Oauth2 email proxy for legacy email clients

My friend likes to use a legacy email client (it’s actually mailnag, so just a notifier).
The problem is that ultra-modern-big-tech-corps do their best to involve complex web technologies into simple email technology, so they invented oauth then oauth 2.0.

This makes simple things complex.

I found a project on github, it’s a local proxy to add oauth to simple email clients data flow, so theoretically any legacy email-thingie can be used with todays ultra-modern-over-complicated email providers:

My firend uses a yahoo account.
I created a script, that installs this thing for him, and preconfigures some settings.

I added some comments here, and translated messages to english:

#!/bin/bash
cd ~
echo "download oauth proxy-t:"
wget https://github.com/simonrob/email-oauth2-proxy/archive/refs/tags/2022-12-14.zip
echo "extract it:"
unzip 2022-12-14.zip
cd email-oauth2-proxy-2022-12-14
chmod +x emailproxy.py
echo "to install dependecies of the proxy we need to do some sudo, enter password if required:"
sudo  bash << EOF
apt install pip -y
pip install -r requirements.txt
echo "tuning mailnag, so it starts slower:"
if [[ ! -f "/usr/bin/mailnag.bin" ]]; then
    mv /usr/bin/mailnag /usr/bin/mailnag.bin
    cat <<_EOFm >/usr/bin/mailnag
#!/bin/bash
#20 seconds startup delay for mailnag to make sure the proxy is up and running
sleep 20
/usr/bin/mailnag.bin &
_EOFm
else 
echo "no need to tune mailnag, it is already done"
fi

EOF
#end of things done with sudo

#create a dir for the proxy in users dir and copy it there:
mkdir ~/.local/Oauthproxy
cp emailproxy.py ~/.local/Oauthproxy/

# create the config file for the proxy
# it contains only entry for yahoo, uses external authorization
# makes the proxy introduce itself to yahoo as fair email app
# the local proxy will listen on port 2993 for IMAP 2465 for SMTP

cat <<_EOF1 >~/.local/Oauthproxy/emailproxy.config
[Email OAuth 2.0 Proxy configuration file]

[Server setup]

[IMAP-2993]
server_address = imap.mail.yahoo.com
server_port = 993

[SMTP-2465]
server_address = smtp.mail.yahoo.com
server_port = 465

[Account setup]

[Advanced proxy configuration]

[emailproxy]
delete_account_token_on_password_error = True
encrypt_client_secret_on_first_use = False
allow_catch_all_accounts = True

[@yahoo.com]
permission_url = https://api.login.yahoo.com/oauth2/request_auth
token_url = https://api.login.yahoo.com/oauth2/get_token
oauth2_scope = mail-w
redirect_uri = https://oauth.faircode.eu/
client_id = dj0yJmk9SWtNZm1vUFc2THJDJnM9Y29uc3VtZXJzZWNyZXQmc3Y9MCZ4PWRi
client_secret = 261a91fbbdb2852c4e80fdd3d1db4a8ebfa4c42b
_EOF1


echo "create an autostart entry for the proxy..."

cat <<_EOF2 > ~/.config/autostart/ac2.robinson.email-oauth2-proxy.desktop 
[Desktop Entry]
Type=Application
Name=Email OAuth 2.0 Proxy
NoDisplay=true
Comment=
RunHook=0
_EOF2

echo "Exec=/usr/bin/python3 $HOME/.local/Oauthproxy/emailproxy.py --external-auth" >> ~/.config/autostart/ac2.robinson.email-oauth2-proxy.desktop

echo "install done"

Generally this thing works as expected, but every now and then, the config file gets empty. Say once a week, and when this happens, the config file has to be recreated, and a new oauth token has to be received from yahoo.
Recently we made the config file immutable, so it’s impossible to overwrite.
So the config file stays, still there are problems with login once a week (random recurring, so not like every wednesday 19:45 or such…)
I’m not sure if yahoo itself messes with my friend, or there’s a local problem on his (from me very remote :slight_smile: ) computer which I cannot spot.
I’d like to put this thing into the sight of the community, so if I made something wrong in my script, maybe I missed something important, some of you may spot it.
Or just try the thing. I have set up the proxy in a VM for my test account I made at yahoo. I can’t reproduce the recurring login problems.
Any help appreciated.
Thanks in advance.

2 Likes