How do I change the user agent of K-9 Mail's IMAP client on Android?

Question

I'm trying to use k-9 mail on android to connect to my organization's IMAP server which is being run as an outlook.office365.com service. As I'm sure many of you know, Microsoft recently turned off Basic Authentication which is how I previously connected. While this no longer works, I should be able to use OAuth2 which is supported by both server and client.

However, when connecting and then authenticating I then get the following error.

I should note, I am able to use the OAuth2 authentication in Thunderbird on Linux. Since, IMAP is the actual protocol being used in both cases, I'm guessing that the only difference is the "User Agent" string being sent to the server in the android case.

How do I configure K-9 to use the same user agent string as I see sent from my Linux machine?

Which K9 version you use? `https://www.ghacks.net/2022/07/08/k-9-mail-future-thunderbird-for-android-adds-oauth-2-0-support/` — K-attila-, Apr 12 '23 at 08:21
And you follow these steps? https://forum.k9mail.app/t/how-do-i-add-an-office365-account/5072 — K-attila-, Apr 12 '23 at 14:49
@K-att- yes the problem is that the application isn't approved on the server so I want to spoof the user agent string which is the only way the server knows "what" is connecting — user1794469, Apr 12 '23 at 20:02
Oh, I understand. You want to break the oauth2 system. I think it is a bad idea. — K-attila-, Apr 13 '23 at 08:27
It's hardly breaking oath, the authorization is still legit. — user1794469, Apr 13 '23 at 20:28

score 5 · Answer 1 · answered Apr 17 '23 at 05:58

I should note, I am able to use the OAuth2 authentication in Thunderbird on Linux. Since, IMAP is the actual protocol being used in both cases, I'm guessing that the only difference is the "User Agent" string being sent to the server in the android case.

No, it's not. The initial authentication stage here is not done via IMAP at all – you're seeing a web page that's served via HTTP, specifically OAuth2 via HTTP. The app will only start speaking IMAP once it has received an "access token" from the OAuth2 server.

In OAuth2, different clients are distinguished not by any HTTP-level headers, but by their OAuth2 "client ID" and often a "client secret" which are sent inside the OAuth2 HTTP requests. (The actual HTTP "User-Agent" probably just says "Chrome on Android" at this point.)

To make K-9 pretend to be Thunderbird, you would need to extract the client ID and client secret that Thunderbird uses (e.g. find it somewhere online), fill it in in K-9's source code, then compile your customized copy of K-9. (Note that as the resulting .apk won't be signed by the same key as the original Store version, it will not be able to share settings with the original K-9.)

Before doing so, consider just talking to your organization's sysadmins.

Thanks! Can you elaborate on what you mean by "it will not be able to share settings with the original K-9"? — user1794469, Apr 19 '23 at 23:29
If you already have K-9 installed from Play Store with some other accounts configured, you will need to uninstall it first, clearing all of its current configuration, before installing your modified version (as their signing keys will be different) – _or_ compile K-9 with a different name so that they would install as two separate apps side-by-side. — u1686_grawity, Apr 20 '23 at 04:16

How do I change the user agent of K-9 Mail's IMAP client on Android?

1 Answers1