Community Discussions and Support
Outlook Cutting Off Basic Authentication on 09/16/2024

I still use the app password setup for Gmail.


Hi Mike, did you ever set PM up with the GMail OAUTH2? Are you ONLY using the app specific PW?


[quote="pid:56814, uid:2546"]I still use the app password setup for Gmail.[/quote] Hi Mike, did you ever set PM up with the GMail OAUTH2? Are you ONLY using the app specific PW?

I've never use the OAUTH2. Did the app password many years ago, and it has worked fine for me.
I run Pegasus under wine, so not sure if the OAUTH2 will work with Linux. Perhaps someone has tested it under linux.
Know the IERender has issues with wine, but not sure if the OAUTH2 does or doesn't.


Would have to create another gmail account to test it.


I've never use the OAUTH2. Did the app password many years ago, and it has worked fine for me. I run Pegasus under wine, so not sure if the OAUTH2 will work with Linux. Perhaps someone has tested it under linux. Know the IERender has issues with wine, but not sure if the OAUTH2 does or doesn't. Would have to create another gmail account to test it.

mikes@guam.net

Craig, I am concerned that you are authenticating with the app password and not OAUTH2. To check this go to Tools > Internet options.


Select the Receiving (POP3) tab and confirm that the name of the host contains (OAUTH2) at the end. An OAUTH2 host configuration will not contain a password so you can check that by selecting host, clicking the Edit button, and looking to see whether the password field is blank.


Do the same in the Sending (SMTP) tab except that you will need to open the Security tab to see the authentication details.


The important thing here is that a host configuration is not OAUTH2 if it contains a password, or in the case of SMTP, is configured to authenticate using a POP3 login whose authentication uses a password.


Craig, I am concerned that you are authenticating with the app password and not OAUTH2. To check this go to Tools > Internet options. Select the Receiving (POP3) tab and confirm that the name of the host contains (OAUTH2) at the end. An OAUTH2 host configuration will not contain a password so you can check that by selecting host, clicking the Edit button, and looking to see whether the password field is blank. Do the same in the Sending (SMTP) tab except that you will need to open the Security tab to see the authentication details. The important thing here is that a host configuration is not OAUTH2 if it contains a password, or in the case of SMTP, is configured to authenticate using a POP3 login whose authentication uses a password.

Just to note: I just created a new gmail account pegasusroot03@gmail.com
Did a test under my linux root account and used the gmail OAUTH2 setup and was able to send and recieve emails.
So, it does seem to work under wine with the OAUTH2 but also with the app password.


Good to Know.


Just to note: I just created a new gmail account pegasusroot03@gmail.com Did a test under my linux root account and used the gmail OAUTH2 setup and was able to send and recieve emails. So, it does seem to work under wine with the OAUTH2 but also with the app password. Good to Know.

mikes@guam.net

I spent some time searching for Microsoft's definition of the term modern authentication methods. I haven't found anything relevant in Microsoft's own very corporate words. If you have a reference, and perhaps also a direct reference for App passwords will no longer be supported by MS mail systems, please post the link or other relevant info here.


It was a frustrating process, trying to tease out from the ever-so-friendly warning email what precisely was supposed to work instead, except of course to use Outlook for all one's emails, calendar, contacts, project planning, fitness training, plumbing services, etc. All right, I made some of those up, but that wasn't answering the question I was trying to ask.


Update: found this. https://learn.microsoft.com/en-us/microsoft-365/enterprise/hybrid-modern-auth-overview?view=o365-worldwide#what-is-modern-authentication


  • Mark

I spent some time searching for Microsoft's definition of the term _modern authentication methods_. I haven't found anything relevant in Microsoft's own very corporate words. If you have a reference, and perhaps also a direct reference for _App passwords will no longer be supported by MS mail systems,_ please post the link or other relevant info here. It was a frustrating process, trying to tease out from the ever-so-friendly warning email what precisely was supposed to work instead, except of course to use Outlook for all one's emails, calendar, contacts, project planning, fitness training, plumbing services, etc. All right, I made some of those up, but that wasn't answering the question I was trying to ask. Update: found this. https://learn.microsoft.com/en-us/microsoft-365/enterprise/hybrid-modern-auth-overview?view=o365-worldwide#what-is-modern-authentication - Mark
edited Jul 4 at 9:41 pm

Thanks to Brian. Got an message that mentioned that he had it working with both app password and OAUTH2 under windows. I just didn't want to risk anything before testing. Wa afraid that maybe one you setup the OAUTH2 it might make app password either invalid or no longer an option at all. Never know with GMAIL and Micro$oft. So at least know that the OAUTH2 does work with wine and Linux.


