[GH-ISSUE #1041] [Feature] Support SMTP XOAuth2 authentication, such as Outlook #709

New issue

Open

opened 2026-03-03 01:05:23 +03:00 by kerem · 4 comments

kerem commented 2026-03-03 01:05:23 +03:00

Owner

Copy link

Originally created by @nkguo on GitHub (Nov 14, 2025).
Original GitHub issue: https://github.com/certimate-go/certimate/issues/1041

软件版本 / Release Version

v0.4.4

缺陷描述 / Description

在通知渠道中添加SMTP邮件通知，如果配置outlook的 SMTP服务，勾选SSL/TLS发件会提示tls: first record does not look like a TLS handshake，如果不勾选SSL/TLS会提示504错误。

复现步骤 / Steps to reproduce

1. 点击菜单授权凭证
2. 选择通知授权
3. 点击新建授权
4. 选择邮件（SMTP）
5. 填写SMTP 服务器：smtp-mail.outlook.com
6. 输入端口：587
7. 勾选SSL/TLS
8. 填写其他选项
9. 提交
10. 测试通知
11. 提示错误：tls: first record does not look like a TLS handshake
12. 取消勾选SSL/TLS并保存
13. 测试通知，提示：504错误

日志 / Logs

#hA5U5sElLDXjqOHR4DrEZ 开始
[2025-11-14 15:16:56]
the workflow is starting
#qzBCImAEWRJHDGhjtYyTk 通知
[2025-11-14 15:16:56]
ready to send notification ...
config:
{"provider":"email","providerAccessId":"b1wrd3ryk130b3z","providerConfig":{"receiverAddress":"pw_guo@hotmail.com"},"subject":"Test","message":"TTTTTTTT","skipOnAllPrevSkipped":false}
[2025-11-14 15:16:56]
could not send notification
[2025-11-14 15:16:56]
tls: first record does not look like a TLS handshake

其他 / Miscellaneous

No response

贡献 / Contribution

• 我乐意为此贡献 PR！ / I am interested in contributing a PR for this!

Originally created by @nkguo on GitHub (Nov 14, 2025). Original GitHub issue: https://github.com/certimate-go/certimate/issues/1041 ### 软件版本 / Release Version v0.4.4 ### 缺陷描述 / Description <img width="732" height="915" alt="Image" src="https://github.com/user-attachments/assets/a210b43c-1efb-45c3-a73e-ddc298c2fa26" /> 在通知渠道中添加SMTP邮件通知，如果配置outlook的 SMTP服务，勾选SSL/TLS发件会提示tls: first record does not look like a TLS handshake，如果不勾选SSL/TLS会提示504错误。 ### 复现步骤 / Steps to reproduce 1. 点击菜单授权凭证 2. 选择通知授权 3. 点击新建授权 4. 选择邮件（SMTP） 5. 填写SMTP 服务器：smtp-mail.outlook.com 6. 输入端口：587 7. 勾选SSL/TLS 8. 填写其他选项 9. 提交 10. 测试通知 11. 提示错误：tls: first record does not look like a TLS handshake 12. 取消勾选SSL/TLS并保存 13. 测试通知，提示：504错误 ### 日志 / Logs <details> ```console #hA5U5sElLDXjqOHR4DrEZ 开始 [2025-11-14 15:16:56] the workflow is starting #qzBCImAEWRJHDGhjtYyTk 通知 [2025-11-14 15:16:56] ready to send notification ... config: {"provider":"email","providerAccessId":"b1wrd3ryk130b3z","providerConfig":{"receiverAddress":"pw_guo@hotmail.com"},"subject":"Test","message":"TTTTTTTT","skipOnAllPrevSkipped":false} [2025-11-14 15:16:56] could not send notification [2025-11-14 15:16:56] tls: first record does not look like a TLS handshake ``` </details> ### 其他 / Miscellaneous _No response_ ### 贡献 / Contribution - [ ] 我乐意为此贡献 PR！ / I am interested in contributing a PR for this!

kerem added the

enhancement

backlog

help wanted

labels 2026-03-03 01:05:23 +03:00

kerem commented 2026-03-03 01:05:24 +03:00

Author

Owner

Copy link

@fudiwei commented on GitHub (Nov 14, 2025):

不勾选 TLS/SSL，然后试试 465 端口？

<!-- gh-comment-id:3531438631 --> @fudiwei commented on GitHub (Nov 14, 2025): 不勾选 TLS/SSL，然后试试 465 端口？

kerem commented 2026-03-03 01:05:24 +03:00

Author

Owner

Copy link

@nkguo commented on GitHub (Nov 14, 2025):

不勾选 TLS/SSL，然后试试 465 端口？

会一直卡在发送邮件中...

