Google SMTP 2FA: google identify Grav as not secure #75
Comments
|
What docs? Are you talking about the oauth plugin? |
|
Nop the About oauth I'm saying that because I have an other app (Spark) that use gmail to send email and it's seems to use oauth: As you can see this app is in gmail list of app that have an access (Grav is not here):
Google asked me only once if I authorised Spark to control email... Grav cool probably do the same nope? |
|
Ah ok, you definitely do have to use a single-app password, bug that should still work as long as you are using TLS security. If that's still not working, the the issue is likely do do with Swiftmail itself, as all that authentication is handled via Swiftmail plugin. The Grav email plugin simply passes the values along. I will try to test this scenario though as I also have 2factor auth setup on my account. |
|
Yep I'm using TLS.
Tell me if I can give you more information to help. |
|
PS: If you didn't read the return content message on my first post the following should help:
|
|
Do you have your App password set in this section? Should not be with other Apps like Spark. Should be under the "Signing in to Google" section:
|
|
Just tested and it worked fine with this setup: also worked fine with I think its something with your app password to be honest. |
|
Yes my configuration was good, it's exactly the same as yours. But I found something... So I just tried with a classical gmail address and an app password... That's mean there is some kind of problem because the username is not Do you have an idea why? |
|
Nope, I actually used my |
|
I don't get it... Just by changing user from You use |
|
yes, you have to login with the email in question and generate your password for that email. I don't have a regular gmail one and a gsuite one, only gsuite and that's how i login and generate the app password. |
|
Dam it, that's exactly what I do too... 😞 |
|
Thanks for you support Andy. I'll probably contact google, as I don't know what I can do on my side |
|
For people running into the same issue while using G Suite follow this steps:
|
|
You know that was already documented in the README.md :)
|
|
Yes I know Andy but this setting is not in the same place in G suite. |
|
@rhukster I suggest reopening this issue because Google Workspace (using Gmail) dropped the support for less secure password apps. It is recommended to use OAuth 2.0 to authenticate. |
Hi,
I'm following all the steps from the
readmefor 2FA protected gmail account without success.It always returns me an error and gmail send me security email:
the error header:
the error content:
{ "error": { "type": "Swift_TransportException", "message": "Expected response code 250 but got code \"535\", with message \"535-5.7.8 Username and Password not accepted. Learn more at\r\n535 5.7.8 https:\/\/support.google.com\/mail\/?p=BadCredentials c54sm14163416wra.84 - gsmtp\r\n\"\nLog data:\n++ Starting Swift_SmtpTransport\n<< 220 smtp.gmail.com ESMTP c54sm14163416wra.84 - gsmtp\r\n\n>> EHLO immersion-pictures.dev\r\n\n<< 250-smtp.gmail.com at your service, [82.251.158.9]\r\n250-SIZE 35882577\r\n250-8BITMIME\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-PIPELINING\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n\n>> STARTTLS\r\n\n<< 220 2.0.0 Ready to start TLS\r\n\n>> EHLO immersion-pictures.dev\r\n\n<< 250-smtp.gmail.com at your service, [82.251.158.9]\r\n250-SIZE 35882577\r\n250-8BITMIME\r\n250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH\r\n250-ENHANCEDSTATUSCODES\r\n250-PIPELINING\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n\n>> AUTH LOGIN\r\n\n<< 334 VXNlcm5hbWU6\r\n\n>> amltQGltbWVyc2lvbi1waWN0dXJlcy5jb20=\r\n\n<< 334 UGFzc3dvcmQ6\r\n\n>> Y3Bic29hb3J3dWt2ZnBlZQ==\r\n\n<< 534-5.7.14 <https:\/\/accounts.google.com\/signin\/continue?sarp=1&scc=1&plt=AKgnsbt2\r\n534-5.7.14 AbIHDC-sRD4_atsdRKjm_o_nmzyMVn9rLQmB62EYrLwD7YMUSUK7SrH8H2d_yB2mW3tIWZ\r\n534-5.7.14 wHZyMhIN7k8bfZfk-IqBP3HL_8GOaWANCVZR6o7vslD_Onr-h5K2WgdKml4Bsna8SPkzeY\r\n534-5.7.14 UFL_HFmiriG2UeH4zyy7O3DJFyGjS0ukWflgMbCK-MuDkQBB7yPffytGzq2N1cW7CoTpmx\r\n534-5.7.14 vn_5s70_gOQYScB9gWp9DWJAXGkq4> Please log in via your web browser and\r\n534-5.7.14 then try again.\r\n534-5.7.14 Learn more at\r\n534 5.7.14 https:\/\/support.google.com\/mail\/answer\/78754 c54sm14163416wra.84 - gsmtp\r\n\n!! Expected response code 235 but got code \"534\", with message \"534-5.7.14 <https:\/\/accounts.google.com\/signin\/continue?sarp=1&scc=1&plt=AKgnsbt2\r\n534-5.7.14 AbIHDC-sRD4_atsdRKjm_o_nmzyMVn9rLQmB62EYrLwD7YMUSUK7SrH8H2d_yB2mW3tIWZ\r\n534-5.7.14 wHZyMhIN7k8bfZfk-IqBP3HL_8GOaWANCVZR6o7vslD_Onr-h5K2WgdKml4Bsna8SPkzeY\r\n534-5.7.14 UFL_HFmiriG2UeH4zyy7O3DJFyGjS0ukWflgMbCK-MuDkQBB7yPffytGzq2N1cW7CoTpmx\r\n534-5.7.14 vn_5s70_gOQYScB9gWp9DWJAXGkq4> Please log in via your web browser and\r\n534-5.7.14 then try again.\r\n534-5.7.14 Learn more at\r\n534 5.7.14 https:\/\/support.google.com\/mail\/answer\/78754 c54sm14163416wra.84 - gsmtp\r\n\" (code: 534)\n>> RSET\r\n\n<< 250 2.1.5 Flushed c54sm14163416wra.84 - gsmtp\r\n\n>> AUTH PLAIN amltQGltbWVyc2lvbi1waWN0dXJlcy5jb20AamltQGltbWVyc2lvbi1waWN0dXJlcy5jb20AY3Bic29hb3J3dWt2ZnBlZQ==\r\n\n<< 534-5.7.14 <https:\/\/accounts.google.com\/signin\/continue?sarp=1&scc=1&plt=AKgnsbtb\r\n534-5.7.14 8P4LV7wcP7-hqF1BItOiDUUluYJ9qCOvNIJ3JESV8sYU6a2gBarFEhH0kN3PijdGbTlmqA\r\n534-5.7.14 JwZ-8AFW2GU4AZy_CvmDyTE11VYI3hvC5-LuqM4M2NEAF0Ez-r7FxKyIcqndttD5phIVML\r\n534-5.7.14 39_YVoiuztI7NSq4HkMRemPHzkGsD4RVHh95t8GG5HDleJ_3u8gy2iGdk2tcoq9KmmPOCW\r\n534-5.7.14 qTaVY-ppUe0WRwhCXqF_8veICbR3g> Please log in via your web browser and\r\n534-5.7.14 then try again.\r\n534-5.7.14 Learn more at\r\n534 5.7.14 https:\/\/support.google.com\/mail\/answer\/78754 c54sm14163416wra.84 - gsmtp\r\n\n!! Expected response code 235 but got code \"534\", with message \"534-5.7.14 <https:\/\/accounts.google.com\/signin\/continue?sarp=1&scc=1&plt=AKgnsbtb\r\n534-5.7.14 8P4LV7wcP7-hqF1BItOiDUUluYJ9qCOvNIJ3JESV8sYU6a2gBarFEhH0kN3PijdGbTlmqA\r\n534-5.7.14 JwZ-8AFW2GU4AZy_CvmDyTE11VYI3hvC5-LuqM4M2NEAF0Ez-r7FxKyIcqndttD5phIVML\r\n534-5.7.14 39_YVoiuztI7NSq4HkMRemPHzkGsD4RVHh95t8GG5HDleJ_3u8gy2iGdk2tcoq9KmmPOCW\r\n534-5.7.14 qTaVY-ppUe0WRwhCXqF_8veICbR3g> Please log in via your web browser and\r\n534-5.7.14 then try again.\r\n534-5.7.14 Learn more at\r\n534 5.7.14 https:\/\/support.google.com\/mail\/answer\/78754 c54sm14163416wra.84 - gsmtp\r\n\" (code: 534)\n>> RSET\r\n\n<< 250 2.1.5 Flushed c54sm14163416wra.84 - gsmtp\r\n\n>> AUTH XOAUTH2 dXNlcj1qaW1AaW1tZXJzaW9uLXBpY3R1cmVzLmNvbQFhdXRoPUJlYXJlciBjcGJzb2Fvcnd1a3ZmcGVlAQE=\r\n\n<< 334 eyJzdGF0dXMiOiI0MDAiLCJzY2hlbWVzIjoiQmVhcmVyIiwic2NvcGUiOiJodHRwczovL21haWwuZ29vZ2xlLmNvbS8ifQ==\r\n\n!! Expected response code 235 but got code \"334\", with message \"334 eyJzdGF0dXMiOiI0MDAiLCJzY2hlbWVzIjoiQmVhcmVyIiwic2NvcGUiOiJodHRwczovL21haWwuZ29vZ2xlLmNvbS8ifQ==\r\n\" (code: 334)\n>> RSET\r\n\n<< 535-5.7.8 Username and Password not accepted. Learn more at\r\n535 5.7.8 https:\/\/support.google.com\/mail\/?p=BadCredentials c54sm14163416wra.84 - gsmtp\r\n\n!! Expected response code 250 but got code \"535\", with message \"535-5.7.8 Username and Password not accepted. Learn more at\r\n535 5.7.8 https:\/\/support.google.com\/mail\/?p=BadCredentials c54sm14163416wra.84 - gsmtp\r\n\" (code: 535)", "file": "\/Users\/jim\/Sites\/immersion-pictures\/user\/plugins\/email\/vendor\/swiftmailer\/swiftmailer\/lib\/classes\/Swift\/Plugins\/LoggerPlugin.php", "line": 140 } }the gmail security email:
sorry it's in french but it's basically saying: "we just blocked a connexion trial to your account from an app with security risk"
To be sure my grav configuration was working I've made some test with an other gmail account but without 2FA and by activating
less secure appsoption. And this time It was working... Mails are properly send!Of course activating
less secure appsis not an option for production for obvious reasons.If Grav is not consider by Google as secure maybe the best way would be to add an
oauthsolution for this plugin? (from what I've read on google...)I hope you have some kind of solution :)
Thank you
The text was updated successfully, but these errors were encountered: