Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

PHP IMAP Exchange Issue

So I have a little problem with a PHP script I'm currently writing. To start off, let me say the script is supposed to connect to an IMAP mailbox, search for some emails and download their attachments. All of this is already coded and is working with my own gmail account. The problem arise when I try and connect to an exchange server. Short code excerpt :

$mbox = imap_open($host, $login, $password);
echo '<br/>' . imap_last_error() . '<br/>';
$emails = imap_search($mbox, 'FROM "[email protected]"', SE_UID);

I have tried two main $host "version" (with and without SSL) :

1 - {server:993/imap/ssl/novalidate-cert}INBOX 2 - {server:143/imap/novalidate-cert}INBOX

The novalidate-cert deal with a certificate error. I also tried the "notsl" parameters, for both of these, without any noticeable outcome. The error I get is this lovely message, absolutely not cryptic in any way, shape or form :

[CLOSED] IMAP connection broken (server response)

Additionally, I also receive these notices :

Notice: Unknown: Unknown GSSAPI failure: An invalid name was supplied (errflg=1) in Unknown on line 0 
Notice: Unknown: GSSAPI mechanism status: Hostname cannot be canonicalized (errflg=1) in Unknown on line 0 
Notice: Unknown: Retrying PLAIN authentication after AUTHENTICATE failed. (errflg=1) in Unknown on line 0 
Notice: Unknown: Retrying PLAIN authentication after AUTHENTICATE failed. (errflg=1) in Unknown on line 0 
Notice: Unknown: Can not authenticate to IMAP server: AUTHENTICATE failed. (errflg=2) in Unknown on line 0 
Notice: Unknown: [CLOSED] IMAP connection broken (server response) (errflg=1) in Unknown on line 0

The first two especially puzzle me... I did try this script on another server, to make sure the issue was not related to my local network. After a lot of googling around, I only got this : http://www.phpfreaks.com/forums/index.php?topic=190628.0 which seems like a somewhat cumbersome fix.

Any ideas?

like image 997
Afrosimon Avatar asked Apr 28 '11 07:04

Afrosimon


1 Answers

I'm having this same issue, it looks like the errors are being generated because an Exchange server advertises authentication protocols that it does not support (http://vision.eng.shu.ac.uk/mmvlwiki/index.php/Exchange). It also seems like this issue is isolated to linux servers as I have no issues with the exact same code on a Windows box. This has been a longstanding issue and PHP was recently patched (v 5.3.2) to allow you to disable certain authentication protocols (http://php.net/manual/en/function.imap-open.php). The below code works intermittently for me:

$this->inbox = imap_open("{server:993/imap/ssl/novalidate-cert}$inbox", 
                           $username, $password, NULL, 1, 
                           array('DISABLE_AUTHENTICATOR' => 'PLAIN')) or 
                   die(var_dump(imap_errors()));

This also works intermittently:

$this->inbox = imap_open("{server:993/imap/ssl/novalidate-cert}$inbox", 
                           $username, $password, NULL, 1, 
                           array('DISABLE_AUTHENTICATOR' => 'GSSAPI')) or 
                   die(var_dump(imap_errors()));

SO I ghetto rigged this it does seem to work...although it has the potential for an endless loop/DOS attack on my company's exchange server but /care

Hopefully there is a better solution, but this should help:

$tryCnt = 0;

while(!is_resource($this->inbox)){

    $this->inbox = imap_open("{server.com:993/imap/ssl/novalidate-cert}$inbox", 
                               $username, $password, NULL, 1, 
                               array('DISABLE_AUTHENTICATOR' => 'GSSAPI'));
    $tryCnt ++;

    if(!is_resource($this->inbox)){

        $this->inbox = imap_open("{server.com:993/imap/ssl/novalidate-cert}$inbox", 
                                   $username, $password, NULL, 1, 
                                   array('DISABLE_AUTHENTICATOR' => 'PLAIN'));
        $tryCnt ++;

    }

    if($tryCnt > 20){

        echo "Cannot Connect To Exchange Server:<BR>";
        die(var_dump(imap_errors()));

    }    
}
like image 119
Dave Lasley Avatar answered Oct 13 '22 03:10

Dave Lasley