* oauth to be required for gmail @ 2019-12-16 19:48 Bob Newell 2019-12-16 20:49 ` Florian Weimer ` (3 more replies) 0 siblings, 4 replies; 30+ messages in thread From: Bob Newell @ 2019-12-16 19:48 UTC (permalink / raw) To: ding Aloha, I'm sure many of you received Google's email this morning announcing an eventual end to non-oauth access to gmail. There are various dates starting in February 2020 and extending into 2021 depending on the situation, but this will pose a problem for those of us who rely on directly sending/receiving with gmail via gnus. Note I'm not talking about offline/download solutions but direct access through gnus. There is gnus-gmail-oauth.el on github, almost four years old. I haven't tried it and it may not work for both sending and receiving. Perhaps there are other things. Does anyone know more about this and about what the best course of action might be? We have a little time, but not necessarily tons of it. Mahalo, -- Bob Newell Honolulu, Hawai`i - Via Gnus/BBDB/Org/Emacs/Linux ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-16 19:48 oauth to be required for gmail Bob Newell @ 2019-12-16 20:49 ` Florian Weimer 2019-12-16 22:45 ` Bob Newell 2019-12-17 5:40 ` Pankaj Jangid 2019-12-16 22:46 ` Bob Newell ` (2 subsequent siblings) 3 siblings, 2 replies; 30+ messages in thread From: Florian Weimer @ 2019-12-16 20:49 UTC (permalink / raw) To: Bob Newell; +Cc: ding * Bob Newell: > I'm sure many of you received Google's email this morning > announcing an eventual end to non-oauth access to gmail. There > are various dates starting in February 2020 and extending into > 2021 depending on the situation, but this will pose a problem > for those of us who rely on directly sending/receiving with > gmail via gnus. Wow. Does this mean that support for device passwords will be removed completely? ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-16 20:49 ` Florian Weimer @ 2019-12-16 22:45 ` Bob Newell 2019-12-17 0:17 ` Jude DaShiell 2019-12-17 5:40 ` Pankaj Jangid 1 sibling, 1 reply; 30+ messages in thread From: Bob Newell @ 2019-12-16 22:45 UTC (permalink / raw) To: Florian Weimer, ding Florian Weimer <fw@deneb.enyo.de> writes: > Wow. Does this mean that support for device passwords will be removed > completely? The way I read it, yes, at least if I understand your question. Email clients on devices will have to use oauth. -- Bob Newell Honolulu, Hawai`i - Via Gnus/BBDB/Org/Emacs/Linux ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-16 22:45 ` Bob Newell @ 2019-12-17 0:17 ` Jude DaShiell 0 siblings, 0 replies; 30+ messages in thread From: Jude DaShiell @ 2019-12-17 0:17 UTC (permalink / raw) To: Bob Newell, Florian Weimer, ding That being the case, I'll have to learn how to have google forward all my gmail to a different email account permanently or until google discontinues that forwarding service too. On Mon, 16 Dec 2019, Bob Newell wrote: > Date: Mon, 16 Dec 2019 17:45:06 > From: Bob Newell <bobnewell@bobnewell.net> > To: Florian Weimer <fw@deneb.enyo.de>, ding@gnus.org > Subject: Re: oauth to be required for gmail > > Florian Weimer <fw@deneb.enyo.de> writes: > > > Wow. Does this mean that support for device passwords will be removed > > completely? > > The way I read it, yes, at least if I understand your > question. Email clients on devices will have to use oauth. > > -- ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-16 20:49 ` Florian Weimer 2019-12-16 22:45 ` Bob Newell @ 2019-12-17 5:40 ` Pankaj Jangid 2019-12-18 5:52 ` 황병희 1 sibling, 1 reply; 30+ messages in thread From: Pankaj Jangid @ 2019-12-17 5:40 UTC (permalink / raw) To: Florian Weimer; +Cc: Bob Newell, ding >> I'm sure many of you received Google's email this morning >> announcing an eventual end to non-oauth access to gmail. There >> are various dates starting in February 2020 and extending into >> 2021 depending on the situation, but this will pose a problem >> for those of us who rely on directly sending/receiving with >> gmail via gnus. > > Wow. Does this mean that support for device passwords will be removed > completely? Yes. We must implement oauth now. I have done it in other apps. But I have not much experience with Emacs Lisp. I am willing to do with some guidance from leaders here. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 5:40 ` Pankaj Jangid @ 2019-12-18 5:52 ` 황병희 2019-12-21 10:26 ` Florian Weimer 0 siblings, 1 reply; 30+ messages in thread From: 황병희 @ 2019-12-18 5:52 UTC (permalink / raw) To: The Gnus > Yes. We must implement oauth now. I have done it in other apps. But I > have not much experience with Emacs Lisp. I am willing to do with some > guidance from leaders here. Plus we need to documents for oauth2. That seems not easy to understand... Thanks for shareing^^^ Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))// ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-18 5:52 ` 황병희 @ 2019-12-21 10:26 ` Florian Weimer 2019-12-21 10:50 ` 황병희 0 siblings, 1 reply; 30+ messages in thread From: Florian Weimer @ 2019-12-21 10:26 UTC (permalink / raw) To: 황병희; +Cc: The Gnus * 황병희: >> Yes. We must implement oauth now. I have done it in other apps. But I >> have not much experience with Emacs Lisp. I am willing to do with some >> guidance from leaders here. > > Plus we need to documents for oauth2. That seems not easy to > understand... There is this: <https://developers.google.com/gmail/imap/xoauth2-protocol> <https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough> But I can't see this working for people who use a domain account where they are not administrator. At the very least, it requires agreement to separate service terms, which is typically not allowed by policy. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-21 10:26 ` Florian Weimer @ 2019-12-21 10:50 ` 황병희 0 siblings, 0 replies; 30+ messages in thread From: 황병희 @ 2019-12-21 10:50 UTC (permalink / raw) To: The Gnus Hellow Florian^^^ Florian Weimer <fw@deneb.enyo.de> writes: > * 황병희: > >>> Yes. We must implement oauth now. I have done it in other apps. But I >>> have not much experience with Emacs Lisp. I am willing to do with some >>> guidance from leaders here. >> >> Plus we need to documents for oauth2. That seems not easy to >> understand... > > There is this: > > <https://developers.google.com/gmail/imap/xoauth2-protocol> > <https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough> > > But I can't see this working for people who use a domain account where > they are not administrator. At the very least, it requires agreement > to separate service terms, which is typically not allowed by policy. Wow your kind comments are very useful to me. Also i added the urls to firefox's bookmark, thanks^^^ Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))// ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-16 19:48 oauth to be required for gmail Bob Newell 2019-12-16 20:49 ` Florian Weimer @ 2019-12-16 22:46 ` Bob Newell 2019-12-17 8:03 ` Robert Pluim 2020-08-03 3:19 ` just ping (Was: Re: oauth to be required for gmail) 황병희 3 siblings, 0 replies; 30+ messages in thread From: Bob Newell @ 2019-12-16 22:46 UTC (permalink / raw) To: ding By the way I accidently reversed dates: warnings start in June 2020 and everything ends Feb 2021. -- Bob Newell Honolulu, Hawai`i - Via Gnus/BBDB/Org/Emacs/Linux ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-16 19:48 oauth to be required for gmail Bob Newell 2019-12-16 20:49 ` Florian Weimer 2019-12-16 22:46 ` Bob Newell @ 2019-12-17 8:03 ` Robert Pluim 2019-12-17 17:11 ` Lars Ingebrigtsen 2019-12-17 17:33 ` David Engster 2020-08-03 3:19 ` just ping (Was: Re: oauth to be required for gmail) 황병희 3 siblings, 2 replies; 30+ messages in thread From: Robert Pluim @ 2019-12-17 8:03 UTC (permalink / raw) To: Bob Newell; +Cc: ding >>>>> On Mon, 16 Dec 2019 09:48:58 -1000, Bob Newell <bobnewell@bobnewell.net> said: Bob> Aloha, Bob> I'm sure many of you received Google's email this morning Bob> announcing an eventual end to non-oauth access to gmail. There Bob> are various dates starting in February 2020 and extending into Bob> 2021 depending on the situation, but this will pose a problem Bob> for those of us who rely on directly sending/receiving with Bob> gmail via gnus. Bob> Note I'm not