Re: mbsync with XOAUTH2 SASL mechanism

[Peter Polidoro]

Giovanni Biscuolo <g@xelera.eu> writes:

> have you solved your problem?

No, I hate to admit that I have given up in frustration.

My work email unfortunately uses office365. I work for a large 
nonprofit science foundation. I wish they only used free software, 
but some of the enterprise software is proprietary. I used to be 
able to read and write my work email with Emacs, but after 
Microsoft changed their policies, that no longer works.

I found several sets of instructions online for getting outlook365 
OAuth2 working with Emacs, such as this one:

https://sites.uw.edu/bxf4/2022/09/01/getting-uw-outlook-365-oauth2-to-work-with-emacs-mu4e-mbsync-and-msmtp/

I submitted a cyrus-sasl-xoauth2 guix package, but the guix side 
is not the frustrating part.

The frustrating part is that all of the instructions online say 
you need to create an "Azure Active Directory App". I created one 
and it seemed to work fine, but after a couple of weeks it expired 
and then I kept getting emails from Microsoft saying I needed to 
pay them money to keep the Azure app running. I really do not want 
to subscribe to anything Microsoft related, even if my work pays 
for it. That link references another authentication app from 
Thunderbird, perhaps there is a way to get something like that 
working with Emacs, but I could not find any detailed instructions 
to do so.

Right now I am able to read and write personal emails in Emacs, 
but for all of my work emails I am forced to use Outlook in a web 
browser.

> Last but not least, please consider that if you can (and if your 
> company
> server/postmaster allows it) it's much better to use an "app 
> password"
> method instead of Oauth2
> https://pypi.org/project/getmail/#oauth2-privacy-policy

I wish. That is the problem. App passwords used to be allowed by 
office365, but they changed that policy.