curl / Mailing Lists / curl-library / Single Mail


Connecting to a POP3 Exchange Server shared mailbox

From: Nick Cartwright <>
Date: Thu, 30 Mar 2017 17:48:05 +0100


On my exchange server, I have 3 Exchange shared mailboxes which are
accessed via a service account.

I would like to use libCURL to have my POP3 client application connect to a
shared mailbox to retrieve messages. I.e. I want to be able to specify the
mailbox alias along-with the service account credentials when
authenticating to the POP3 server.

On that basis, I am attempting to understand whether there is a
login/connection option in libCURL which would enable my application to
incorporate an Exchange shared mailbox alias into the POP3 connection

Further information:

· The POP3 server is transmitting a SASL PLAIN capability

· Consequently, my POP3 client application is attempting to
authenticate via AUTH PLAIN.

· As part of the AUTH PLAIN authentication method libCURL is base
64 encoding the connection string as per the POP3 protocol.

· I have found that if the encoded username contains
domain\username there is no problem but when domain\username\mailbox is
used the Exchange server rejects it. I have tried many different formats
for encoding domain\username\mailbox, all of which have failed.

· Having looked at the curl code
[Curl_auth_create_plain_message()], the string that is supplied to the Base
64 encoding would appear to take the form username\0username\0password. My
testing via Open SSL has shown that the following is needed:
mailboxalias\0username_at_domain\0password. Question is how to achieve the
same via libCURL?

Alternatively, I’ve also seen in tests that I can successfully incorporate
a mailbox alias when authenticating via the USER/PASS method (over an SSL
connection). However because my POP3 Server is transmitting a SASL PLAIN
connectivity, my client is using AUTH PLAIN and the USER/PASS method does
not get a look in as it is subject to a coded precedence order in libCURL
[pop3_perform_authentication()]. Rightfully SASL PLAIN is taking
precedence by default.

So, as an alternative is there a way of having lib CURL alter the
precedence which would allow my client to select USER/PASS as the
authentication method? I’ve tried various things in an attempt to ensure
that AUTH PLAIN is not used but none have worked e.g.

curl_easy_setopt(m_Curl, CURLOPT_LOGIN_OPTIONS, "AUTH=NLTM"); // SASL NLTM

curl_easy_setopt(m_Curl, CURLOPT_LOGIN_OPTIONS, "AUTH=+APOP"); // APOP

Any help is greatly appreciated

Kind Regards


Received on 2017-03-30