talking about offline/download solutions but Bob> direct access through gnus. Bob> There is gnus-gmail-oauth.el on github, almost four years Bob> old. I haven't tried it and it may not work for both sending Bob> and receiving. Perhaps there are other things. I think the canonical package for doing this is <https://github.com/ccrusius/auth-source-xoauth2>, although I haven't tried it yet. Robert ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 8:03 ` Robert Pluim @ 2019-12-17 17:11 ` Lars Ingebrigtsen 2019-12-17 17:41 ` David Engster 2019-12-18 7:07 ` David Engster 2019-12-17 17:33 ` David Engster 1 sibling, 2 replies; 30+ messages in thread From: Lars Ingebrigtsen @ 2019-12-17 17:11 UTC (permalink / raw) To: Robert Pluim; +Cc: Bob Newell, ding Robert Pluim <rpluim@gmail.com> writes: > I think the canonical package for doing this is > <https://github.com/ccrusius/auth-source-xoauth2>, although I haven't > tried it yet. It's comically convoluted to use oauth for open source software: https://github.com/ccrusius/auth-source-xoauth2/blob/8cef77b0d390f8a45e7690eaf8772173e1995a9b/auth-source-xoauth2.el#L79 Here's a recipe for Mutt, which one Hackernews described as "you just have to run a script": https://luxing.im/mutt-integration-with-gmail-using-oauth/ Now, what closed source software does is do all the first steps for you: Register an app on Google, get a secret key etc, so all the user has to do it go through a web-based login thing. I don't think this is much of an option for Gnus? Gnus Inc registering an app that's allowed to access Gmail accounts? I'd have to go through a security audit process (typically costing $50K, if I understand correctly) and, still, it's pretty much impossible as the secret key would have to be distributed some way, wouldn't it? Or... is that a solved problem? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 17:11 ` Lars Ingebrigtsen @ 2019-12-17 17:41 ` David Engster 2019-12-18 5:31 ` Bob Newell 2019-12-23 10:50 ` Florian Weimer 2019-12-18 7:07 ` David Engster 1 sibling, 2 replies; 30+ messages in thread From: David Engster @ 2019-12-17 17:41 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: Robert Pluim, Bob Newell, ding > Robert Pluim <rpluim@gmail.com> writes: > >> I think the canonical package for doing this is >> <https://github.com/ccrusius/auth-source-xoauth2>, although I haven't >> tried it yet. > > It's comically convoluted to use oauth for open source software: > > https://github.com/ccrusius/auth-source-xoauth2/blob/8cef77b0d390f8a45e7690eaf8772173e1995a9b/auth-source-xoauth2.el#L79 > > Here's a recipe for Mutt, which one Hackernews described as "you just > have to run a script": > > https://luxing.im/mutt-integration-with-gmail-using-oauth/ > > Now, what closed source software does is do all the first steps for you: > Register an app on Google, get a secret key etc, so all the user has to > do it go through a web-based login thing. > > I don't think this is much of an option for Gnus? Gnus Inc registering > an app that's allowed to access Gmail accounts? I'd have to go through > a security audit process (typically costing $50K, if I understand > correctly) and, still, it's pretty much impossible as the secret key > would have to be distributed some way, wouldn't it? Or... is that a > solved problem? I don't think so, see my other mail I've just written. See also this answer here, which I think is still the current situation: https://stackoverflow.com/a/28109307 -David ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 17:41 ` David Engster @ 2019-12-18 5:31 ` Bob Newell 2019-12-23 10:50 ` Florian Weimer 1 sibling, 0 replies; 30+ messages in thread From: Bob Newell @ 2019-12-18 5:31 UTC (permalink / raw) To: ding Some further info: like it or not this appears to be the way big commercial email services are going. AOL is ending "less secure" logins in a couple of months, and they don't currently publish a method to get oauth2 tokens. (Okay, it's AOL, but it's an example of the trend.) Yahoo, who owns AOL, hasn't announced anything that I can find, but I imagine they'll go the same way too. I really think that gnus