Seems to just create two PND files that have no mentions of password.
cat *.PND


Pegasus Mail POP3 definition, 5 Jul 2024, 4:02:51


Title : pegasusroot03@gmail.com, POP3/OAUTH2
Type : POP3
Flags1 : 524560
Flags2 : 0
Timeout : 90
Port : 995
Host : pop.gmail.com
Username : pegasusroot03@gmail.com
Mailbox :
Memfile : POPSDEWB.PM3
Threshold : 0
SSLMode : 2
Max_Msgs : 0
Min_Interval : 0
Ruleset :
Top_lines : 0
Def_action : 0


Pegasus Mail SMTP definition, 5 Jul 2024, 4:02:59


Title : pegasusroot03@gmail.com, SMTP/OAUTH2
Type : SMTP
Flags1 : 524544
Flags2 : 0
Timeout : 90
Port : 587
Host : smtp.gmail.com
Username : pegasusroot03@gmail.com
Mailbox :
SSLMode : 1
Max_Msgs : 0


Does create a directory and encoded file
ls -l OAUTH2/*
2206 Jul 5 03:57 OAUTH2/XSMMODLU.OA2


Looked like it might be base64 data, but doesn't decode a is.
Tried without 1st and then 2nd lines removed. The later does decode without error, but is just wierd characters. Assume it has more encoding to create memfile that guess would have password.


Seems to use the standard ports for secure pop3 and smtp.


In my app password setup, I have it use the linux Stunnel to make the pop3 and smtp connection.
Had issues with pre 4.8 not working as well. 4.8x has a much newer openssl.


openssl-3.2.1-2.


Don't know if it would or wouldn't work with stunnel.


Thanks to Brian. Got an message that mentioned that he had it working with both app password and OAUTH2 under windows. I just didn't want to risk anything before testing. Wa afraid that maybe one you setup the OAUTH2 it might make app password either invalid or no longer an option at all. Never know with GMAIL and Micro$oft. So at least know that the OAUTH2 does work with wine and Linux. Seems to just create two PND files that have no mentions of password. cat *.PND # Pegasus Mail POP3 definition, 5 Jul 2024, 4:02:51 Title : pegasusroot03@gmail.com, POP3/OAUTH2 Type : POP3 Flags1 : 524560 Flags2 : 0 Timeout : 90 Port : 995 Host : pop.gmail.com Username : pegasusroot03@gmail.com Mailbox : Memfile : POPSDEWB.PM3 Threshold : 0 SSLMode : 2 Max_Msgs : 0 Min_Interval : 0 Ruleset : Top_lines : 0 Def_action : 0 # Pegasus Mail SMTP definition, 5 Jul 2024, 4:02:59 Title : pegasusroot03@gmail.com, SMTP/OAUTH2 Type : SMTP Flags1 : 524544 Flags2 : 0 Timeout : 90 Port : 587 Host : smtp.gmail.com Username : pegasusroot03@gmail.com Mailbox : SSLMode : 1 Max_Msgs : 0 Does create a directory and encoded file ls -l OAUTH2/* 2206 Jul 5 03:57 OAUTH2/XSMMODLU.OA2 Looked like it might be base64 data, but doesn't decode a is. Tried without 1st and then 2nd lines removed. The later does decode without error, but is just wierd characters. Assume it has more encoding to create memfile that guess would have password. Seems to use the standard ports for secure pop3 and smtp. In my app password setup, I have it use the linux Stunnel to make the pop3 and smtp connection. Had issues with pre 4.8 not working as well. 4.8x has a much newer openssl. openssl-3.2.1-2. Don't know if it would or wouldn't work with stunnel.

mikes@guam.net

I apologize for starting the thread and then bailing for a couple of days... life got busy and September (MS's threatened cut off) still seems far off. LOL


Craig, I am concerned that you are authenticating with the app password and not OAUTH2.


