A few questions

Board for discussions around the Epyrus mail and news client.

Moderator: athenian200

Lebowsky
Hobby Astronomer
Hobby Astronomer
Posts: 27
Joined: 2016-08-04, 16:11

A few questions

Unread post by Lebowsky » 2022-10-12, 22:48

Hello!

I had been following the development of this project from a distant eye ever since the first post about it. I'm thinking of switching to Epyrus but have a couple of questions if that's ok?

The organization I work for has a bring-your-own-device policy, so I use my own personal laptop, and they use Office365 to manage work email addresses, etc. I have been using Fossa Mail for the last 6 years or so, as it was available when I setup this machine, and haven't needed changing client since.

However it would seem Microsoft is also pushing OAuth, and since today I cannot login in IMAP with Fossa Mail anymore. Since Epyrus 1.3 has just been released, it might be a good option for a new email client. My questions:

- Is OAuth fully supported or are there some restrictions still?
- Is Lightning integrated directly within Epyrus? It doesn't seem to show on the addon page.
- Would it be easy to migrate from Fossa Mail to Epyrus? What about my Lightning calendar(s)?

Thanks for your help :)

User avatar
athenian200
Contributing developer
Contributing developer
Posts: 1498
Joined: 2018-10-28, 19:56
Location: Georgia

Re: A few questions

Unread post by athenian200 » 2022-10-13, 03:50

OAuth2 is technically supported, but the problem is it can only be supported with a client ID and client secret that user creates for themselves. So far I have only set things up to do that for GMail because that was the only provider that absolutely required OAuth2 in some cases. I haven't worked out a similar solution for Microsoft. Another idea I had for that was possibly to see if I could support Microsoft via the Exchange protocol and get around dealing with OAuth for them that way.

The thing is, this solution is kind of a hack, because getting a REAL OAuth2 client ID and client secret (that would work for every single user of my e-mail client without them having to generate their own) would be prohibitively difficult for a small project with no organizational backing like what Mozilla Thunderbird and Microsoft Outlook have. Because that protocol is designed to make the person who wrote the e-mail client prove to the organization running the OAuth2 service that it is trustworthy, and not many e-mail clients can meet that standard.

Lightning is fully integrated in Epyrus, yes. As for migrating from Fossamail, I haven't experimented with that as I have never used Fossamail.

The other thing to keep in mind, is that Epyrus is technically still in alpha... that is, it doesn't get automatic updates, I'm still setting up the website, it doesn't have its own theme yet, I haven't got everything together well. If you're asking me if I would recommend it for a work e-mail client, the answer is I would not. One of the other problems with using this at work is that I don't sign my executables and it could potentially flag security scanners, etc. If I had a job in a corporate environment and I had IT people asking me pointed questions about whether Epyrus is safe to use on their network, I wouldn't be able to reassure them.
"The Athenians, however, represent the unity of these opposites; in them, mind or spirit has emerged from the Theban subjectivity without losing itself in the Spartan objectivity of ethical life. With the Athenians, the rights of the State and of the individual found as perfect a union as was possible at all at the level of the Greek spirit." -- Hegel's philosophy of Mind

User avatar
FranklinDM
Add-ons Team
Add-ons Team
Posts: 575
Joined: 2017-01-14, 02:40
Location: Philippines
Contact:

Re: A few questions

Unread post by FranklinDM » 2022-10-13, 06:14

Lebowsky wrote:
2022-10-12, 22:48
However it would seem Microsoft is also pushing OAuth, and since today I cannot login in IMAP with Fossa Mail anymore.
I've also encountered this issue a while back, since my work email is managed under Microsoft 365. The solution that our IT department suggested is to use app passwords. However, this setting is controlled by your organization and may or may not be available (my school email doesn't have this option enabled).

Oddly enough, my personal Outlook email continues to work just fine with IMAP using a normal password.