will have to support oauth natively in order to keep up. Not necessarily a pleasant thought, and yes, there are current workarounds as described in this thread, but ... gnus is not alone. Other mail clients and mail fetchers will have to follow suit. Doggone it, I thought it was a sort of cool irony to access AOL mail via gnus. This will leave a big hole in my life :) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 17:41 ` David Engster 2019-12-18 5:31 ` Bob Newell @ 2019-12-23 10:50 ` Florian Weimer 1 sibling, 0 replies; 30+ messages in thread From: Florian Weimer @ 2019-12-23 10:50 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: Robert Pluim, Bob Newell, ding * David Engster: > I don't think so, see my other mail I've just written. See also this > answer here, which I think is still the current situation: > > https://stackoverflow.com/a/28109307 In this case, it's probably best to pick a widely used secret, so that it is pretty much impossible to blacklist it for Google. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 17:11 ` Lars Ingebrigtsen 2019-12-17 17:41 ` David Engster @ 2019-12-18 7:07 ` David Engster 2019-12-23 10:59 ` Florian Weimer 1 sibling, 1 reply; 30+ messages in thread From: David Engster @ 2019-12-18 7:07 UTC (permalink / raw) To: Lars Ingebrigtsen; +Cc: Robert Pluim, Bob Newell, ding > I don't think this is much of an option for Gnus? Gnus Inc registering > an app that's allowed to access Gmail accounts? I'd have to go through > a security audit process (typically costing $50K, if I understand > correctly) and, still, it's pretty much impossible as the secret key > would have to be distributed some way, wouldn't it? Or... is that a > solved problem? So I wondered: How does Thunderbird does it? Oh, there are the ID's and secrets: https://dxr.mozilla.org/comm-central/source/comm/mailnews/base/util/OAuth2Providers.jsm But it seems if you put a comment above it which says "Don't copy these values for your own application--register it yourself", then it's fine. This whole OAuth2 stuff is ridiculous. -David ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-18 7:07 ` David Engster @ 2019-12-23 10:59 ` Florian Weimer 2019-12-23 12:09 ` David Engster 0 siblings, 1 reply; 30+ messages in thread From: Florian Weimer @ 2019-12-23 10:59 UTC (permalink / raw) To: David Engster; +Cc: Lars Ingebrigtsen, Robert Pluim, Bob Newell, ding * David Engster: > So I wondered: How does Thunderbird does it? > > Oh, there are the ID's and secrets: > > https://dxr.mozilla.org/comm-central/source/comm/mailnews/base/util/OAuth2Providers.jsm > > But it seems if you put a comment above it which says "Don't copy these > values for your own application--register it yourself", then it's > fine. > > This whole OAuth2 stuff is ridiculous. Isn't there a different mode for Thunderbird, which performs a regular web login and can also support third-party authentication for enterprise accounts? Admittedly, it's been a year or two since I tried this. Basically, what seems to happen is that Thunderbird sees the OAuth2 request in the IMAP handshake, starts its internal web browser, renders the Google login page. With an enterprise domain, Google then automatically redirects to the external authentication source (based on its preconfigured records), which can do any authentication it wants (e.g., use Kerberos, so that the user doesn't even have to enter a password), and then redirects back to Google, at which point Google serves something back via the web browser which can be used to complete the IMAP handshake. My point is that it is pretty much impossible to complete that sequence without a complete, Javascript-enabled web browser. But that mode, while ridiculously complex, still isn't as pointless as the approach with static password that is not actually secret and thus does not serve any purpose at all. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-23 10:59 ` Florian Weimer @ 2019-12-23 12:09 ` David Engster 2019-12-24 5:16 ` Bob Newell 2020-01-07 17:07 ` Jorge A. Alfaro-Murillo 0 siblings, 2 replies; 30+ messages in thread From: David Engster @ 2019-12-23 12:09 UTC (permalink / raw) To: Florian Weimer; +Cc: Lars Ingebrigtsen, Robert Pluim, Bob Newell, ding > My point is that it is pretty much impossible to complete that > sequence without a complete, Javascript-enabled web browser. But that > mode, while ridiculously complex, still isn't as pointless as the > approach with static password that is not actually secret and thus > does not serve any purpose at all. The real solution would be if Google supported RFC 7591 and RFC 7628. This is also what the comment above the hard-coded credentials in Thunderbird says. I predict this will never happen because the providers are actually quite happy with the current situation. It allows them to control which applications may access their services, and it pushes more users away from using third-party desktop mail client. Remember that Google wants you to use the web while being logged in, since this makes it much easier for them to track you. I think the "solution" is to tell users they need to set those credentials themselves. There are no widespred OAuth credentials which we could simply use without being shady. The real solution of course is that users simply stop using Google Mail and choose a proper mail provider. -David ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-23 12:09 ` David Engster @ 2019-12-24 5:16 ` Bob Newell 2019-12-24 16:53 ` Lars Ingebrigtsen 2019-12-26 10:04 ` David Engster 2020-01-07 17:07 ` Jorge A. Alfaro-Murillo 1 sibling, 2 replies; 30+ messages in thread From: Bob Newell @ 2019-12-24 5:16 UTC (permalink / raw) To: ding > The real solution of course is > that users simply stop using Google Mail and choose a proper mail > provider. > > -David In the end I'll likely just set up the oauth credentials and put in the necessary software changes, but I have serious considered your "real" solution. There are a couple of problems, though. I have a lot of gmail-specific coding (perhaps a bad decision on my part) and a lot of stuff in the gmail ecosystem. But my fear is that, should I change to another provider --- I don't know, FastMail or someone--- they might in time go the same route. Eliminating "less secure" login methods certainly seems to be trending. -- Bob Newell Honolulu, Hawai`i Via Linux/Emacs/Gnus/BBDB. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-24 5:16 ` Bob Newell @ 2019-12-24 16:53 ` Lars Ingebrigtsen 2019-12-26 7:03 ` Steinar Bang 2019-12-26 10:04 ` David Engster 1 sibling, 1 reply; 30+ messages in thread From: Lars Ingebrigtsen @ 2019-12-24 16:53 UTC (permalink / raw) To: Bob Newell; +Cc: ding Bob Newell <bobnewell@bobnewell.net> writes: > But my fear is that, should I change to another provider --- I don't > know, FastMail or someone--- they might in time go the same > route. Eliminating "less secure" login methods certainly seems to be > trending. Yup. I think I read somewhere that Microsoft is disabling user-name/password auth on their IMAP offerings, too. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-24 16:53 ` Lars Ingebrigtsen @ 2019-12-26 7:03 ` Steinar Bang 2019-12-28 20:43 ` Jouni K. Seppänen 0 siblings, 1 reply; 30+ messages in thread From: Steinar Bang @ 2019-12-26 7:03 UTC (permalink / raw) To: ding >>>>> Lars Ingebrigtsen <larsi@gnus.org>: > Bob Newell <bobnewell@bobnewell.net> writes: >> But my fear is that, should I change to another provider --- I don't >> know, FastMail or someone--- they might in time go the same >> route. Eliminating "less secure" login methods certainly seems to be >> trending. > Yup. I think I read somewhere that Microsoft is disabling > user-name/password auth on their IMAP offerings, too. FWIW a third option is to become your own provider: 1. Get a Virtual Private Server (VPS) 2. Get a DNS domain (any domain will do) 3. Set up a MTA on the VPS (postfix, exim, etc.) 4. Set up an IMAP server on the VPS (I recommend dovecot) (It's what I do) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-26 7:03 ` Steinar Bang @ 2019-12-28 20:43 ` Jouni K. Seppänen 0 siblings, 0 replies; 30+ messages in thread From: Jouni K. Seppänen @ 2019-12-28 20:43 UTC (permalink / raw) To: ding Steinar Bang <sb@dod.no> writes: >>>>>> Lars Ingebrigtsen <larsi@gnus.org>: >> Bob Newell <bobnewell@bobnewell.net> writes: > >>> But my fear is that, should I change to another provider --- I >>> don't know, FastMail or someone--- they might in time go the >>> same route. Eliminating "less secure" login methods certainly >>> seems to be trending. > >> Yup. I think I read somewhere that Microsoft is disabling >> user-name/password auth on their IMAP offerings, too. > > FWIW a third option is to become your own provider: > 1. Get a Virtual Private Server (VPS) 2. Get a DNS domain (any > domain will do) 3. Set up a MTA on the VPS (postfix, exim, > etc.) 4. Set up an IMAP server on the VPS (I recommend > dovecot) It's probably a good idea to get your own domain name in any case. You can tell a provider like Fastmail to handle the email for that domain, and if they ever start misbehaving, you can move your domain elsewhere without updating your email address in everyone's address book. You can also do a similar thing communally: iki.fi is a non-profit that gives you an email address and forwards email to wherever you like (but only open to residents of Finland). Forwarding to Gmail is a bit problematic because Google occasionally and seemingly randomly blocks or delays mail from small-volume senders, but I've been happily forwarding to Fastmail for a few years now. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-24 5:16 ` Bob Newell 2019-12-24 16:53 ` Lars Ingebrigtsen @ 2019-12-26 10:04 ` David Engster 1 sibling, 0 replies; 30+ messages in thread From: David Engster @ 2019-12-26 10:04 UTC (permalink / raw) To: Bob Newell; +Cc: ding > In the end I'll likely just set up the oauth credentials and put in > the necessary software changes, but I have serious considered your > "real" solution. There are a couple of problems, though. I have a lot > of gmail-specific coding (perhaps a bad decision on my part) and a lot > of stuff in the gmail ecosystem. But my fear is that, should I change > to another provider --- I don't know, FastMail or someone--- they > might in time go the same route. Eliminating "less secure" login > methods certainly seems to be trending. Anything is possible, but I highly doubt FastMail would go that route. I don't think they even have their own OAuth2 domain. Instead, they support different forms of two-factor authentication (U2F, OTP, SMS, Yubikeyk. authenticator apps, etc.). For passwords, they have a very nice system were you can set passwords separately for each app you're using. You can view statistics like number of failed logins and remove passwords if you think they might be compromised. They even still support unencrypted protocols like FTP (but you need to set a specific password for it). If I wouldn't self-host, I'd surely consider using FastMail. From what I can see, they really try to support as many use-cases as possible. -David ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-23 12:09 ` David Engster 2019-12-24 5:16 ` Bob Newell @ 2020-01-07 17:07 ` Jorge A. Alfaro-Murillo 2020-01-07 18:44 ` Eric Abrahamsen 2020-01-07 19:52 ` David Engster 1 sibling, 2 replies; 30+ messages in thread From: Jorge A. Alfaro-Murillo @ 2020-01-07 17:07 UTC (permalink / raw) To: ding David Engster writes: > The real solution of course is that users simply stop using > Google Mail and choose a proper mail provider. Any suggestions? -- Jorge. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2020-01-07 17:07 ` Jorge A. Alfaro-Murillo @ 2020-01-07 18:44 ` Eric Abrahamsen 2020-01-07 19:52 ` David Engster 1 sibling, 0 replies; 30+ messages in thread From: Eric Abrahamsen @ 2020-01-07 18:44 UTC (permalink / raw) To: Jorge A. Alfaro-Murillo; +Cc: ding "Jorge A. Alfaro-Murillo" <jorge.alfaro-murillo@yale.edu> writes: > David Engster writes: > >> The real solution of course is that users simply stop using Google >> Mail and choose a proper mail provider. > > Any suggestions? I host my own, but I've heard good things about fastmail. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2020-01-07 17:07 ` Jorge A. Alfaro-Murillo 2020-01-07 18:44 ` Eric Abrahamsen @ 2020-01-07 19:52 ` David Engster 2020-01-08 3:24 ` Pankaj Jangid 2020-01-08 3:28 ` Pankaj Jangid 1 sibling, 2 replies; 30+ messages in thread From: David Engster @ 2020-01-07 19:52 UTC (permalink / raw) To: Jorge A. Alfaro-Murillo; +Cc: ding > David Engster writes: > >> The real solution of course is that users simply stop using Google >> Mail and choose a proper mail provider. > > Any suggestions? Stay flexble. Make sure to separate your email address from the mail hosting provider. This means: Register your own domain at some domain registrar. I would advise to only use this domain for mail, because this makes things easier. Then pay another(!) company to host your mail for that domain. I've heard good things about FastMail[1], but other mail companies provide this service as well. As long as they allow normal IMAP access, you will always be able to download all your mail and migrate to another provider whenever you're not satisfied. -David [1] https://www.fastmail.com/help/ourservice/hosteddomains.html ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2020-01-07 19:52 ` David Engster @ 2020-01-08 3:24 ` Pankaj Jangid 2020-01-08 3:28 ` Pankaj Jangid 1 sibling, 0 replies; 30+ messages in thread From: Pankaj Jangid @ 2020-01-08 3:24 UTC (permalink / raw) To: David Engster; +Cc: Jorge A. Alfaro-Murillo, ding >>> The real solution of course is that users simply stop using Google >>> Mail and choose a proper mail provider. >> >> Any suggestions? > > Stay flexble. Make sure to separate your email address from the mail > hosting provider. > > This means: Register your own domain at some domain registrar. I would > advise to only use this domain for mail, because this makes things > easier. Then pay another(!) company to host your mail for that > domain. I've heard good things about FastMail[1], but other mail > companies provide this service as well. As long as they allow normal > IMAP access, you will always be able to download all your mail and > migrate to another provider whenever you're not satisfied. In addition to the above. I use mbsync[1] utility to keep IMAP folders in sync at multiple providers. It is very flexible in that sense. Sync between local and IMAP folders or sync between two IMAP providers. [1] http://isync.sourceforge.net/mbsync.html Regards -- Pankaj Jangid ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2020-01-07 19:52 ` David Engster 2020-01-08 3:24 ` Pankaj Jangid @ 2020-01-08 3:28 ` Pankaj Jangid 1 sibling, 0 replies; 30+ messages in thread From: Pankaj Jangid @ 2020-01-08 3:28 UTC (permalink / raw) To: David Engster; +Cc: Jorge A. Alfaro-Murillo, ding > Stay flexble. Make sure to separate your email address from the mail > hosting provider. > > This means: Register your own domain at some domain registrar. I would > advise to only use this domain for mail, because this makes things > easier. Then pay another(!) company to host your mail for that > domain. I've heard good things about FastMail[1], but other mail > companies provide this service as well. As long as they allow normal > [1] https://www.fastmail.com/help/ourservice/hosteddomains.html Forgot to add. I am currently using zoho[1]. It is very low cost as compared to others; at least in India. [1] https://www.zoho.com/mail/zohomail-pricing.html Regards, -- Pankaj Jangid ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: oauth to be required for gmail 2019-12-17 8:03 ` Robert Pluim 2019-12-17 17:11 ` Lars Ingebrigtsen @ 2019-12-17 17:33 ` David Engster 1 sibling, 0 replies; 30+ messages in thread From: David Engster @ 2019-12-17 17:33 UTC (permalink / raw) To: Robert Pluim; +Cc: Bob Newell, ding >>>>>> On Mon, 16 Dec 2019 09:48:58 -1000, Bob Newell <bobnewell@bobnewell.net> said: > > Bob> Aloha, > Bob> I'm sure many of you received Google's email this morning > Bob> announcing an eventual end to non-oauth access to gmail. There > Bob> are various dates starting in February 2020 and extending into > Bob> 2021 depending on the situation, but this will pose a problem > Bob> for those of us who rely on directly sending/receiving with > Bob> gmail via gnus. > > Bob> Note I'm not talking about