You were right Brian. When my initial attempts at installing the OAUTH2 definition failed, I cleaned up ALL of my old definitions... including the OAUTH2. Then, when I attempted to reinstall it and only chose "refresh", I installed a definition based upon an app specific password... which DID work?!? I have now gone back, deleted my original installation, completely installed OAUTH2 and have a functioning definition for GMail. Thanks.


I spent some time searching for Microsoft's definition of the term modern authentication methods. I haven't found anything relevant in Microsoft's own very corporate words. If you have a reference, and perhaps also a direct reference for App passwords will no longer be supported by MS mail systems, please post the link or other relevant info here.


Hi Mark. I did the exact same thing shortly after starting this thread! And came up totally empty handed. Thanks for the link! Time will tell how they choose to implement it but, if I read it correctly, they are including 2FA?


Thanks to all who have invested time on this.
Craig


I apologize for starting the thread and then bailing for a couple of days... life got busy and September (MS's threatened cut off) still seems far off. LOL [quote="pid:56818, uid:28772"]Craig, I am concerned that you are authenticating with the app password and not OAUTH2.[/quote] You were right Brian. When my initial attempts at installing the OAUTH2 definition failed, I cleaned up ALL of my old definitions... including the OAUTH2. Then, when I attempted to reinstall it and only chose "refresh", I installed a definition based upon an app specific password... which DID work?!? I have now gone back, deleted my original installation, completely installed OAUTH2 and have a functioning definition for GMail. Thanks. [quote="pid:56821, uid:2925"]I spent some time searching for Microsoft's definition of the term modern authentication methods. I haven't found anything relevant in Microsoft's own very corporate words. If you have a reference, and perhaps also a direct reference for App passwords will no longer be supported by MS mail systems, please post the link or other relevant info here.[/quote] Hi Mark. I did the exact same thing shortly after starting this thread! And came up totally empty handed. Thanks for the link! Time will tell how they choose to implement it but, if I read it correctly, they are including 2FA? Thanks to all who have invested time on this. Craig

Time will tell how they choose to implement it but, if I read it correctly, they are including 2FA?


In that article, Microsoft lists "Multifactor authentication" under the umbrella of "Modern Authentication". Creating an app password is dependent on enabling "two-step verification". Is "two-step verification" considered "Multifactor authentication"? A web search of those two phrases leads me to believe that the answer is yes but please don't take that as a definitive answer. I hope other forum members will do this search and post their thoughts based on their interpretation in what they find.


[quote="pid:56839, uid:42003"]Time will tell how they choose to implement it but, if I read it correctly, they are including 2FA?[/quote] In that article, Microsoft lists "Multifactor authentication" under the umbrella of "Modern Authentication". Creating an app password is dependent on enabling "two-step verification". Is "two-step verification" considered "Multifactor authentication"? A web search of those two phrases leads me to believe that the answer is yes but please don't take that as a definitive answer. I hope other forum members will do this search and post their thoughts based on their interpretation in what they find.

Well, as with other posters here I have used Pegasus Mail for over 30 years and found it excellent. I have deleloped a large volume of rules for new email filtering and filing copies and have nearly 900 folders. However while I use Gmail as my main email provider (using just an app password for now) I also have a significant volume of email via Outlook.com and it seems Pegasus Mail will not access it after 16th September. Its not practical to migrate all my Outloook emails and also I find Outlook somewhat better than Gmail, as in common with other posters I do not like Gmail's label structure and prefer folders.
To maintain one local source of email on my own device I may have to migrate to Thunderbird.
Of course I understand that Pegasus mail has always been developed on a voluntary basis but it is a great pity that Oauth2 may cut off many users.


Well, as with other posters here I have used Pegasus Mail for over 30 years and found it excellent. I have deleloped a large volume of rules for new email filtering and filing copies and have nearly 900 folders. However while I use Gmail as my main email provider (using just an app password for now) I also have a significant volume of email via Outlook.com and it seems Pegasus Mail will not access it after 16th September. Its not practical to migrate all my Outloook emails and also I find Outlook somewhat better than Gmail, as in common with other posters I do not like Gmail's label structure and prefer folders. To maintain one local source of email on my own device I may have to migrate to Thunderbird. Of course I understand that Pegasus mail has always been developed on a voluntary basis but it is a great pity that Oauth2 may cut off many users.

