Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Thunderbird with Oauth2 on own server support

  • 1 reply
  • 0 have this problem
  • 8 views
  • Last reply by next

more options

Hi,

I'm implementing an IMAP server with Oauth2 login capability.

My goal is to let user login to it using Thunderbird.

I have read in your documentation at https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat under the Oauth2 section:

"Due to a defficiency in the OAuth2 spec, the client is usually required to send a client credential key, which in turn requires the client to be registered and approved by the email provider. Unfortunately, this not only allows email providers to block specific email clients (which is contrary to the idea of Open-Source), but also makes it impossible to support arbitrary OAuth2 servers. That's why Thunderbird is forced to hardcode the servers that it supports and the respecive client keys. That means that you cannot use OAuth2 for your own server. Only the servers listed on OAuth2Providers.jsm will work"

Is this true for the autoconfiguration process or for the whole oauth2 on own server support?

Right now I'm trying to login with a test account on mail system via Thunderbird configurated with Oauth2, from Dovecot I can see Thunderbird reaching the server and receiving response, after that Dovecot says:

"imap-login: Disconnected: Connection closed (no auth attempts in 0 secs)" and thunderbird hangs up indefinitely.

Just to know if I'have hope to make it work or not.

Many thanks

Gabriele

Hi, I'm implementing an IMAP server with Oauth2 login capability. My goal is to let user login to it using Thunderbird. I have read in your documentation at https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat under the Oauth2 section: "Due to a defficiency in the OAuth2 spec, the client is usually required to send a client credential key, which in turn requires the client to be registered and approved by the email provider. Unfortunately, this not only allows email providers to block specific email clients (which is contrary to the idea of Open-Source), but also makes it impossible to support arbitrary OAuth2 servers. That's why Thunderbird is forced to hardcode the servers that it supports and the respecive client keys. That means that you cannot use OAuth2 for your own server. Only the servers listed on OAuth2Providers.jsm will work" Is this true for the autoconfiguration process or for the whole oauth2 on own server support? Right now I'm trying to login with a test account on mail system via Thunderbird configurated with Oauth2, from Dovecot I can see Thunderbird reaching the server and receiving response, after that Dovecot says: "imap-login: Disconnected: Connection closed (no auth attempts in 0 secs)" and thunderbird hangs up indefinitely. Just to know if I'have hope to make it work or not. Many thanks Gabriele

All Replies (1)

more options

Ciao, ho aspettato un po' per vedere se qualcuno volesse intervenire, ma direi che è palese che la tua domanda sia troppo tecnica per un forum degli utenti. Posso solo suggerirti di chiedere sul forum internazionale in lingua inglese -> https://support.mozilla.org/en-US/ oppure chiedere sul forum di Mozilla Italia -> https://forum.mozillaitalia.org/

In alternativa prova ad aprire una segnalazione su bugzilla -> https://bugzilla.mozilla.org/describecomponents.cgi?product=Thunderbird