Lately, I've been noticing that Microsoft client proxies frequently fail. Seems to be due to a bug with how we're parsing the capabilities responses:
[2024-08-03 09:24:50.630] DEBUG[551614]: io_tls.c:804 ssl_client_new: TLS SN: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=outlook.com
[2024-08-03 09:24:50.630] DEBUG[551614]: io_tls.c:811 ssl_client_new: TLS Issuer: /C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
[2024-08-03 09:24:50.630] DEBUG[551614]: io_tls.c:819 ssl_client_new: TLS verification successful 0x7fbe5000ae20
[2024-08-03 09:24:50.630] DEBUG[551614]: io.c:170 io_transform_store: Set up node I/O transformer at index 0
[2024-08-03 09:24:50.630] DEBUG[551614]: tcp.c:58 bbs_tcp_client_connect: Implicit TLS completed
...
[2024-08-03 09:24:50.657] DEBUG[551614]: tcp.c:107 bbs_tcp_client_expect: <= * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
[2024-08-03 09:24:50.657] DEBUG[551614]: mod_mail.c:1717 imap_client_capability: Capabilities: IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
[2024-08-03 09:24:50.657] DEBUG[551614]: tcp.c:107 bbs_tcp_client_expect: <= a0 OK CAPABILITY completed.
...
[2024-08-03 09:24:53.114] DEBUG[551614]: readline.c:151 bbs_readline: bbs_poll_read returned -1
[2024-08-03 09:24:53.114] DEBUG[551614]: mod_mail.c:1903 imap_client_login: Didn't receive expected 'a1 OK'
[2024-08-03 09:24:53.114] DEBUG[551614]: imap_client.c:45 client_destroy: Destroying IMAP client...
9/13/2024 9:06 PM — InterLinked
Autoresolved by code commit on GitHub:
mod_mail: Log remote IMAP server error when LOGIN fails.
https://github.com/InterLinked1/lbbs/commit/9a1918b2c5d7dd2bfb0a94c3843222e0acb7d6cd
You must be
9/13/2024 8:58 PM — InterLinked
No bug in capability parsing existed, though a related bug in logging the LOGIN error has been identified.
The actual cause of this is that Microsoft is *deliberately* rejecting login attempts intermittently, in anticipation of their disabling basic authentication on Monday: https://support.microsoft.com/en-us/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d
"Until September 16th, users signing into Outlook.com through Basic Authentication may experience recurring password prompts in Outlook and other third-party email applications. This is a known issue. After September 16th, users attempting to connect their Microsoft accounts through Basic Authentication will fail to do so."
While a workaround would be to retry multiple times if LOGIN fails, I will not be implementing that because the server is 100% at fault here, and it would only work for the next 3 days anyways. Trust Microsoft to not know how to run a mail server, as usual.