Trying to set up Thunderbird with Dovecot and WSO2 Identity Server. I can verify all is well by telnet (can log in [OAUTHBEARER] and view my inbox). When I change authentication to OAuth2, I receive that message.
What is telling Thunderbird that it’s “not supported”? When connecting via telnet, I see “AUTH=OAUTHBEARER AUTH=XOAUTH2” as capabilities.
While testing, I used 143 and the IP address. I noticed when changing to hostname and 993, it still logs the IP or “.foo.com” instead of “mail.foo.com”. The error message also shows the wrong hostname. I’m assuming that’s just display text since it’s connecting to Dovecot and getting the capabilities.
Here’s the IMAP log:
2021-11-19 03:07:49.423000 UTC - [Parent 5284: IMAP]: D/IMAP ImapThreadMainLoop entering [this=13a57573000]
2021-11-19 03:07:49.423000 UTC - [Parent 5284: Main Thread]: W/IMAP IMAP: no OAuth2 support for this server.
2021-11-19 03:07:49.443000 UTC - [Parent 5284: Main Thread]: I/IMAP 13a57573000:192.168.0.3:NA:SetupWithUrlCallback: clearing IMAP_CONNECTION_IS_OPEN
2021-11-19 03:07:49.443000 UTC - [Parent 5284: IMAP]: I/IMAP 13a57573000:192.168.0.3:NA:ProcessCurrentURL: entering
2021-11-19 03:07:49.443000 UTC - [Parent 5284: IMAP]: I/IMAP 13a57573000:192.168.0.3:NA:ProcessCurrentURL:imap://test%40foo%2Ecom@192.168.0.3:143/select%3E%5EINBOX: = currentUrl
2021-11-19 03:07:49.476000 UTC - [Parent 5284: IMAP]: D/IMAP ReadNextLine [rv=0x0 stream=13a5a7b9550 nb=133 needmore=0]
2021-11-19 03:07:49.476000 UTC - [Parent 5284: IMAP]: I/IMAP 13a57573000:192.168.0.3:NA:CreateNewLineFromSocket: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=OAUTHBEARER AUTH=XOAUTH2] Dovecot ready.
2021-11-19 03:07:49.477000 UTC - [Parent 5284: IMAP]: D/IMAP SetConnectionStatus(0x0)
2021-11-19 03:07:49.477000 UTC - [Parent 5284: IMAP]: D/IMAP SetConnectionStatus(0x0)
2021-11-19 03:07:49.549000 UTC - [Parent 5284: IMAP]: D/IMAP Try to log in
2021-11-19 03:07:49.549000 UTC - [Parent 5284: IMAP]: D/IMAP IMAP auth: server caps 0x804085425, pref 0x0, failed 0x0, avail caps 0x0
2021-11-19 03:07:49.550000 UTC - [Parent 5284: IMAP]: D/IMAP (GSSAPI = 0x1000000, CRAM = 0x20000, NTLM = 0x100000, MSN = 0x200000, PLAIN = 0x1000, LOGIN = 0x2, old-style IMAP login = 0x4, auth external IMAP login = 0x20000000, OAUTH2 = 0x800000000)
2021-11-19 03:07:49.550000 UTC - [Parent 5284: IMAP]: D/IMAP No remaining auth method
2021-11-19 03:07:49.609000 UTC - [Parent 5284: IMAP]: E/IMAP login failed entirely
2021-11-19 03:07:49.616000 UTC - [Parent 5284: IMAP]: D/IMAP SetConnectionStatus(0x80004005)
2021-11-19 03:07:49.616000 UTC - [Parent 5284: IMAP]: D/IMAP URL failed with code 0x80004005 (imap://test%40foo%2Ecom@192.168.0.3:143/select%3E%5EINBOX)
2021-11-19 03:07:49.623000 UTC - [Parent 5284: IMAP]: I/IMAP 13a57573000:192.168.0.3:NA:ProcessCurrentURL: aborting queued urls
2021-11-19 03:07:49.649000 UTC - [Parent 5284: IMAP]: I/IMAP 13a57573000:192.168.0.3:NA:TellThreadToDie: close socket connection
2021-11-19 03:07:49.649000 UTC - [Parent 5284: IMAP]: D/IMAP ImapThreadMainLoop leaving [this=13a57573000]It’s not sufficient for the server to support OAuth2, TB has to be hardcoded to support the provider, which is only in place for gmail, Yahoo, AOL, mail.ru and a few others.
It requires establishing some kind of ‘secret key’ with each provider. Here is a list of OAuth discussions: https://mzl.la/32prgSF including ones relevant to Dovecot.
This page lists the current OAuth providers:
https://searchfox.org/comm-central/source/mailnews/base/src/OAuth2Providers.jsm
https://bugzilla.mozilla.org/show_bug.cgi?id=1602166
This mentions using a manual process involving a JS file?