[conspire] (forw) Re: [Golugtech] Fw: [Alpine-info] O365 XOAUTH2 via fetchmail

Alex Kleider alexkleider at protonmail.com
Fri Apr 22 22:32:22 PDT 2022


I have an account with easydns.com and can use them as an MTA but when I last did that, email recipients that had gmail addresses were getting a scary looking warning that didn't occur if I used gmail as the mta.  I'll try esydns again but fear that recipients will just have to put up with the obnoxious (and very colorful as I remember) warning.
If anyone comes up with a work around that is simple enough for me to implement, I'd very much like to hear about it.
Alex



Alex Kleider  (set from my current gizmo)


------- Original Message -------
On Friday, April 22nd, 2022 at 5:38 PM, Akkana Peck <akkana at shallowsky.com> wrote:


> Rick Moen writes:
>
> > Online, I find mention of May 30th as the cutoff date.
> > https://support.google.com/accounts/answer/6010255
> >
> > I look forward to seeing what Akkana suggests. Google's "exceptions to
> > verification requirements" documentation may be of interest.
> > https://support.google.com/cloud/answer/9110914#exceptions-ver-reqts&zippy=
>
>
> OAuth2 is really the only likely looking option. It doesn't look
> like verification is a problem if each user (me, Alex) is willing to
> jump through the OAuth hoops separately. Assuming you can get them
> to work, that is, which I haven't.
>
> > For security purposes, GMail's data is considered within a "restricted
> > scope" (as opposed to a "sensitive scope" or the scope of "all apps") as
> > to the requirements imposed on "app requests". Apps reaching into
> > "restricted scope" data must meet all requirements for apps requesting
> > sensitive scopes, and also some additional requirements. See prior URL
> > for details.
>
>
> Under the Exceptions, note the first two: Personal use (under 100
> users, all personally known to you) and Development/testing (which
> holds as long as you don't click Publish on your app page).
> So I think that's not a big problem (again, assuming ...)
>
> > I tell you, Alex (and Akkana), this sort of thing is rather difficult
> > to distinguish from the Googlers passive-aggressively saying "We'd
> > rather you not use your own code, and stick with Google's own hosted
> > proprietary software only".
>
>
> I absolutely think that's what's going on, and that's why they don't
> keep maintaining any of this stuff and it's always breaking.
>
> [story about replacing gmail as domain contact address]
> Now that you mention it, I do use gmail for the purpose you
> describe: an out of band domain contact address if something goes
> wrong with my domain.
>
> > And it's really nice to be able to automate checking of that IMAP
> > mailbox, without having to outsource to any complicated Google Cloud,
> > Google Workspace, Google API, or other ridiculously baroque corporate
> > proprietary crud. All I needed was just a little tweak to my mutt
> > config. Done.
>
>
> I have a mutt config for gmail/IMAP too, but of course, as with
> msmtp, it uses a password and thus requires the whole "less secure
> apps" dance any time I want to use it. It would be a lot easier on
> a normal mail server. But I have gmail forward to my regular email
> address, so I don't normally need to check the gmail inbox at all.
>
> ...Akkana
>
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire



More information about the conspire mailing list