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 4942
Joined: 2015-12-09, 15:45
Contact:

Re: A few questions

Unread post by moonbat » 2022-10-13, 06:31

If you have 2FA enabled (as you should), then app passwords are the way to go for Gmail/Office 365 in a personal use setup. I can't use my corporate Office 365 outside of my official laptop as they use certificate based authentication on company provided phones, which I don't get being a contractor.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

Lebowsky
Hobby Astronomer
Hobby Astronomer
Posts: 27
Joined: 2016-08-04, 16:11

Re: A few questions

Unread post by Lebowsky » 2022-10-13, 07:40

athenian200 thank you for your detailed answer! Epyrus really seems like a potentially awesome application, and probably as soon as it gets automatic updates, I will switch to it on my personal machine.
FranklinDM wrote:
2022-10-13, 06:14
I've also encountered this issue a while back, since my work email is managed under Microsoft 365. The solution that our IT department suggested is to use app passwords. However, this setting is controlled by your organization and may or may not be available (my school email doesn't have this option enabled).

Oddly enough, my personal Outlook email continues to work just fine with IMAP using a normal password.
moonbat wrote:
2022-10-13, 06:31
If you have 2FA enabled (as you should), then app passwords are the way to go for Gmail/Office 365 in a personal use setup. I can't use my corporate Office 365 outside of my official laptop as they use certificate based authentication on company provided phones, which I don't get being a contractor.
Thanks a lot for this. I will bother my IT department to see if is possible to enable app passwords. About 2FA... well I don't have a work-provided mobile phone, so I am not putting my personal phone number into my corporate Office email (or any other google/MS/etc. product for that matter). Does 2FA work with an additional email address or a landline phone number dictating the code (like google)? I was able to delay using it until now, it is enabled, but not enforced by our organization. Two many people would complain for that same reason.
From what I searched, it seems it only works with a mobile number or MS authenticator (and I don't even have a smartphone anyway), but maybe you do know more about it ;)

Lebowsky
Hobby Astronomer
Hobby Astronomer
Posts: 27
Joined: 2016-08-04, 16:11

Re: A few questions

Unread post by Lebowsky » 2022-10-18, 22:03

Long story short my IT dept won't do anything to help. "Just use outlook".

Would this Exchange add-on for Thunderbird work with Epyrus and/or FossaMail, until native support for Exchange or OAuth2 for MS is added to Epyrus?

https://www.beonex.com/owl/

I'm guessing not because of the required Thunderbird version, but it doesn't hurt to ask...

User avatar
athenian200
Contributing developer
Contributing developer
Posts: 1498
Joined: 2018-10-28, 19:56
Location: Georgia

Re: A few questions

Unread post by athenian200 » 2022-10-19, 07:27

Lebowsky wrote:
2022-10-18, 22:03
Long story short my IT dept won't do anything to help. "Just use outlook".

Would this Exchange add-on for Thunderbird work with Epyrus and/or FossaMail, until native support for Exchange or OAuth2 for MS is added to Epyrus?

https://www.beonex.com/owl/

I'm guessing not because of the required Thunderbird version, but it doesn't hurt to ask...
I haven't tested it (it's a paid product), but it does show that it would be possible to add Exchange support in theory, if it can be done with a Thunderbird extension. That's one reason why it's an option I'm considering.

Easiest thing to do probably would be to set up a similar solution for Microsoft that I did for Google's OAuth2, just not sure which option would likely be more robust in the long-term.
"The Athenians, however, represent the unity of these opposites; in them, mind or spirit has emerged from the Theban subjectivity without losing itself in the Spartan objectivity of ethical life. With the Athenians, the rights of the State and of the individual found as perfect a union as was possible at all at the level of the Greek spirit." -- Hegel's philosophy of Mind

Lebowsky
Hobby Astronomer
Hobby Astronomer
Posts: 27
Joined: 2016-08-04, 16:11

Re: A few questions

Unread post by Lebowsky » 2022-10-19, 08:53

Good to know :)

For now I've been able to circumvent my problem by using DavMail - https://davmail.sourceforge.net/ it acts as a gateway to the Exchange server.

It's not ideal, it's clunky, but it works.

User avatar
Bilbo47
Fanatic
Fanatic
Posts: 234
Joined: 2017-11-18, 04:24

Re: A few questions

Unread post by Bilbo47 » 2022-10-19, 23:30

DavMail gateway to Exchange
Used this for email from IMAP-only clients while on the road during Y2K times.

Locked