[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gmail+imap+smtp (oauth2)
|
From: |
Tim Cross |
|
Subject: |
Re: gmail+imap+smtp (oauth2) |
|
Date: |
Fri, 06 May 2022 10:43:00 +1000 |
|
User-agent: |
mu4e 1.7.13; emacs 28.1.50 |
"Jorge A. Alfaro-Murillo" <jorge@democraciareal.org> writes:
> On Thu, May 05 2022, Filipp Gunbin wrote:
>
>>
>> Just FTR, with Outlook from Office365 (we had that at work), it is just that
>> -
>> you create an app password in web interface (yes, non-free JS), and then just
>> put it in authinfo instead of your "account password".
>
> Just to let you know that (sadly) we have Office365 at my institution but that
> they do not allow app passwords. It is something that IT has to allow from the
> Office 365 Admin Center. When I called them about it, they told me that they
> were only supporting email clients that had 2-factor authentication.
>
> I haven't been able to use gnus with my work email (@yale.edu) since then. I
> wonder if the same is true for other institutions that use Google Workspace.
>
Yes, this is an issue for institutions that use Google or Office365. The
ability to use app passwords is a configuration option for the
institution. Both Google and MS will recommend against enabling that
option. Far too many IT departmenbts in large institutions will just
follow Google/MS advice because they don't understand the issues and
because they are not prepared to stick the neck out and go against
Google/MS recommendations.
> FYI, two free open-source email projects thunderbird (MPL-2.0) and fairmail
> (GPL3) work with 2-factor authentication. Is there anyway to use their method
> of
> authentication in gnus?
>From what I've read, it is suggested both these projects are not fully
compliant with the T&C of Google/MS. This is something some people have
attempted to get clarified, but fail to get any response. I think this
is precisely the area where the FSF could assist as they might be able
to at least get the issue looked at by senior enough Google/MS
executives to get a definitive answer.
As I understand it, the key issue regards the application ID. Google's
T&C imply this must be kept secret (it is an ID assigned by Google once
your application has been approved and is used in the code). Problem
being, how can you have that ID be in the code and be secret.
- Re: gmail+imap+smtp (oauth2), (continued)
- Re: gmail+imap+smtp (oauth2), Robert Pluim, 2022/05/05
- Re: gmail+imap+smtp (oauth2), Uwe Brauer, 2022/05/08
- Re: gmail+imap+smtp (oauth2), Robert Pluim, 2022/05/08
- Re: gmail+imap+smtp (oauth2), Uwe Brauer, 2022/05/08
- Re: gmail+imap+smtp (oauth2), Robert Pluim, 2022/05/09
- Re: gmail+imap+smtp (oauth2), Uwe Brauer, 2022/05/10
- Re: gmail+imap+smtp (oauth2), Robert Pluim, 2022/05/10
- Re: gmail+imap+smtp (oauth2), Filipp Gunbin, 2022/05/05
- Re: gmail+imap+smtp (oauth2), Jorge A. Alfaro-Murillo, 2022/05/05
- Re: gmail+imap+smtp (oauth2), Thomas Fitzsimmons, 2022/05/05
- Re: gmail+imap+smtp (oauth2),
Tim Cross <=
- Re: gmail+imap+smtp (oauth2), Tomas Hlavaty, 2022/05/06
- Re: gmail+imap+smtp (oauth2), Tim Cross, 2022/05/06
- Re: gmail+imap+smtp (oauth2), Stefan Monnier, 2022/05/06
- Re: gmail+imap+smtp (oauth2), tomas, 2022/05/06
- Re: gmail+imap+smtp (oauth2), Lars Ingebrigtsen, 2022/05/06
- Re: gmail+imap+smtp (oauth2), Stefan Monnier, 2022/05/06
- Re: gmail+imap+smtp (oauth2), Tim Cross, 2022/05/06
- Re: gmail+imap+smtp (oauth2), Richard Stallman, 2022/05/11
- gmail+imap+smtp (davmail), Richard Stallman, 2022/05/11
- Re: gmail+imap+smtp (davmail), Eric S Fraga, 2022/05/11