Often for work reasons, one is forced to use Microsoft Office365 Outlook as the email server. Moreover companies are enforcing multi factor authentication. This often leaves Linux uses out in the cold, but it doesn’t have to.
This brief article should allow you to use any email client of your choice on any OS platform, thanks to the davmail java program. Specifically version 5.2 and above support “modern auth” and ADFS.
To get started, ensure you have the following:
- davmail >= 5.2.0
- Java 8.0.40 or Oracle JDK 9.0.4
- outlook.office.com account with MFA enabled using modern auth and ADFS. The MFA I’m testing is a custom in house MFA.
- Any email client implementing email standards protocols, imap/pop/smtp.
The java version you are using is important. I am using:
$ /usr/bin/java -version java version "1.8.0_211"
which is Oracle jdk8 8u211. I couldn’t get it to work with the free openjdk, only Oracles equivalent.
Next up, create
.davmail.properties in the root of your home directory.
The important bits to set in the file are:
davmail.mode=O365Interactive davmail.url=https\://outlook.office365.com/EWS/Exchange.asmx davmail.defaultDomain= # https://github.com/mguessan/davmail/issues/19 sun.net.http.allowRestrictedHeaders=true
Also ensure this old deprecated setting is removed
To enable verbose logging, you can do this:
log4j.logger.davmail=INFO log4j.logger.httpclient.wire=INFO log4j.logger.org.apache.commons.httpclient=INFO log4j.rootLogger=INFO davmail.logFilePath=/tmp/davmail.log davmail.logFileSize=1MB
Now, run davmail.
It opens a bunch of ports locally, depending on your config:
davmail.caldavPort=1080 davmail.imapPort=1143 davmail.ldapPort=1389 davmail.popPort= davmail.proxyPort= davmail.smtpPort=1025
So point your mail client to these ports and davmail should pop open a browser window, in my case, telling me to check my MFA and approve access.
In my case, I fetch email with offlineimap and my settings for that account are:
remotehost = localhost remoteuser = firstname.lastname@example.org remoteport = 1143 remotepass = mypassword
That’s all there is to it! Enjoy having a choice on email client to use again.