To maintain one local source of email on my own device I may have to migrate to Thunderbird.


This isn't necessarily the only option you have: Before I retired from my job it was possible to redirect messages from Outlook (the online version was my only experience) to other providers' accounts for accessing them with other email clients. And for migrating your folders to Pegasus Mail you only would need to export them in Unix MBOX format: If this doesn't work directly there are certainly tools for doing this via Thunderbird, i.e. export to Thunderbird and then in MBOX format from TB to Pegasus Mail. It would be a one-time job only and I'm even sure there's a thread somewhere in this forum where this has been discussed before. Here it is: https://community.pmail.com/index.php?u=/topic/11937/import-email-folders-from-thunderbird


[quote="pid:56866, uid:27623"]To maintain one local source of email on my own device I may have to migrate to Thunderbird.[/quote] This isn't necessarily the only option you have: Before I retired from my job it was possible to redirect messages from Outlook (the online version was my only experience) to other providers' accounts for accessing them with other email clients. And for migrating your folders to Pegasus Mail you only would need to export them in Unix MBOX format: If this doesn't work directly there are certainly tools for doing this via Thunderbird, i.e. export to Thunderbird and then in MBOX format from TB to Pegasus Mail. It would be a one-time job only and I'm even sure there's a thread somewhere in this forum where this has been discussed before. Here it is: https://community.pmail.com/index.php?u=/topic/11937/import-email-folders-from-thunderbird
			Michael
--
IERenderer's Homepage
PGP Key ID (RSA 2048): 0xC45D831B
S/MIME Fingerprint: 94C6B471 0C623088 A5B27701 742B8666 3B7E657C
edited Jul 16 at 8:21 pm

Michael, thanks for your reply. However I want to keep my Outllook.com (and Hotmail.com) emails active. The only forwarding I can see working would be to forward the Outlook/Hotmail emails to Gmail and access them from there via Pegasus POP3/IMAP to Gmail and send from Pegasus via Gmail SMTP. However that iften causes problems with the Sent and Reply headers in email.


Michael, thanks for your reply. However I want to keep my Outllook.com (and Hotmail.com) emails active. The only forwarding I can see working would be to forward the Outlook/Hotmail emails to Gmail and access them from there via Pegasus POP3/IMAP to Gmail and send from Pegasus via Gmail SMTP. However that iften causes problems with the Sent and Reply headers in email.

Michael, thanks for your reply. However I want to keep my Outllook.com (and Hotmail.com) emails active. The only forwarding I can see working would be to forward the Outlook/Hotmail emails to Gmail and access them from there via Pegasus POP3/IMAP to Gmail and send from Pegasus via Gmail SMTP. However that iften causes problems with the Sent and Reply headers in email.


Kilmolin, you and I are experiencing the EXACT SAME issue. I use Outlook as a main reception email, Gmail for a few others, and then retrieve the emails I file for storage within Pegasus. The only emails I leave in the cloud are ones I wish to access on the road or act as temporary reminders.... Pegasus stores everything else.


I also like Outlook (not a huge Gmail "label" fan) and would like to keep it. I have set Pegasus up with an app specific password on Outlook and hope that will suffice (despite predictions that it won't). If not... then I also see the Forward/Retrieve method or find a new main service solution as the only options. sigh....


[quote="pid:56875, uid:27623"]Michael, thanks for your reply. However I want to keep my Outllook.com (and Hotmail.com) emails active. The only forwarding I can see working would be to forward the Outlook/Hotmail emails to Gmail and access them from there via Pegasus POP3/IMAP to Gmail and send from Pegasus via Gmail SMTP. However that iften causes problems with the Sent and Reply headers in email.[/quote] Kilmolin, you and I are experiencing the EXACT SAME issue. I use Outlook as a main reception email, Gmail for a few others, and then retrieve the emails I file for storage within Pegasus. The only emails I leave in the cloud are ones I wish to access on the road or act as temporary reminders.... Pegasus stores everything else. I also like Outlook (not a huge Gmail "label" fan) and would like to keep it. I have set Pegasus up with an app specific password on Outlook and hope that will suffice (despite predictions that it won't). If not... then I also see the Forward/Retrieve method or find a new main service solution as the only options. sigh....

