starred/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-06 09:13:19 +03:00
Code Issues 121 Packages Projects Releases 16 Wiki Activity

🚀 Feature: OAuth aka Modern Auth support for smtp #249

New Issue
Open
opened 2025-10-07 00:07:11 +03:00 by OVERLORD · 6 comments
OVERLORD commented 2025-10-07 00:07:11 +03:00
Owner
Copy Link

Originally created by @ArthurHuyghe on GitHub.

Feature description

Currently, Pocket-ID only supports Basic Authentication for SMTP, which is increasingly being deprecated by major email providers due to security concerns. This request is to add support for OAuth (also known as Modern Authentication) when sending email via SMTP servers, such as Outlook or Gmail.

Pitch

Many users rely on SMTP servers like Outlook (Microsoft 365) and Gmail, which are phasing out Basic Authentication in favor of more secure OAuth-based methods. Without support for Modern Auth, sending email through these providers will no longer be possible.

For example, when attempting to use Outlook as the SMTP server, I encountered the following error:

Error #01: failed to connect to SMTP server: failed to authenticate: SMTP error 535: Authentication unsuccessful, basic authentication is disabled. [AS4P189CA0025.EURP189.PROD.OUTLOOK.COM 2025-04-19T14:31:11.466Z 08DD7F49A7258E58]

Implementing OAuth support for SMTP would:

  • Enhance security by eliminating the need to store plaintext passwords.

  • Ensure compatibility with major email providers.

  • Future-proof the application as Basic Auth continues to be deprecated across the industry.

This feature would likely involve integrating OAuth2 token acquisition and refresh flows, and passing those tokens in the SMTP authentication process according to each provider’s specification (e.g., XOAUTH2 for Microsoft/Google).

Originally created by @ArthurHuyghe on GitHub. ### Feature description Currently, Pocket-ID only supports Basic Authentication for SMTP, which is increasingly being deprecated by major email providers due to security concerns. This request is to add support for OAuth (also known as Modern Authentication) when sending email via SMTP servers, such as Outlook or Gmail. ### Pitch Many users rely on SMTP servers like Outlook (Microsoft 365) and Gmail, which are phasing out Basic Authentication in favor of more secure OAuth-based methods. Without support for Modern Auth, sending email through these providers will no longer be possible. For example, when attempting to use Outlook as the SMTP server, I encountered the following error: ``` Error #01: failed to connect to SMTP server: failed to authenticate: SMTP error 535: Authentication unsuccessful, basic authentication is disabled. [AS4P189CA0025.EURP189.PROD.OUTLOOK.COM 2025-04-19T14:31:11.466Z 08DD7F49A7258E58] ``` Implementing OAuth support for SMTP would: - Enhance security by eliminating the need to store plaintext passwords. - Ensure compatibility with major email providers. - Future-proof the application as Basic Auth continues to be deprecated across the industry. This feature would likely involve integrating OAuth2 token acquisition and refresh flows, and passing those tokens in the SMTP authentication process according to each provider’s specification (e.g., XOAUTH2 for Microsoft/Google).
OVERLORD added the open to pull requests label 2025-10-07 00:07:11 +03:00
OVERLORD commented 2025-10-07 00:07:12 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

I haven't come across any services that support SMTP authentication over OAuth2, which makes me hesitant about implementing this. Do you have any examples where this has been implemented?

@stonith404 commented on GitHub: I haven't come across any services that support SMTP authentication over OAuth2, which makes me hesitant about implementing this. Do you have any examples where this has been implemented?
OVERLORD commented 2025-10-07 00:07:12 +03:00
Author
Owner
Copy Link

@kmendell commented on GitHub:

I think this makes sense. @stonith404 Do you agree?

@kmendell commented on GitHub: I think this makes sense. @stonith404 Do you agree?
OVERLORD commented 2025-10-07 00:07:13 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

I've never used OAuth for SMTP authentication but I guess if this is common we could consider to implement it.

Are there any services which already supports OAuth SMTP authentication?

@stonith404 commented on GitHub: I've never used OAuth for SMTP authentication but I guess if this is common we could consider to implement it. Are there any services which already supports OAuth SMTP authentication?
OVERLORD commented 2025-10-07 00:07:13 +03:00
Author
Owner
Copy Link

@user00265 commented on GitHub:

I've never used OAuth for SMTP authentication but I guess if this is common we could consider to implement it.

Are there any services which already supports OAuth SMTP authentication?

Gmail and Outlook for sure. Outlook does not support any other authentication method for SMTP other than OAuth.

@user00265 commented on GitHub: > I've never used OAuth for SMTP authentication but I guess if this is common we could consider to implement it. > > Are there any services which already supports OAuth SMTP authentication? Gmail and Outlook for sure. Outlook does not support any other authentication method for SMTP other than OAuth.
OVERLORD commented 2025-10-07 00:07:13 +03:00
Author
Owner
Copy Link

@ArthurHuyghe commented on GitHub:

My Synology uses it to send emails. But as for open source services, there aren't that many. I found apprise supports it.

@ArthurHuyghe commented on GitHub: My Synology uses it to send emails. But as for open source services, there aren't that many. I found [apprise](https://github.com/caronc/apprise/wiki/Notify_office365) supports it.
OVERLORD commented 2025-10-07 00:07:14 +03:00
Author
Owner
Copy Link

@ArthurHuyghe commented on GitHub:

From what I can tell, OAuth2 for SMTP is still pretty rare in the homelab/self-hosted world. Besides the services mentioned above, I also found Thunderbird, Mutt, and a few other email related tools that support it — but that’s about it. For now, it might make sense to park this feature and see if it gains more traction over time.

In the meantime, it could help to add a note in the docs letting folks know that Outlook users will need to use another SMTP provider or set up an SMTP relay that handles the OAuth2 side. (For example, I switched to Gmail for sending my SMTP mail.)

@ArthurHuyghe commented on GitHub: From what I can tell, OAuth2 for SMTP is still pretty rare in the homelab/self-hosted world. Besides the services mentioned above, I also found Thunderbird, Mutt, and a few other email related tools that support it — but that’s about it. For now, it might make sense to park this feature and see if it gains more traction over time. In the meantime, it could help to add a note in the docs letting folks know that Outlook users will need to use another SMTP provider or set up an SMTP relay that handles the OAuth2 side. (For example, I switched to Gmail for sending my SMTP mail.)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label open to pull requests
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id#249
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?