[conspire] (forw) Re: [Golugtech] Fw: [Alpine-info] O365 XOAUTH2 via fetchmail

Akkana Peck akkana at shallowsky.com
Fri Apr 22 17:38:35 PDT 2022 

Rick Moen writes:
> Online, I find mention of May _30th_ as the cutoff date.
> https://support.google.com/accounts/answer/6010255
> 
> I look forward to seeing what Akkana suggests.  Google's "exceptions to
> verification requirements" documentation may be of interest.
> https://support.google.com/cloud/answer/9110914#exceptions-ver-reqts&zippy=

OAuth2 is really the only likely looking option. It doesn't look
like verification is a problem if each user (me, Alex) is willing to
jump through the OAuth hoops separately. Assuming you can get them
to work, that is, which I haven't.

> For security purposes, GMail's data is considered within a "restricted
> scope" (as opposed to a "sensitive scope" or the scope of "all apps") as
> to the requirements imposed on "app requests".  Apps reaching into 
> "restricted scope" data must meet all requirements for apps requesting
> sensitive scopes, and also some additional requirements.  See prior URL
> for details.

Under the Exceptions, note the first two: Personal use (under 100
users, all personally known to you) and Development/testing (which
holds as long as you don't click Publish on your app page).
So I think that's not a big problem (again, assuming ...)

> I tell you, Alex (and Akkana), this _sort_ of thing is rather difficult
> to distinguish from the Googlers passive-aggressively saying "We'd
> rather you not use your own code, and stick with Google's own hosted
> proprietary software only".

I absolutely think that's what's going on, and that's why they don't
keep maintaining any of this stuff and it's always breaking.

[story about replacing gmail as domain contact address]
Now that you mention it, I do use gmail for the purpose you
describe: an out of band domain contact address if something goes
wrong with my domain.

> And it's really nice to be able to automate checking of that IMAP
> mailbox, without having to outsource to any complicated Google Cloud,
> Google Workspace, Google API, or other ridiculously baroque corporate 
> proprietary crud.  All I needed was just a little tweak to my mutt
> config.  Done.

I have a mutt config for gmail/IMAP too, but of course, as with
msmtp, it uses a password and thus requires the whole "less secure
apps" dance any time I want to use it. It would be a lot easier on
a normal mail server. But I have gmail forward to my regular email
address, so I don't normally need to check the gmail inbox at all.

        ...Akkana

More information about the conspire mailing list