Office 365 XOAuth2用于本地客户的SMTP 535 5.7.3身份验证失败

发布于 2025-01-31 12:10:49 字数 3591 浏览 4 评论 0原文

我尝试通过Office 365的SMTP发送邮件。我在Azure中为本机客户端设置了应用程序注册，并设置了许可SMTP.SEND。但是，当我连接时，我就可以得到一个令牌，但是发送不起作用。

在我读过的所有其他文章中，我需要设置'https://outlook.office.com/smtp.send'，但我在Azure Active中的API权限中找不到任何方法目录。我只能在Graph'https://graph.microsoft.com/smtp.send'或Exchange'https://ps.outlook.com/mail.send.send.all'时设置。

我忽略了什么吗？如果有人可以给我提示，那真的很棒吗？也许对于土著客户来说是不可能的？

在这里，我的代码获得访问凭据：

var cca = ConfidentialClientApplicationBuilder
    .Create("---")
    .WithClientSecret("----")
    .WithTenantId("----").Build();
var ewsScopes = new List<string>() { "https://outlook.office365.com/.default" };
var authResult = cca.AcquireTokenForClient(ewsScopes).ExecuteAsync().GetAwaiter().GetResult();
string xoauthKey = OAuth2.GetXOAuthKeyStatic(fromAddress, authResult.AccessToken);

// content of xoauthKey:
// user=my-testmailAccount�auth=Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IjR....��

我使用Mailbee或Maikit实际发送邮件。

这是SMTP日志：

[15:41:09.26] [INFO] Assembly version: 11.0.0 build 569 for .NET 4.5.
[15:41:09.26] [INFO] Will test sending mail message.
[15:41:09.32] [INFO] Will resolve host "smtp.office365.com".
[15:41:09.33] [INFO] Host "smtp.office365.com" resolved to IP address(es) 52.97.151.146, 52.98.208.82, 52.98.212.194, 52.97.137.66.
[15:41:09.33] [INFO] Will connect to host "smtp.office365.com" on port 587.
[15:41:09.35] [INFO] Socket connected to IP address 52.97.151.146 on port 587.
[15:41:09.38] [RECV] 220 AM6P194CA0020.outlook.office365.com Microsoft ESMTP MAIL Service ready at Mon, 16 May 2022 13:41:09 +0000\r\n
[15:41:09.38] [INFO] Connected to mail service at host "smtp.office365.com" on port 587 and ready.
[15:41:09.38] [INFO] Will send Hello command (HELO or EHLO).
[15:41:09.38] [SEND] EHLO [10.0.0.4]\r\n
[15:41:09.40] [RECV] 250-AM6P194CA0020.outlook.office365.com Hello [20.113.132.65]\r\n250-SIZE 157286400\r\n250-PIPELINING\r\n250-DSN\r\n250-ENHANCEDSTATUSCODES\r\n250-STARTTLS\r\n250-8BITMIME\r\n250-BINARYMIME\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n
[15:41:09.41] [INFO] SMTP Hello completed.
[15:41:09.41] [INFO] Notify server that we are ready to start TLS/SSL negotiation.
[15:41:09.41] [SEND] STARTTLS\r\n
[15:41:09.43] [RECV] 220 2.0.0 SMTP server ready\r\n
[15:41:09.43] [INFO] Will start TLS/SSL negotiation sequence.
[15:41:09.47] [INFO] TLS/SSL negotiation completed.
[15:41:09.47] [INFO] Will send Hello command (HELO or EHLO).
[15:41:09.48] [SEND] EHLO [10.0.0.4]\r\n
[15:41:09.49] [RECV] 250-AM6P194CA0020.outlook.office365.com Hello [20.113.132.65]\r\n250-SIZE 157286400\r\n250-PIPELINING\r\n250-DSN\r\n250-ENHANCEDSTATUSCODES\r\n250-AUTH LOGIN XOAUTH2\r\n250-8BITMIME\r\n250-BINARYMIME\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n
[15:41:09.49] [INFO] SMTP Hello completed.
[15:41:09.49] [INFO] Will login as "my-testmailAccount".
[15:41:09.50] [INFO] Will try SASL XOAUTH2 authentication method.
[15:41:09.50] [SEND] AUTH XOAUTH2\r\n
[15:41:09.51] [RECV] 334 \r\n
[15:41:09.52] [SEND] ********\r\n
[15:41:15.15] [RECV] 535 5.7.3 Authentication unsuccessful [AM6P194CA0020.EURP194.PROD.OUTLOOK.COM]\r\n
[15:41:15.17] [INFO] Will disconnect from host "smtp.office365.com".
[15:41:15.17] [INFO] Disconnected from host "smtp.office365.com".
[15:41:15.17] [INFO] Error: The server has rejected authentication data sent by the client. The server responded: 535 5.7.3 Authentication unsuccessful [AM6P194CA0020.EURP194.PROD.OUTLOOK.COM].

我启用了很多权限，但没有任何帮助。

原文

I try to send mails via the smtp of office 365. I setup an app registration for native client in azure and set the permission SMTP.Send. But when I connect I've been able to get a token, but the sending doesn't work.

In all others articles I read, that I need to set 'https://outlook.office.com/SMTP.Send', but I do not find any way in set it in the API permissions of the my app in the Azure Active Directory. I can only set if for Graph 'https://graph.microsoft.com/SMTP.Send' or Exchange 'https://ps.outlook.com/Mail.Send.All'.

Do I overlook something?
Would be really great if someone could give me a hint?
Or maybe it it's not possible for native clients?

Here my code to get the access credentials:

var cca = ConfidentialClientApplicationBuilder
    .Create("---")
    .WithClientSecret("----")
    .WithTenantId("----").Build();
var ewsScopes = new List<string>() { "https://outlook.office365.com/.default" };
var authResult = cca.AcquireTokenForClient(ewsScopes).ExecuteAsync().GetAwaiter().GetResult();
string xoauthKey = OAuth2.GetXOAuthKeyStatic(fromAddress, authResult.AccessToken);

// content of xoauthKey:
// user=my-testmailAccount�auth=Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IjR....��

I use mailbee or maikit to actually send the mails.

This is the smtp log:

[15:41:09.26] [INFO] Assembly version: 11.0.0 build 569 for .NET 4.5.
[15:41:09.26] [INFO] Will test sending mail message.
[15:41:09.32] [INFO] Will resolve host "smtp.office365.com".
[15:41:09.33] [INFO] Host "smtp.office365.com" resolved to IP address(es) 52.97.151.146, 52.98.208.82, 52.98.212.194, 52.97.137.66.
[15:41:09.33] [INFO] Will connect to host "smtp.office365.com" on port 587.
[15:41:09.35] [INFO] Socket connected to IP address 52.97.151.146 on port 587.
[15:41:09.38] [RECV] 220 AM6P194CA0020.outlook.office365.com Microsoft ESMTP MAIL Service ready at Mon, 16 May 2022 13:41:09 +0000\r\n
[15:41:09.38] [INFO] Connected to mail service at host "smtp.office365.com" on port 587 and ready.
[15:41:09.38] [INFO] Will send Hello command (HELO or EHLO).
[15:41:09.38] [SEND] EHLO [10.0.0.4]\r\n
[15:41:09.40] [RECV] 250-AM6P194CA0020.outlook.office365.com Hello [20.113.132.65]\r\n250-SIZE 157286400\r\n250-PIPELINING\r\n250-DSN\r\n250-ENHANCEDSTATUSCODES\r\n250-STARTTLS\r\n250-8BITMIME\r\n250-BINARYMIME\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n
[15:41:09.41] [INFO] SMTP Hello completed.
[15:41:09.41] [INFO] Notify server that we are ready to start TLS/SSL negotiation.
[15:41:09.41] [SEND] STARTTLS\r\n
[15:41:09.43] [RECV] 220 2.0.0 SMTP server ready\r\n
[15:41:09.43] [INFO] Will start TLS/SSL negotiation sequence.
[15:41:09.47] [INFO] TLS/SSL negotiation completed.
[15:41:09.47] [INFO] Will send Hello command (HELO or EHLO).
[15:41:09.48] [SEND] EHLO [10.0.0.4]\r\n
[15:41:09.49] [RECV] 250-AM6P194CA0020.outlook.office365.com Hello [20.113.132.65]\r\n250-SIZE 157286400\r\n250-PIPELINING\r\n250-DSN\r\n250-ENHANCEDSTATUSCODES\r\n250-AUTH LOGIN XOAUTH2\r\n250-8BITMIME\r\n250-BINARYMIME\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n
[15:41:09.49] [INFO] SMTP Hello completed.
[15:41:09.49] [INFO] Will login as "my-testmailAccount".
[15:41:09.50] [INFO] Will try SASL XOAUTH2 authentication method.
[15:41:09.50] [SEND] AUTH XOAUTH2\r\n
[15:41:09.51] [RECV] 334 \r\n
[15:41:09.52] [SEND] ********\r\n
[15:41:15.15] [RECV] 535 5.7.3 Authentication unsuccessful [AM6P194CA0020.EURP194.PROD.OUTLOOK.COM]\r\n
[15:41:15.17] [INFO] Will disconnect from host "smtp.office365.com".
[15:41:15.17] [INFO] Disconnected from host "smtp.office365.com".
[15:41:15.17] [INFO] Error: The server has rejected authentication data sent by the client. The server responded: 535 5.7.3 Authentication unsuccessful [AM6P194CA0020.EURP194.PROD.OUTLOOK.COM].

I enabled a lot of permissions, but nothing helped.