Mutt with OAuth2 configuration
For instance this works for
outlook.comaccounts and also forethz.chaccounts which are already in "Exchange Online".
Prerequisites
Install GnuPG
OAuth works with secret tokens and these need to be encripted with GnuPG; install it as follow:
# Fedora Linux
sudo dnf install gnupg2
# Ubuntu Linux
sudo apt-get install gnupg
# macOS with MacPorts
sudo port install gnupg2
# macOS with Homebrew
sudo brew install gnupgGenerate a key pair
gpg --full-generate-key
Please select what kind of key you want:
(9) ECC (sign and encrypt) *default*
your selection? <--------------------------------------- ENTER
Please select which elliptic curve you want:
(1) Curve 25519 *default*
Your selection? <--------------------------------------- ENTER
Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0) <--------------------------------- ENTER
Key does not expire at all
Is this correct? (y/N) y <------------------------------ y + ENTER
GnuPG needs to construct a user ID to identify your key.
Real name: Michele Marcionelli <------------------------ Your name + ENTER
Email address: mima-test@ethz.ch <---------------------- Your email + ENTER
Comment: <---------------------------------------------- ENTER
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? <--- O + ENTER
Enter a passphare to protect you new key: ********* <--- Password + ENTER (twice)IMPORTANT: do not forget this password; you are going to use it every time that you start mutt!
Install and configure mutt_oauth2.py
Download mutt_oauth2.py
[ ! -d ~/bin ] && mkdir ~/bin
cd bin
wget https://gitlab.com/muttmua/mutt/-/raw/master/contrib/mutt_oauth2.py
chmod +x mutt_oauth2.pyand configure it:
vi mutt_oauth2.py
==>
ENCRYPTION_PIPE = ['gpg', '--encrypt', '--recipient', 'mima-test@ethz.ch']
...
registrations = {
...
'microsoft': {
...
'client_id': '9e5f94bc-e8a4-4e73-b8be-63364c29d753',Note: The client_id for mutt seems not to exist, but it is not that important and we use the one from Thunderbird 9e5f94bc-e8a4-4e73-b8be-63364c29d753 and in this case the client_secret can be left empty. During the login process (see the next step), you will be notified you are trying to login via "Thunderbird".
Create an OAuth2 token file
mutt_oauth2.py ~/.my_mutt_oauth_token --verbose --authorize
OAuth2 registration: microsoft
Preferred OAuth2 flow: devicecode
Account e-mail address: mima-test@ethz.ch
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code FUNCWGSYH to authenticate.
Polling...............
NOTICE: Obtained new access token, expires 2024-01-18T14:33:21.367816.
Access Token: ********************Configure mutt with OAuth2
Configure mutt as follow:
set hostname = "math.ethz.ch"
set hidden_host = "no"
set use_domain = "yes"
set imap_user = "mima-test@ethz.ch"
set realname = "Michele Marcionelli"
set from = "${realname} <michele-test@math.ethz.ch>"
set folder = "imaps://${imap_user}@outlook.office365.com"
set spoolfile = "+INBOX"
set record = ""
set smtp_url = "smtp://${imap_user}@smtp.office365.com:587"
set imap_authenticators = "xoauth2"
set imap_oauth_refresh_command = "`/bin/echo -n $HOME/bin/mutt_oauth2.py $HOME/.my_mutt_oauth_token`"
set smtp_authenticators = ${imap_authenticators}
set smtp_oauth_refresh_command = ${imap_oauth_refresh_command}
set ssl_force_tls = "yes"
set ssl_starttls = "yes"and test the command defined in imap_oauth_refresh_command manually:
$HOME/bin/mutt_oauth2.py $HOME/.my_mutt_oauth_token
==>
EwBQA+l3BAAUpSDGiWSEqG8SEbhMwx+LVy/3Wu8AATY...depending on how you installed GnuPG, you will maybe need to set this environment variable, but try without it first:
export GPG_TTY=$(tty)Goodie - Shared Mailbox
To use mutt with a shared mailbox, just change the following settings:
set realname = "Fullname of the Shared Mailbox"
set from = "${realname} <shared-address@math.ethz.ch>"
set imap_user = "<username-of-shared-mailbox>@ethz.ch"
set smtp_url = "smtp://<your-eth-username>@mail.ethz.ch:587"
set smtp_authenticators = "login"
set record = "+Sent Items"