I can see working would be to forward the Outlook/Hotmail emails to Gmail and access them from there via Pegasus POP3/IMAP to Gmail and send from Pegasus via Gmail SMTP.


Sure, if your only other option is GMail so be it.


However that iften causes problems with the Sent and Reply headers in email.


Why would this be of concern? An auto-redirect shouldn't change the "reply to" address, try to figure out, only question is whether GMail will accept a "bounce" (I've seen such an issue to occur with a redirection of email I sent to a professional account which redirected to a private account).


[quote="pid:56875, uid:27623"]I can see working would be to forward the Outlook/Hotmail emails to Gmail and access them from there via Pegasus POP3/IMAP to Gmail and send from Pegasus via Gmail SMTP.[/quote] Sure, if your only other option is GMail so be it. [quote="pid:56875, uid:27623"]However that iften causes problems with the Sent and Reply headers in email.[/quote] Why would this be of concern? An auto-redirect shouldn't change the "reply to" address, try to figure out, only question is whether GMail will accept a "bounce" (I've seen such an issue to occur with a redirection of email I sent to a professional account which redirected to a private account).
			Michael
--
IERenderer's Homepage
PGP Key ID (RSA 2048): 0xC45D831B
S/MIME Fingerprint: 94C6B471 0C623088 A5B27701 742B8666 3B7E657C
edited Jul 18 at 4:13 pm

The key here is recognizing that Pegasus Mail may no longer work with Microsoft email accounts if support for authentication with an app password is discontinued by Microsoft. None of us like it but there is nothing to be done but consider alternatives keeping in mind that we may not know the status of app password authentication until Sept 16th has passed.


The key here is recognizing that Pegasus Mail may no longer work with Microsoft email accounts if support for authentication with an app password is discontinued by Microsoft. None of us like it but there is nothing to be done but consider alternatives keeping in mind that we may not know the status of app password authentication until Sept 16th has passed.

Michael, the setup I am concerned about is sending out emails from xxx@outlook.com via Gmail SMTP if I cannot send directly from Outlook after 16th September. I have tested two scenarios:


  1. Send from Gmail on web, authorising the Outlook account.This works well, with references to Gmail as the sending engine but NO reference to my Gmail email address. However using the web is not my preferred option for sending email. I want to use Pegasus for that.

  2. Send from Pegasus with a new identity for Outlook but using Gmail SMTP as the sender. This works but results in the full headers below:


From: "xxx" xxx@outlook.ie
Send reply to: xxx@outlook.ie
Return Path: yyy@gmail.com
Receipt To: xxx@outlook.ie
To: zzz@yahoo.com
Subject: Test 3
Date sent: Sat, 20 Jul 2024 15:56:58 +0100
Priority: normal


See the Return path entry.
I do not know any way to set this header in Pegasus.
There are two problems here.
First, it reveals my Gmail email address.
Second, some email systems reply to the Return address, not the Reply To.


A second issue to test is whether replies to emails forwarded from Outlook to Gmail will hold Gmail email addresses. I have not looked at that yet.


As Brian has said, we will have to hope that app passwords will work after 16th september.


Michael, the setup I am concerned about is sending out emails from xxx@outlook.com via Gmail SMTP if I cannot send directly from Outlook after 16th September. I have tested two scenarios: 1. Send from Gmail on web, authorising the Outlook account. This works well, with references to Gmail as the sending engine but NO reference to my Gmail email address. However using the web is not my preferred option for sending email. I want to use Pegasus for that. 2. Send from Pegasus with a new identity for Outlook but using Gmail SMTP as the sender. This works but results in the full headers below: From: "xxx" <xxx@outlook.ie> Send reply to: xxx@outlook.ie Return Path: <yyy@gmail.com> Receipt To: xxx@outlook.ie To: zzz@yahoo.com Subject: Test 3 Date sent: Sat, 20 Jul 2024 15:56:58 +0100 Priority: normal See the Return path entry. I do not know any way to set this header in Pegasus. There are two problems here. First, it reveals my Gmail email address. Second, some email systems reply to the Return address, not the Reply To. A second issue to test is whether replies to emails forwarded from Outlook to Gmail will hold Gmail email addresses. I have not looked at that yet. As Brian has said, we will have to hope that app passwords will work after 16th september.

A second issue to test is whether replies to emails forwarded from Outlook to Gmail will hold Gmail email addresses. I have not looked at that yet.


Mail sent via gmail smtp will contain the authenticating email address in the From: header regardless of whether it is a new message or a reply. I don't know of a way around this but I haven't spent time trying to figure one out.


[quote="pid:56879, uid:27623"]A second issue to test is whether replies to emails forwarded from Outlook to Gmail will hold Gmail email addresses. I have not looked at that yet.[/quote] Mail sent via gmail smtp will contain the authenticating email address in the From: header regardless of whether it is a new message or a reply. I don't know of a way around this but I haven't spent time trying to figure one out.

First, it reveals my Gmail email address.
Second, some email systems reply to the Return address, not the Reply To.


Wouldn't this only affect auto replies like rejects or error reports? Every human response would only use either the "reply to" or "from" address I think, but of course I don't know the exact rules and whether everyone sticks to these.


But aside from this: A workaround is just a workaround, of course, it's only the best you can get with any other solution not being feasible. That doesn't mean you need to do so if you can figure out a better one ...


[quote="pid:56879, uid:27623"]First, it reveals my Gmail email address. Second, some email systems reply to the Return address, not the Reply To.[/quote] Wouldn't this only affect auto replies like rejects or error reports? Every human response would only use either the "reply to" or "from" address I think, but of course I don't know the exact rules and whether everyone sticks to these. But aside from this: A workaround is just a workaround, of course, it's only the best you can get with any other solution not being feasible. That doesn't mean you need to do so if you can figure out a better one ...
			Michael
--
IERenderer's Homepage
PGP Key ID (RSA 2048): 0xC45D831B
S/MIME Fingerprint: 94C6B471 0C623088 A5B27701 742B8666 3B7E657C

Four days left until we find out if "app specific password" meets MS's "modern authentication methods".


I've installed a fail safe and have set my forwarding service to BOTH Outlook and Gmail. I just don't care for Gmail's "labels" as opposed to "folders". sigh....


Four days left until we find out if "app specific password" meets MS's "modern authentication methods". I've installed a fail safe and have set my forwarding service to BOTH Outlook and Gmail. I just don't care for Gmail's "labels" as opposed to "folders". sigh....

Well, its 16-Sep and so far I can access Outlook.com email via Pegasus. Time here is 09:00 (IST = GMT+1) so early days. I had been using just the normal password for POP3/IMAP and implemented MFA and secure password just to improve my chances of maintaining access after 16th Sep. It is too early to be confident that access will continue.


BTW, I agree with the comments about Gmail and labels instead of folders. This feeds into another of my dislikes. I do not like the way Gmail handles POP3. Since all Gmail is effectively in one folder it is very cumbersome. Its quite a while since I checked this so it may be better now.


My primary email remains Gmail simply because when I had to move from another provider, Outlook.com did not provide IMAP at all - and I did check with Microsoft on that. Of course it does now.


Well, its 16-Sep and so far I can access Outlook.com email via Pegasus. Time here is 09:00 (IST = GMT+1) so early days. I had been using just the normal password for POP3/IMAP and implemented MFA and secure password just to improve my chances of maintaining access after 16th Sep. It is too early to be confident that access will continue. BTW, I agree with the comments about Gmail and labels instead of folders. This feeds into another of my dislikes. I do not like the way Gmail handles POP3. Since all Gmail is effectively in one folder it is very cumbersome. Its quite a while since I checked this so it may be better now. My primary email remains Gmail simply because when I had to move from another provider, Outlook.com did not provide IMAP at all - and I did check with Microsoft on that. Of course it does now.

Still working for me too with a password app at 06:00 (GMT -7).


As for Gmail. I have a relatively active Gmail account from which I retrieve mail via POP3. All works well except that Gmail controls keeping track of which messages you have downloaded. I have found in which you can re-download a message.


Still working for me too with a password app at 06:00 (GMT -7). As for Gmail. I have a relatively active Gmail account from which I retrieve mail via POP3. All works well except that Gmail controls keeping track of which messages you have downloaded. I have found in which you can re-download a message.
12345 ... 6
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft