Difference between revisions of "EmailAutoDiscover"

http://www.andrewyager.com/blog/2008-09-13/outlook-2007-email-autodiscovery-php-server

http://www.winblogs.net/index.php/2012/08/07/autodiscover-with-smartermail-or-any-other-mail-server/

https://github.com/jamesiarmes/php-ews/wiki/Autodiscovery

http://technet.microsoft.com/en-us/library/cc511507%28v=office.14%29.aspx#AutodiscoverXMLSchema

https://bugzilla.mozilla.org/show_bug.cgi?id=521538

http://www.emaildiscussions.com/showthread.php?t=62769

Hostnames required

In the following examples, $maildomain is the domain from the email address being configured. $securedomain is a host or domain that we have an SSL certificate for. Due to the way the autodiscover works, autodiscover.$hostdomain needs to have a different IP to $securedomain

autoconfig.$hostdomain should be an IP that has no HTTPS service. $securedomain doesn't have to contain $hostdomain or $maildomain

autoconfig.$maildomain (CNAME to autoconfig.$hostdomain)

• Used by Thunderbird to configure email. You can configure custom mail server names using a script to query the email address.
• SSL certificate not required for this hostname.

autodiscover.$maildomain (CNAME to autoconfig.$hostdomain)

• Use a CNAME in $maildomain for autoconfig.$customerdomain pointing to autodiscover.daily.co.uk
• IP address must NOT allow access via HTTPS so that it uses http and follows redirect to $securedomain without giving an SSL warning.
• SSL certificate not required for this hostname.

$securedomain is for after the redirect

• No CNAME required for this one, but SSL certificate is required.

$maildomain DNS

autoconfig         IN CNAME  autoconfig.$hostdomain.
autodiscover       IN CNAME  autoconfig.$hostdomain.
_autodiscover._tcp IN SRV    0 1 80 autoconfig.$maildomain.

There are other SRV records which may be setup as per RFC 6186.

_imap._tcp         IN SRV    10 1 143 imap.$hostdomain.
_imaps._tcp        IN SRV    0 1 993 imap.$hostdomain.
# pop3 has a higher priority value which results in imap being preferred
_pop3._tcp         IN SRV    10 1 110 pop.$hostdomain.
_pop3s._tcp        IN SRV    10 1 995 pop.$hostdomain.

_submission._tcp   IN SRV    0 1 587 mail.$hostdomain.

In the event that POP3 and IMAP are not available (e.g SSL variants only), use something like the following:

_imap._tcp         IN SRV    0 0 0 .
_pop3._tcp         IN SRV    0 0 0 .

There is no evidence that any clients use these SRV records yet.

Windows Outlook 2007/2010/2013

Outlook 2010

1. Query https://autodiscover.$maildomain/autodiscover/autodiscover.xml (this needs to fail because https blocked)
2. Query http://autodiscover.$maildomain/autodiscover/autodiscover.xml
3. Get redirected to https://$securedomain/autodiscover/autodiscover.xml
4. Prompts for allowing that url to configure mail client

For example, if we have an SSL certificate for www.bocks.com, we can setup a redirect for https://www.bocks.com/autodiscover/autodiscover.xml and Outlook will ask user if they wish to allow www.bocks.com to configure their email settings.

Thunderbird (Windows, Mac and Linux)

1. Query http://autoconfig.$maildomain/mail/config-v1.1.xml
2. If not found, none of the other things in the list of checks that it performs apply so autoconfig fails.

Apple Mail and iOS

Requires generation of a .mobileconfig file containing the settings. This has to be downloaded via web browser to the mobile device or Mac.

Outlook for Mac

Unable to get this working.