M1XEP with Office 365 - why won't it work?

[Linwood]

I know it is documented as not working.
 
I can confirm it doesn't work.
 
Has anyone dug into why, to know if there are workarounds?    I did a packet capture, and it just gives a "handshake failure" in the initial TLS dialog.  It doesn't seem to like what Microsoft sends back.  I don't know TLS well enough to have a clue, but didn't see anything unusual in what Microsoft sent back.
 
I can use gmail, but gmail requires "less secure apps" setting and I have no idea what else that may bring, so I hate doing that.  I may set up a separate account somewhere else for this.
 
But... is this a Microsoft issue?   Are they doing something non-standard?   While I have all the pull of an ant with an elephant (actually less), I'd love to at least be one more voice pushing Microsoft if they are the bad guy in this.
 
But if Elk is... any word if they are planning to address it? 
 
This is 2015 ... encrypted connections for email really shouldn't be rocket science any more.  This stuff should just work.
 
 
 

 

[drvnbysound]

I know nothing about the Microsoft 365 offering you mentioned, but the M1XEP should work fine with the SSL Gmail settings found here (middle column for Gmail SMTP Server):
https://support.google.com/a/answer/176600?hl=en
 
I use VERY similar settings with my own shared hosting service, also using SSL port 465.
 
Understand that to get SSL email working, you do need the latest firmware loaded on the XEP.

 

[tmbrown97]

^^ But with the latest firmware, I believe you lose the built in web page in the XEP that allows direct control.
 
Microsoft and GMail are pretty similar in their Authenticated and Encrypted SMTP.  As far as that "Less Secure Apps" setting, you should be fine with that... that's required by Google to access it from most other sources other than gmail directly.

 

[drvnbysound]

^^ But with the latest firmware, I believe you lose the built in web page in the XEP that allows direct control.

 
Yes, that's true.
 
I only RARELY used it before. If I need "remote connectivity" now I just load eKeypad and do whatever from my phone/tablet.

 

[RAL]

Not sure if this might be the source of the problem or not, but my understanding is that the M1XEP v2 firmware only supports SSL 3.0.  Unfortunately, SSL 3.0 has some known security flaws and the world has been migrating to TLS for a while now.  According to Microsoft, Windows 365 uses TLS 1.2 and MS disabled support for SSL 3.0 last December.

 

[Linwood]

First, it worked fine for me with gmail once I told gmail to permit "less secure apps".  I think these are any not using oauth, so tsl apparently for gmail qualifies as less secure.  Regardless, it worked without issue on gmail.
 
Office 365 does not support SSL 3.0 but does support TSL 1.  Whether there's a 1 vs. 1.2 issue not sure, but the rejection of the connection comes from the XEP not from Microsoft, so Microsoft was happy with the initial connection data, it was the response back that caused the XEP to reject it.
 
This is perhaps more curiosity than need since I have gmail working.  I was hoping some who have sniffed out the activity might have some insight, if for no other reason just to know if the issue lies with ELK or with Microsoft. 
 
I don't use the built in web browser; for external access I use the old Android app which works fine, and will likely have to buy the new one if I upgrade the phone soon, but that's all OK.  Indeed the upgrade to the new firmware worked flawlessly, retained all my settings, etc.