offline/download solutions but > Bob> direct access through gnus. > > Bob> There is gnus-gmail-oauth.el on github, almost four years > Bob> old. I haven't tried it and it may not work for both sending > Bob> and receiving. Perhaps there are other things. > > I think the canonical package for doing this is > <https://github.com/ccrusius/auth-source-xoauth2>, although I haven't > tried it yet. There is the 'oauth2' package in ELPA. I use it for org-caldav and it works fine. The problem with OAuth2 is not the technical side, which is pretty easy to do. The problem is that OAuth2 allows the serving side to control which application may access their services. They may forbid it entirely, or they may limit the API access depending on the application. They can do this since you need to register your application (in this case with Google), and you get a "client ID" and "client secret" with which your application identifies itself. AFAIK, for accessing GMail, you even need to go through an additional verification process to get full access. Of course, the "client secret" is pointless if you openly put it into your source, so there is no way to register an "official" client ID/secret for Gnus which anyone could use. Last I checked, publishing the client secret would be considered a violation of Google's services, with all consequences this may imply (terminating the developer's account, etc.). So usually, each user needs to register the application separately; this works for org-caldav, since the CalDAV API does not require additional verification, but this may very well be different for the Mail API. It's been some time since I dealt with this, so maybe things have gotten better in the meantime. -David ^ permalink raw reply [flat|nested] 30+ messages in thread
* just ping (Was: Re: oauth to be required for gmail) 2019-12-16 19:48 oauth to be required for gmail Bob Newell ` (2 preceding siblings ...) 2019-12-17 8:03 ` Robert Pluim @ 2020-08-03 3:19 ` 황병희 2020-08-06 12:35 ` just ping 황병희 3 siblings, 1 reply; 30+ messages in thread From: 황병희 @ 2020-08-03 3:19 UTC (permalink / raw) To: The Gnus Hellow, There is a good news for oauth of gmail? Sometimes my gmail login is not good. Sincerely, Gnus fan Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))// ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: just ping 2020-08-03 3:19 ` just ping (Was: Re: oauth to be required for gmail) 황병희 @ 2020-08-06 12:35 ` 황병희 0 siblings, 0 replies; 30+ messages in thread From: 황병희 @ 2020-08-06 12:35 UTC (permalink / raw) To: The Gnus soyeomul@doraji.xyz (황병희) writes: > Hellow, > > There is a good news for oauth of gmail? > Sometimes my gmail login is not good. Just for the record, i attach related PR: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=41386 Sincerely, Byung-Hee (daum-kakao account) -- ^고맙습니다 _地平天成_ 감사합니다_^))// ^ permalink raw reply [flat|nested] 30+ messages in thread
end of thread, other threads:[~2020-08-06 12:36 UTC | newest] Thread overview: 30+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-12-16 19:48 oauth to be required for gmail Bob Newell 2019-12-16 20:49 ` Florian Weimer 2019-12-16 22:45 ` Bob Newell 2019-12-17 0:17 ` Jude DaShiell 2019-12-17 5:40 ` Pankaj Jangid 2019-12-18 5:52 ` 황병희 2019-12-21 10:26 ` Florian Weimer 2019-12-21 10:50 ` 황병희 2019-12-16 22:46 ` Bob Newell 2019-12-17 8:03 ` Robert Pluim 2019-12-17 17:11 ` Lars Ingebrigtsen 2019-12-17 17:41 ` David Engster 2019-12-18 5:31 ` Bob Newell 2019-12-23 10:50 ` Florian Weimer 2019-12-18 7:07 ` David Engster 2019-12-23 10:59 ` Florian Weimer 2019-12-23 12:09 ` David Engster 2019-12-24 5:16 ` Bob Newell 2019-12-24 16:53 ` Lars Ingebrigtsen 2019-12-26 7:03 ` Steinar Bang 2019-12-28 20:43 ` Jouni K. Seppänen 2019-12-26 10:04 ` David Engster 2020-01-07 17:07 ` Jorge A. Alfaro-Murillo 2020-01-07 18:44 ` Eric Abrahamsen 2020-01-07 19:52 ` David Engster 2020-01-08 3:24 ` Pankaj Jangid 2020-01-08 3:28 ` Pankaj Jangid 2019-12-17 17:33 ` David Engster 2020-08-03 3:19 ` just ping (Was: Re: oauth to be required for gmail) 황병희 2020-08-06 12:35 ` just ping 황병희
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).