-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Microsoft Graph mail driver #5194
Comments
Hi @mschoon85, |
Hi @ssddanbrown, Thank you for your quick response. I completely understand your perspective on avoiding vendor-specific solutions and adhering to open standards to reduce maintenance and dependencies. However, given the upcoming changes regarding Basic Authentication (Basic Auth), I’d like to explain why I’m considering using MS Graph with OAuth2. Difference between Basic Auth and OAuth:1. Basic Authentication (Basic Auth):
2. OAuth (Open Authorization):
Microsoft’s Phase-out of Basic Auth:Microsoft has announced that Basic Authentication for SMTP will be completely phased out by September 2025. After this point, only OAuth will be supported for SMTP AUTH in Exchange Online. This change is essential for reducing security risks. For more details, please refer to: https://ourcloudnetwork.com/prepare-for-exchange-online-basic-auth-permanent-retirement and https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-to-retire-basic-auth-for-client-submission-smtp/ba-p/4114750 Proposal:While I understand the desire to avoid vendor-specific solutions, I believe that supporting OAuth2 would be a broadly applicable and future-proof solution. OAuth2 is widely used by many cloud providers and offers a modern, secure method for authentication. I’m open to your suggestions on how we can address these challenges while staying aligned with open standards. Best regards, |
But they will still provide other mail-specific services that will support standard SMTP auth.
But OAuth2, from what I've seen so far, has vendor specific quirks that often require vendor specific implementation, maintenance and testing. If multiple vendors have jumped into a strong non-service-specific implementation (like OIDC is to OAuth for authentication) I'd be happy to get into that. |
Attempted Debugging
Searched GitHub Issues
Describe the Scenario
Hi @ssddanbrown,
In a previous ticket, it was mentioned that Windows Server with Apache may not be suitable for production. Consequently, I began setting up an Ubuntu server with Docker. Currently, I encounter issues when saving a new page or editing an existing one. The log files indicate SMTP connection errors, which makes sense as the new server lacks access to our internal SMTP server. In attempting to resolve this, I'm considering the possibility of using MS Graph for mailing. Could this be configured with the settings in the .env file, as shown below?
MAIL_DRIVER=msgraph
MAIL_MS_GRAPH_CLIENT_ID=your-application-client-id
MAIL_MS_GRAPH_TENANT_ID=your-tenant-id
MAIL_MS_GRAPH_CLIENT_SECRET=your-client-secret
MAIL_MS_GRAPH_FROM_ADDRESS=[email protected]
MAIL_MS_GRAPH_FROM_NAME=BookStack
Kind regards,
Michel
Exact BookStack Version
24.05.3
Log Content
[2024-09-06 12:05:32] production.ERROR: Connection could not be established with host "xxx:25": stream_socket_client(): php_network_getaddresses: getaddrinfo for smtp.xxx failed: Name does not resolve {"userId":54,"exception":"[object] (Symfony\Component\Mailer\Exception\TransportException(code: 0): Connection could not be established with host "smtp.xxx:25": stream_socket_client(): php_network_getaddresses: getaddrinfo for smtp.xxx failed: Name does not resolve at /app/www/vendor/ssddanbrown/symfony-mailer/Transport/Smtp/Stream/SocketStream.php:154)
Hosting Environment
Ubuntu 24.04 with docker
The text was updated successfully, but these errors were encountered: