Sep 30

MailBot has been updated to version 16.54.

OAuth2 logo

Since September 20, 2024, Microsoft has almost completely disabled authentication via regular password (PLAIN method) on its IMAP, SMTP and POP3 servers, leaving only the OAuth2 option (XOAUTH2 method). As of today, only a few servers remain unpatched, and it is almost impossible to authenticate with a regular password on Outlook mail servers.

If you try to authenticate with a regular password, for example, the Outlook SMTP server will respond with this error:

535 5.7.139 Authentication unsuccessful, basic authentication is disabled.

and the Outlook IMAP server will respond with this one:

001 NO AUTHENTICATE failed.

To some extent, this also affected MailBot, since the verification of recovery emails in the program is carried out via the IMAP protocol.

In connection with this, a new setting “Authentication” appeared in the recovery email source settings window in MailBot, which is a list with two values:

  • Plain password
  • OAuth2

New authentication method setting for IMAP in MailBot

When connecting Outlook accounts as recovery emails, you now need to select only OAuth2, and the format of the recovery emails in the file should look like Read more »

tavel \\ , , , , , , , , , , , , , ,

Aug 23

MailBot has been updated to version 16.42.

OpenSSL logo

The project migrated to the OpenSSL v3 library, and TLS 1.3 support was added. At the very least, this sped up network performance.

Attention! When updating to version 16.42, you must copy the new files libcrypto-3.dll and libssl-3.dll from the downloaded archive to the same folder where the MailBot.exe file is located.

CrazyToken logo

Implemented support for the CrazyToken API, a service for solving FunCAPTCHA.

The service solves FunCAPTCHA for $1.2 per 1000 solutions. Solution speed is 1 second.

Outlook

Implemented:

  • FunCAPTCHA solution before sending SMS to phone number when unlocking accounts
  • handling of the ErrMaximumOTTDailyError error when unlocking an account
  • handling of the Try another verification method error when creating an account by phone number
  • handling of error 429 Too Many Requests after sign in request

Fixed:

tavel \\ , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Nov 06

MailBot has been updated to version 15.68.

Outlook/Hotmail

Activation of two-factor authentication (2FA) in accounts via TOTP has been implemented. After successful activation, a secret key will be stored along with the account data, which has the following form: 3hmkerjjj6cw7kfi3

It is absolutely not necessary to use the Microsoft/Google Authenticator app to get the code from this key, on the “Email features” tab in MailBot there is a completely similar code generator, which opens by clicking on the “TOTP…” button.

Without a secret key, it will still be possible to get into the account using, for example, a recovery email, in this case you need to click on the “Sign in another way” link on this form:

Prompt for TOTP code when logging into Outlook account with two-factor authentication enabled

Despite this, it is strongly not recommended to uncheck the “OTP secret key” box on the “Export” tab, since TOTP is the fastest and most stable confirmation method.

The checker can now also bypass 2FA via TOTP if the account string has a secret key. If there is no secret key, but there is a recovery email with a password, the checker will still be able to authorize in the account by receiving an email with a confirmation code.

Attention! So far 2FA activation is implemented only after adding a recovery email to the account. Activation after phone number verification is planned in the next versions of MailBot.

Attention! After enabling 2FA in your account, it becomes possible to authorize via POP3/IMAP/SMTP only with app password, so this password is created automatically and saved along with the account data.

The application password looks like this: lbtmyfqaycrgsvxn
It is easy to confuse it with Read more »

tavel \\ , , , , , , , , , , , , , , , , , , ,

Oct 10

MailBot has been updated to version 15.47.

Outlook/Hotmail

Microsoft’s landing page is skipped now in creator and checker when receiving sign up and sign in forms.

This gave the following bonuses:

  1. The speed of work has increased, because Microsoft server that served the landing page couldn’t handle the load on September 13 and often went down, which led to EIdReadTimeout errors.
  2. Internet traffic consumption has decreased, since the landing page is almost 150 KB in size.
  3. Eliminated EFormURLNotFound errors at the stage of receiving sign up and sign in forms.

Fixed the problem of receiving two identical codes in a row from verification emails when adding a recovery email to an account if Rambler mailboxes are used as recovery emails.

Inbox.lv

Verification of the recovery email when creating an account has been implemented:

Verified recovery email in Inbox.lv account

Attention! If the “Verify recovery email” checkbox on the “Recovery email” tab in MailBot is not checked, then accounts Read more »

tavel \\ , , , , , , , , , , , , , , , , , , , , ,

Jun 16

MailBot has been updated to version 15.13.

Due to numerous customers requests, a lot of work has been done on the ability to add and verify recovery emails for accounts.

A list of recovery email sources has appeared on the “Recovery email” tab:

List of recovery email sources in MailBot

Sources can be added, edited, deleted and moved up/down in the list using the buttons located below and to the right of the list.

In the edit window of the recovery email source, you must specify its name displayed in the list, the path to the file with the list of recovery emails with passwords in email:password format, as well as Read more »

tavel \\ , , , , , , , , , , , , , , , , ,