Gmail Question

[mcrossley]

Google are removing the ability for third party apps to send emails via Gmail using simple username/password authentication this year.

There are two solutions to this:

1. Use the Gmail client authentication via an interactive browser login
2. Use a totally background authentication mechanism, but this requires some fiddly user setup in the Google API page to create an endpoint for the connection.

The first option means that the user will interactively authenticate to Google using a browser, Cumulus should then be able to cache the credentials and carry-on using Gmail in the background, but the connection may need re-authenticating periodically. This does mean that you would have to run Cumulus on a machine that has both a GUI and a browser available.

The second option requires you the user to set-up some API access credentials in the Google API under your user account. This is non-trivial, and whilst I managed to get it working at one point, I have failed on a subsequent attempt!

It looks to me like option 1 is the least worst option?

[SamiS]

Do you have a source for that information of removal? The article I found, specifically says tha application passwords will remain usable (under Scanners & other devices 3rd option).

https://support.google.com/a/answer/14114704?hl=en

The article is for google workspaces, but I would assume it covering basic gmail also.

Edit. To be clear, app password is a different password that you create from your account settings, and it cannot be used to login to your account for other than a specific use like smtp.

[HansR]

Hmmm... and using another mail (e.g. from my provider) and then have it forwarded to my gmail which takes care of whatever check they want to do? It is just another forward in the email isn't it?
That should work shouldn't it?

I would make a specific email only for CMX with un/pw, so what could happen if that one gets hacked?

[SamiS]

Hmmm... and using another mail (e.g. from my provider) and then have it forwarded to my gmail which takes care of whatever check they want to do? It is just another forward in the email isn't it?
That should work shouldn't it?

I would make a specific email only for CMX with un/pw, so what could happen if that one gets hacked?

If you have some other smtp server to use than gmail, then of course you could use it. Of course it also must have a valid sender address/domain, spf records etc so it will go through spam filters. Point being you cannot send from your provider’s server and still use something@gmail as sender address. Receipient you can choose of course.

[SamiS]

More info about Gmail App Passwords.

https://support.google.com/mail/answer/185833?hl=en

[mcrossley]

Ah, I missed the bit about app passwords remaining active. As you were then! You already have to use app passwords with Gmail and MX.

[ConligWX]

Mark

Google seems to be scaling down on all sorts. I am guessing to save money and support staff.

Gmail Auth password for future accounts going.

Google One is loosing its VPN.

Google Domains which was serious cheap and allowed dnssec and dynamic DNS using the same protocol as dyndns has just about ended and are moving account registration to Squarespace that only do registration but not dyndns.

My own conligwx has yet to be moved and my new dynamic DNS needs to kick in.