Details
-
Suggestion
-
Resolution: Fixed
-
35
-
Description
Problem Definition
Outgoing mail (SMTP) does not provide the option to authenticate via the oauth2.0 profile from the system admin UI.
Note that IMAP support is already implemented - JRASERVER-63917
Latest update
Current status - no plans to disable SMTP AUTH 
, but it's discouraged from usage.
Latest update on this matter: Basic Authentication and Exchange Online – September 2021 Update
Today, we are announcing that, effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage, with the exception of SMTP Auth.
...
Q: I thought you said you were not going to completely disable SMTP AUTH?
A: You’re right, we did, in blog posts here and here. We’re going to continue to disable SMTP AUTH for tenants who don’t use it, but we will not be changing the configuration of any tenant who does. We can’t tell though if the usage we see is valid or not, that’s down to you to determine. ...
Related links from Google/Gmail
Current status - no plans to disable SMTP AUTH
- https://workspaceupdates.googleblog.com/2020/03/less-secure-app-turn-off-suspended.html
we are suspending the LSA turn-off until further notice. All previously announced timeframes no longer apply. Please be reassured that when we restart the turn-off timelines, you will still have a 12 month window from that start date to review and complete your migration.
- https://workspaceupdates.googleblog.com/2019/12/less-secure-apps-oauth-google-username-password-incorrect.html
Previous updates
- the Microsoft announcement in https://docs.microsoft.com/en-us/lifecycle/announcements/exchange-online-basic-auth-deprecated:
UPDATE February 25, 2021: Microsoft has postponed disabling Basic Auth for protocols in active use by tenants until further notice but will continue to disable Basic Auth for protocols not in use. Overall scope of this change now covers EWS, EAS, POP, IMAP, Remote PowerShell, MAPI, RPC, SMTP AUTH and OAB.
..
Exchange Online is deprecating Basic Authentication for multiple protocols prior to its removal in the second half of 2021. Basic Authentication relies on sending usernames and passwords – often stored on or saved to the device – with every request, increasing risk of attackers capturing users' credentials, particularly if not TLS protected.
...
As part of security defaults, we currently disable Basic Authentication by default for new customers. During 2021, we'll start to disable Basic Authentication for existing customers who have no recorded usage of Basic Authentication in any of the protocols in scope of this announcement. After this change, apps will not be able to use Basic Authentication when connecting to Exchange Online using those protocols. - and related Basic Authentication and Exchange Online – February 2021 Update
The first change is that until further notice, we will not be disabling Basic Auth for any protocols that your tenant is using. When we resume this program, we will provide a minimum of twelve months notice before we block the use of Basic Auth on any protocol being used in your tenant.
...
Finally, we are aligning our plans with those for SMTP AUTH. We had previously announced that we would begin to disable SMTP AUTH for newly created tenants (and have already done so), and that we would expand this to disable SMTP AUTH for tenants who do not use it. We are continuing to do that, but we will include SMTP AUTH in all future communications and Message Center posts to make it easier for you to track the overall plan.
Suggested Solution
Provide support for OAuth 2.0 Outgoing mail (SMTP)
Workaround
None
Attachments
Issue Links
- causes
-
JRASERVER-74705 Getting an error when trying to save an Outgoing Mail configuration in Jira using the JNDI Location setting
-
- Closed
-
- is related to
-
- Closed
-
- Gathering Interest
- relates to
-
- Closed
-
RAID-2965 Loading...
-
- mentioned in
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Wiki Page
-