owl doing that's different than davmail? Did I just miss something in davmail? Because I'd love to go back to real tools!
Some details: I'm running davmail on a Mac laptop. I've tried a couple of different versions: one installed via homebrew, one by downloading the package from the web site. O365Manual and O365Interactive both eventually point me to the same general web login page. I am able to successfully log in via various browsers (with password + 2FA), and it sends me the error message:
You cannot access this right now
Your sign-in was successful but does not meet the criteria to access this resource. For example, you might be signing in from a browser, app, or location that is restricted by your admin.
I've tried setting or not:
davmail.oauth.redirectUri=urn:ietf:wg:oauth:2.0:oob
davmail.oauth.clientId=d3590ed6-52b3-4102-aeff-aad2292ab01c
...without any real change to the outcome. But a pretty-much default Thunderbird install with https://services.addons.thunderbird.net/en-US/thunderbird/addon/owl-for-exchange/ just worked the first time, and from multiple locations.
It feels like this has something to do with how the apps are or are not approve-listed upstream. I don't have any particular reason to think that Owl was approved upstream in particular, though. So, what's different? And how can I help figure this out so I can go back to doing things in a sensible way?
Well over a year ago my workplace turned off access to Exchange email via most older tools; they want us to use Outlook or not at all. They had turned off most access a few years before that, but I had been able to keep using my mail reader of choice (mutt) via combination of davmail and mbsync. But when the authentication stopped working, I gave up and started just using Outlook Web. Things were sad.
A few weeks ago I found out that there is a workaround: Thunderbird + Owl for Exchange allows me to authenticate properly. Hooray! So I've started using that, and indeed, things are somewhat better?
But now that it's working, I have to ask: what is Owl doing that's different than davmail? Did I just miss something in davmail? Because I'd love to go back to real tools!
Some details: I'm running davmail on a Mac laptop. I've tried a couple of different versions: one installed via homebrew, one by downloading the package from the web site. O365Manual and O365Interactive both eventually point me to the same general web login page. I am able to successfully log in via various browsers (with password + 2FA), and it sends me the error message:
I've tried setting or not:
...without any real change to the outcome. But a pretty-much default Thunderbird install with https://services.addons.thunderbird.net/en-US/thunderbird/addon/owl-for-exchange/ just worked the first time, and from multiple locations.
It feels like this has something to do with how the apps are or are not approve-listed upstream. I don't have any particular reason to think that Owl was approved upstream in particular, though. So, what's different? And how can I help figure this out so I can go back to doing things in a sensible way?