14

The autodiscover method used by Exchange looks great. However I do not have Exchange.

It looks like when setting up a mail account the device/mail client looks for a autodiscover.xml file.

Is there a way to create such a file by myself and serve it on a usual Linux server, pointing to a usual mail Linux server?

SamK
  • 1,326
  • 3
  • 14
  • 28
  • Another reason to configure this is to stop clients from sending sensitive data to autodiscover.tld when setting up an email account for mydomain.tld. While some of these domains are owned by security researchers, other domains of the form autodiscover.tld are owned by unknown parties with unknown intentions. – Joachim Wagner Sep 29 '21 at 13:51

5 Answers5

18

First you will need to tell Outlook where to go. Use an SRV record in DNS that points to the server containing your Autodiscover.xml file:

_autodiscover._tcp.mydomain.com. 3600 IN SRV  10 10 443 my-web-server.mydomain.com.

Use the PHP script here: http://virer.net/info/ol-autodiscover/index.html to return the Autodiscover.xml file to clients. It has some PHP embedded so you can return different values depending on the e-mail address entered into Outlook. (Helpful if you want to use one autodiscover file to return results for multiple domains/clients using one config script).

Once that script is on your webserver and working, make sure you enable HTTPS with a valid certificate so Outlook doesn't throw errors when trying to download it.

Aaron C. de Bruyn
  • 578
  • 10
  • 28
8

Just finished configuring autodiscover on my Linux server. Now mail is setup automatically in almost all possible clients.

Here is an easy solution to setup Autodiscovery with POP3/IMAP settings;

DNS:

_autodiscover._tcp.yourdomain.com. 3600 IN SRV  10 10 443 mail.yourmx.com.

PHP (autodiscover.php):

<?php
preg_match("/\<EMailAddress\>(.*?)\<\/EMailAddress\>/", $data, $matches);

//set Content-Type
header("Content-Type: application/xml");
?>
<?php echo '<?xml version="1.0" encoding="utf-8" ?>'; ?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>POP3</Type>
<Server>mail.yourmx.com</Server>
<Port>995</Port>
<LoginName><?php echo $matches[1]; ?></LoginName>
<DomainRequired>off</DomainRequired>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
<DomainRequired>off</DomainRequired>
</Protocol>
<Protocol>
<Type>IMAP</Type>
<Server>mail.yourmx.com</Server>
<Port>993</Port>
<DomainRequired>off</DomainRequired>
<LoginName><?php echo $matches[1]; ?></LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server>mail.yourmx.com</Server>
<Port>465</Port>
<DomainRequired>off</DomainRequired>
<LoginName><?php echo $matches[1]; ?></LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
<UsePOPAuth>on</UsePOPAuth>
<SMTPLast>off</SMTPLast>
</Protocol>
</Account>
</Response>
</Autodiscover>

.htaccess :

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ autodiscover.php [NC,L]

NB! Remember to get a SIGNED SSL Cert.

Frode Saetre
  • 89
  • 1
  • 1
1

Actually if your clients are Outlook (I'll assume that because you said they are looking up autodiscover.xml) you want to use Guessmart for autoconfiguration if you're using POP/IMAP and SMTP. Guessmart is basically Outlook using your email address and password to try various hostnames using common POP/IMAP/SMTP ports until it finds one it can successfully log into. It's the same user experience in Outlook as Autodiscover but meant for non Exchange servers.

You can test all this in Outlook by ctrl-right-clicking the notification tray Outlook icon and selecting "Test Email Autoconfiguration". Uncheck the Autodiscover and test Guessmart to see how Outlook works.

Bret Fisher
  • 3,963
  • 2
  • 20
  • 25
  • I noticed the autodiscover.xml stuff once. But Thunderbird is trying to "guess" what servers are used for pop/imap as well. Sometimes it guesses it wrong. I think Apple products do it this way too. I would like to know if something standardized exsists for most email clients on the market. Cause people Have no idea and don't care what smtp, pop or imap stands for. Hope it helps. – SamK Mar 08 '11 at 16:59
0

I updated Frode Saetre's solution to work on my server.

DNS: (unchanged)

_autodiscover._tcp.yourdomain.com. 3600 IN SRV  10 10 443 mail.yourmx.com.

PHP (autodiscover.php): (updated)

<?php
$postData = file_get_contents('php://input'); //Autodiscover requests are HTTP posts with XML content
$xml = simplexml_load_string($postData);
$user = $xml->Request->EMailAddress; //copy the email address from the request into a variable

//set Content-Type
header("Content-Type: application/xml");
?>
<?php echo '<?xml version="1.0" encoding="utf-8" ?>'; ?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>POP3</Type>
<Server>mail.yourmx.com</Server>
<Port>995</Port>
<LoginName><?php echo $user; ?></LoginName>
<DomainRequired>off</DomainRequired>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
<DomainRequired>on</DomainRequired>
</Protocol>
<Protocol>
<Type>IMAP</Type>
<Server>mail.yourmx.com</Server>
<Port>993</Port>
<DomainRequired>on</DomainRequired>
<LoginName><?php echo $user; ?></LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<Encryption>Auto</Encryption>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server>mail.yourmx.com</Server>
<Port>587</Port>
<DomainRequired>on</DomainRequired>
<LoginName><?php echo $user; ?></LoginName>
<SPA>off</SPA>
<Encryption>Auto</Encryption> <!-- if your server requires encrypotion other than SSL -->
<AuthRequired>on</AuthRequired>
<UsePOPAuth>on</UsePOPAuth>
<SMTPLast>off</SMTPLast>
</Protocol>
</Account>
</Response>
</Autodiscover>

.htaccess (unchanged)

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ autodiscover.php [NC,L]
-7

No, Autodiscover is specific to Exchange, you won't get that working outside of that environment.

It's not just the .xml file, there are a lot of things at play when it comes to Autodiscover.

To give you some quick background, read through this article, and you will get a better idea of it.

http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/exchange-autodiscover.html

DanBig
  • 11,393
  • 1
  • 28
  • 53