Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Apache Nifi IMAP/POP3 authentocation Error

Labels:
avatar
author-rank PriyankaMondal
Contributor

Created ‎01-08-2025 01:33 AM

Hi Team,

I am getting Authentication Error in ConsumeIMAP 1.23.2and ConsumePOP3 1.23.2 processor. Details are descrideb as below:
Hostname : outlook.office365.com

Port : 995( For POP3)/993 (For IMAP)

Autherization Mode : OAUTH2 (Also Manually verified using the details of autherization serverURL and clientID/Secret, it has all relevant access to generate token)

Error Details:

ConsumePOP3[id=x3603x64-5f1c-1219-xxxx-xxxx34ffc1] Processing failed: org.apache.nifi.processor.exception.ProcessException: Failed to receive messages from Email server: [javax.mail.AuthenticationFailedException - Read timed out - Caused by: javax.mail.AuthenticationFailedException: Read timed out

 

200 Views
0 Kudos
0
1 REPLY 1

avatar
author-rank Shelton
Master Mentor

Created on ‎03-21-2025 12:16 PM - edited ‎03-21-2025 02:37 PM

@PriyankaMondal 
Looking at your error message log, I can see you're experiencing authentication timeouts with ConsumeIMAP and ConsumePOP3 processors when connecting to Microsoft Office 365 services.
Possible Blockers
Timeout Issue
The primary error is "Read timed out" during authentication, which suggests the connection to Office 365 is being established but then timing out during the OAUTH2 handshake.
Microsoft 365 Specific Considerations
Microsoft has specific requirements for modern authentication with mail services and has been deprecating basic authentication methods.
Processor Configuration
Using OAUTH2 authentication mode, is correct for Office 365, but there may be issues with the token acquisition or timeout settings.

Possible solutions
1. Check timeout settings

Spoiler
# Add these properties to your processor configuration
mail.imap.connectiontimeout=60000
mail.imap.timeout=60000
mail.pop3.connectiontimeout=60000
 .pop3.timeout=60000

2. Verify Modern Authentication settings
Ensure the account has Modern Authentication enabled in Microsoft 365 Admin Center
Verify the application registration in Azure AD has the correct permissions

  • IMAP.AccessAsUser.All for IMAP
  • POP.AccessAsUser.All for POP3
  • offline_access scope for refresh tokens

3. Update NiFi Mail Libraries
NiFi's default JavaMail implementation might have compatibility issues with Office 365. Try:

  • Updating to the latest version of NiFi (if possible)
  • Or add Microsoft's MSAL (Microsoft Authentication Library) JAR to NiFi's lib directory

4. Use a Custom SSL Context Service

Microsoft servers might require specific TLS settings

Spoiler
# Create a Standard SSL Context Service with:
Protocol: TLS
# Add to Advanced Client settings for the processor

5. Alternative Approach: Use Microsoft Graph API

Since Microsoft is moving away from direct IMAP/POP3 access, consider:

  • Using InvokeHTTP processor to authenticate against Microsoft Graph API
  • Use the Graph API endpoints to retrieve email content

6. Check Proxy Settings

If your environment uses proxies

Spoiler

# Add these properties
mail.imap.proxy.host=your-proxy-host
mail.imap.proxy.port=your-proxy-port
mail.pop3.proxy.host=your-proxy-host
mail.pop3.proxy.port=your-proxy-port

7. Implementation Steps

  1. Update the processor configuration with extended timeout values
  2. Verify OAuth2 settings in the processor match exactly with your Azure application registration
  3. Check Microsoft 365 account settings to ensure IMAP/POP3 is enabled with Modern Authentication

Consider implementing a token debugging flow using InvokeHTTP to validate token acquisition separately

Happy hadooping 

 

29 Views
0 Kudos
Announcements
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements