Howdy,
Early this morning Seamonkey could no longer fetch emails. It wouldn't accept the username and password. I did some searching and it seems
that Google is disabling plain text username and password. Honestly,
sounds like a good idea really. During my searches, most recommended
OAuth2 so I switched to it.
After a while, I noticed it wasn't downloading new emails
automatically. I have it set to check for new messages every 10 minutes
or so. I had to hit the Get Msgs button each time. I'd prefer it to do
it automatically. I tried restarting Seamonkey and even changing the settings for doing it automatically, in case a config file needed
updating after the switch, still doesn't do it automatically. I'm
attaching a screenshot of the settings.
Does using OAuth2 disable automatically fetching messages or am I
missing some other setting? It worked fine until I switched to OAuth2
so I don't know what else it could be. Is there something better than
OAuth2 that gmail supports? I just picked the first option I found.
Thoughts??
On Friday, 3 June 2022 02:45:11 BST Dale wrote:
Howdy,Err ... perhaps not? The use of a browser to delegate sign on is not necessarily a good idea, because it introduces layers of complication and with
Early this morning Seamonkey could no longer fetch emails. It wouldn't
accept the username and password. I did some searching and it seems
that Google is disabling plain text username and password. Honestly,
sounds like a good idea really. During my searches, most recommended
OAuth2 so I switched to it.
it potential vulnerabilities. Random explainer here:
https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611
I recall some IMAP4 devs complaining about it, but Google pushed on regardless. From the end of May if you want to login to Gmail you have no option but to use OAuth2. I expect this will break some users login if they have not disabled what Google calls "Less secure application access" and shared with Google their mobile phone number and what other *private* information Google wants to know, before it allows you to access your email messages.
After a while, I noticed it wasn't downloading new emailsThe OAuth2 mechanism will refresh exchange of tokens between client and server
automatically. I have it set to check for new messages every 10 minutes
or so. I had to hit the Get Msgs button each time. I'd prefer it to do
it automatically. I tried restarting Seamonkey and even changing the
settings for doing it automatically, in case a config file needed
updating after the switch, still doesn't do it automatically. I'm
attaching a screenshot of the settings.
Does using OAuth2 disable automatically fetching messages or am I
missing some other setting? It worked fine until I switched to OAuth2
so I don't know what else it could be. Is there something better than
OAuth2 that gmail supports? I just picked the first option I found.
Thoughts??
when they expire, but this should be seamless and transparent to the user. If
there is a breakdown in the connection for some time and a token expires, then
depending on the mail client it may pop up a window asking for your login credentials to be resubmitted. It does this occasionally on Kmail, but I have
not noticed it on T'bird, which I believe is similar/same to the mail client of Seamonkey.
Checking for emails every so often on a timer, is separate to authentication/ authorization. Whether you check for email manually, or after a timer triggers it, OAuth2 will kick in on each occasion as the next step. There may
be some bug in Seamonkey. You could try a later version or try T'bird. If that works with the same settings, but Seamonkey doesn't, then by a process of
elimination the issue would be with Seamonkey's implementation.
HTH.
They only forced turning 2fa on.
How did you even enable the oauth thing ? only had security device or
push to an authenticated device available. Then lied and forced enabling
sms as a 'recovery' option.
On Friday, 3 June 2022 11:07:47 BST spareproject776 wrote:
They only forced turning 2fa on.
There used to be a period a few years ago now, when you could enable less secure app access plus OAuth2 without giving your DOB, mobile phone 2FA, etc. They have since stopped this. I had enabled OAuth2 on one PC, but was not able to do the same on a second PC I tried to connect from. I can't recall the error now.
Thankfully, other email providers are available. :-)
On Friday, 3 June 2022 02:45:11 BST Dale wrote:
Howdy,
Early this morning Seamonkey could no longer fetch emails. It wouldn't accept the username and password. I did some searching and it seems
that Google is disabling plain text username and password. Honestly, sounds like a good idea really. During my searches, most recommended OAuth2 so I switched to it.
Err ... perhaps not? The use of a browser to delegate sign on is not necessarily a good idea, because it introduces layers of complication and with it potential vulnerabilities. Random explainer here:
https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-shou ld-not-use-it-for-authentication-5f47597b2611
I recall some IMAP4 devs complaining about it, but Google pushed on regardless. From the end of May if you want to login to Gmail you have no option but to use OAuth2. I expect this will break some users login if they have not disabled what Google calls "Less secure application access" and shared with Google their mobile phone number and what other *private* information Google wants to know, before it allows you to access your email messages.
Would a practical alternative be to have all gmail messages forwarded to another account?
Howdy,
Early this morning Seamonkey could no longer fetch emails. It wouldn't accept the username and password. I did some searching and it seems
that Google is disabling plain text username and password. Honestly,
sounds like a good idea really. During my searches, most recommended
OAuth2 so I switched to it. I'd never heard of it before but dove in
head first. Turns out, easy enough. When I hit Get Msgs after changing the settings, it asked for the password and it started downloading
emails. My first thought, yeppie!!
After a while, I noticed it wasn't downloading new emails
automatically. I have it set to check for new messages every 10 minutes
or so. I had to hit the Get Msgs button each time. I'd prefer it to do
it automatically. I tried restarting Seamonkey and even changing the settings for doing it automatically, in case a config file needed
updating after the switch, still doesn't do it automatically. I'm
attaching a screenshot of the settings.
Does using OAuth2 disable automatically fetching messages or am I
missing some other setting? It worked fine until I switched to OAuth2
so I don't know what else it could be. Is there something better than OAuth2 that gmail supports? I just picked the first option I found.
Thoughts??
Dale
:-) :-)
Anyone have ideas on how to fix this. If anyone needs more info, just
let me know. I'll either attach the text or a picture if it is a menu
type thing that can't be copied.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 302 |
Nodes: | 16 (2 / 14) |
Uptime: | 99:40:36 |
Calls: | 6,767 |
Calls today: | 5 |
Files: | 12,295 |
Messages: | 5,376,413 |
Posted today: | 1 |