IMAP API is a self hosted application for accessing IMAP accounts over REST API. IMAP API daemon connects to user’s IMAP account, translates API requests to IMAP and also sends webhooks for changes like new or deleted emails.
Via cron.weekly
A rather geeky/technical weblog, est. 2001, by Bramus
IMAP API is a self hosted application for accessing IMAP accounts over REST API. IMAP API daemon connects to user’s IMAP account, translates API requests to IMAP and also sends webhooks for changes like new or deleted emails.
Via cron.weekly
Today I needed to debug an IMAP problem. I got reports from a user (whose password I recently rotated) that Outlook wouldn’t connect, even though they had updated the password in Outlook’s settings. Checking things on the server I noticed that the connection to the server was made, but the login attempt always failed.
As I didn’t want to add the account to my local mail client I resorted to the almighty curl
to test the new password. Below is how I did that.
🤬 To jump ahead: Eventually it turned out that the newly entered password in Outlook was correct but that Outlook basically ignores it when adjusting it from its settings window. The “correct” way to change a password in Outlook is to go to the Control Panel instead, and change it from there (in a window that is basically the same as Outlook’s). Makes sense … NOT!
~
Depending of whether you’re using a secured connection or not, use one of these:
Non-secured IMAP connection (port 143
):
curl -v imap://user:password@mailserver.tld/INBOX?NEW
Secured IMAP connection (port 993
)
curl -v imaps://user:password@mailserver.tld/INBOX?NEW
After successfully logging in, you should see output similar to this:
* Trying XXX.XXX.XXX.XXX...
* TCP_NODELAY set
* Connected to domain.tld (XXX.XXX.XXX.XXX) port 993 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: OU=Domain Control Validated; OU=PositiveSSL; CN=domain.tld
* start date: Sep 4 00:00:00 2019 GMT
* expire date: Sep 3 23:59:59 2020 GMT
* subjectAltName: host "domain.tld" matched cert's "domain.tld"
* issuer: C=US; ST=TX; L=Houston; O=cPanel, Inc.; CN=cPanel, Inc. Certification Authority
* SSL certificate verify ok.
< * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> A001 CAPABILITY
< * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ AUTH=PLAIN AUTH=LOGIN
< A001 OK Pre-login capabilities listed, post-login capabilities have more.
> A002 AUTHENTICATE PLAIN dXNlcm5hbWU6cGFzc3dvcmQ=
< * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY NAMESPACE LITERAL+ NOTIFY SPECIAL-USE COMPRESS=DEFLATE QUOTA
< A002 OK Logged in
> A003 SELECT INBOX
< * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
< * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
< * 3270 EXISTS
< * 0 RECENT
< * OK [UNSEEN 3256] First unseen.
< * OK [UIDVALIDITY 1325596071] UIDs valid
< * OK [UIDNEXT 67684] Predicted next UID
< * OK [HIGHESTMODSEQ 68768] Highest
< A003 OK [READ-WRITE] Select completed (0.074 + 0.000 + 0.073 secs).
> A004 SEARCH NEW
< * SEARCH
* SEARCH
< A004 OK Search completed (0.009 + 0.000 + 0.008 secs).
* Connection #0 to host domain.tld left intact
> A005 LOGOUT
< * BYE Logging out
< A005 OK Logout completed (0.001 + 0.000 secs).
* Closing connection 0
~
If the username you are testing contains an @
, you must use its urlencoded counterpart %40
.
Alternatively you can also pass in the username:password combination separately using the -u
flag
curl -v -u 'user:password' imaps://mailserver.tld/INBOX?NEW
~
I don't do this for profit but a small one-time donation would surely put a smile on my face. Thanks!
To stay in the loop you can follow @bramus or follow @bramusblog on Twitter.
As I’m quite a digital nomad myself I need to have access to my inbox and mail archive from any place (and with that, any system – be it my macbook, my pc, my gf’s pc, an internetcafé, etc.) at any time. Next to that issue I want to have lots of space (my mail archive already is a whopping 1.2 GiBi … after having cleaned it out!), good spam filters, one interface/app to rule them all (viz. one interface/app to manage my mail on ALL my mail addresses) and – most importantly – support for labels (aka tags).