使用 AUTH=NTLM 针对 Exchange imap 服务器验证 imaplib.IMAP4_SSL
昨天,IT部门对Exchange服务器进行了更改。我以前可以使用 imaplib 从服务器获取消息。但现在看来他们已经关闭了我正在使用的身份验证机制。从下面的输出来看,服务器现在似乎仅支持 NTLM 身份验证。
>>> from imaplib import IMAP4_SSL
>>> s = IMAP4_SSL("my.imap.server")
>>> s.capabilities
('IMAP4', 'IMAP4REV1', 'IDLE', 'LOGIN-REFERRALS', 'MAILBOX-REFERRALS',
'NAMESPACE', 'LITERAL+', 'UIDPLUS', 'CHILDREN', 'AUTH=NTLM')
>>> s.login("username", "password")
...
imaplib.error: Clear text passwords have been disabled for this protocol.
问题:
- 如何使用 NTLM 和 imaplib 对 imap 服务器进行身份验证?我假设我需要使用 IMAP4_SSL.authenticate("NTLM", authobject) 来执行此操作?如何设置 authobject 回调。
- 由于 SSL/TLS 是连接到服务器的唯一方式,因此重新启用明文密码身份验证不应构成安全风险。正确的?
顺便说一句,连接到 imap 服务器的进程正在 Linux 上运行。所以我无法使用 pywin32。
编辑:
我自己能够弄清楚1.。但是 2.:通过 SSL 的 IMAP 中的明文密码不是安全问题,不是吗?
Yesterday, the IT department made changes to the Exchange server. I was previously able to use imaplib to fetch messages from the server. But now it seems they have turned off the authentication mechanism I was using. From the output below, it looks as if the server now supports NTLM authentication only.
>>> from imaplib import IMAP4_SSL
>>> s = IMAP4_SSL("my.imap.server")
>>> s.capabilities
('IMAP4', 'IMAP4REV1', 'IDLE', 'LOGIN-REFERRALS', 'MAILBOX-REFERRALS',
'NAMESPACE', 'LITERAL+', 'UIDPLUS', 'CHILDREN', 'AUTH=NTLM')
>>> s.login("username", "password")
...
imaplib.error: Clear text passwords have been disabled for this protocol.
Questions:
- How do I authenticate to the imap server using NTLM with imaplib? I assume I have need to use IMAP4_SSL.authenticate("NTLM", authobject) to do this? How do I set up the authobject callback.
- Since SSL/TLS is the only way to connect to the server, re-enabling clear text password authentication should not be a security risk. Correct?
The process that connects to the imap server is running on Linux, BTW. So I am not able to use pywin32.
Edit:
I was able to figure out 1. myself. But how about 2.: Clear text passwords in IMAP over SSL is not a security problem, is it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我能够使用 python-ntlm 项目。
python-ntlm实现 HTTP 的 NTLM 身份验证。通过扩展该项目,可以轻松为 IMAP 添加 NTLM 身份验证。我提交了项目补丁以及我的添加内容。
I was able to use the python-ntlm project.
python-ntlmimplements NTLM authentication for HTTP. It was easy to add NTLM authentication for IMAP by extending this project.I submitted a patch for the project with my additions.