<!-- gh-comment-id:3531631170 --> @nkguo commented on GitHub (Nov 14, 2025): > 不勾选 TLS/SSL，然后试试 465 端口？ <img width="720" height="1315" alt="Image" src="https://github.com/user-attachments/assets/9b152eb3-ba1a-407f-a7f4-22e646fa2216" /> 会一直卡在发送邮件中...

kerem commented 2026-03-03 01:05:24 +03:00

Author

Owner

Copy link

@fudiwei commented on GitHub (Nov 21, 2025):

微软已弃用基本身份认证。

https://learn.microsoft.com/zh-cn/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

目前从 HELO 握手返回的内容来看只支持 XOAuth2 认证，但我没找到相关文档该如何实施。@nkguo 你有用到除微软自家的以外其他的 SMTP 客户端可以正常登录的吗？有的话我研究研究。

<!-- gh-comment-id:3561178142 --> @fudiwei commented on GitHub (Nov 21, 2025): 微软已弃用基本身份认证。 > https://learn.microsoft.com/zh-cn/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online 目前从 HELO 握手返回的内容来看只支持 XOAuth2 认证，但我没找到相关文档该如何实施。@nkguo 你有用到除微软自家的以外其他的 SMTP 客户端可以正常登录的吗？有的话我研究研究。

kerem commented 2026-03-03 01:05:24 +03:00

Author

Owner

Copy link

@nkguo commented on GitHub (Nov 21, 2025):

火狐的Thunderbird开源客户端可以。
官网：https://www.thunderbird.net
源代码：https://releases.mozilla.org/pub/thunderbird/releases/146.0b2/source 你可以研究一下。

查了一下微软现在OAuth2的方式需要用户登录微软账号来获取Token，用Token发邮件。我大概查了一些资料，希望能帮到你：

• https://github.com/Azure-Samples/communication-services-dotnet-quickstarts/blob/main/SendEmail/README.md
• https://learn.microsoft.com/zh-cn/azure/communication-services/quickstarts/email/send-email?tabs=windows%2Cconnection-string%2Csend-email-and-get-status-async%2Casync-client&pivots=programming-language-csharp
• https://learn.microsoft.com/zh-cn/azure/communication-services/quickstarts/email/send-email-smtp/send-email-smtp?source=recommendations&pivots=smtp-method-smtpclient
• https://bbs.ijingyi.com/thread-14846524-1-1.html
• https://stackoverflow.org.cn/questions/64806662?utm_source=chatgpt.com
• https://stackoverflow.com/questions/64806662/using-oauth2-to-send-email-via-office365-c-sharp
• https://github.com/jstedfast/MailKit/blob/master/ExchangeOAuth2.md

<!-- gh-comment-id:3561820426 --> @nkguo commented on GitHub (Nov 21, 2025): 火狐的Thunderbird开源客户端可以。 官网：https://www.thunderbird.net 源代码：https://releases.mozilla.org/pub/thunderbird/releases/146.0b2/source 你可以研究一下。 查了一下微软现在OAuth2的方式需要用户登录微软账号来获取Token，用Token发邮件。我大概查了一些资料，希望能帮到你： > - https://github.com/Azure-Samples/communication-services-dotnet-quickstarts/blob/main/SendEmail/README.md > - https://learn.microsoft.com/zh-cn/azure/communication-services/quickstarts/email/send-email?tabs=windows%2Cconnection-string%2Csend-email-and-get-status-async%2Casync-client&pivots=programming-language-csharp > - https://learn.microsoft.com/zh-cn/azure/communication-services/quickstarts/email/send-email-smtp/send-email-smtp?source=recommendations&pivots=smtp-method-smtpclient > - https://bbs.ijingyi.com/thread-14846524-1-1.html > - https://stackoverflow.org.cn/questions/64806662?utm_source=chatgpt.com > - https://stackoverflow.com/questions/64806662/using-oauth2-to-send-email-via-office365-c-sharp > - https://github.com/jstedfast/MailKit/blob/master/ExchangeOAuth2.md

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

next

archive/v0.3

archive/v0.2

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.24-beta

v0.2.23-beta

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.19

v0.1.18

v0.1.17

v0.1.16

v0.1.15

v0.1.14

v0.1.13

v0.1.12

v0.1.11

v0.1.10

v0.1.9

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

v0.0.1

Labels

Clear labels   

announcement

  

backlog

  

bug

  

declined

  

documentation

  

duplicate

  

enhancement

  

good first issue

  

good first issue

  

help wanted

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

No labels

announcement

backlog

bug

declined

documentation

duplicate

enhancement

good first issue

good first issue

help wanted

invalid

pull-request

question

stale

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/certimate#709

No description provided.