[#]Google is turning #GMail from an Email provider into a website.
No more access via standard email protocols such as #IMAP and #POP
Access via IMAP4 and POP3 as well as Mail Submission via SMTP require OAuth2 authentication via a web browser.
Probably according to RFC7628
The final stage of #enshittification . Locking the users in.
I wonder how they want to get rid of SMTP as stated in the support posting.
I guess this means outgoing SMTP to forward mail to a real email server.
I guess without relaying I won't ever receive any notifications Google services send to me again as I don't use the Gmail website.
I host my own Email server for many years, thank you.
Timeline for transition
Summer of 2024:
If you (or your users) try to connect to a less secure app for the first time, you will not be able to. This restriction includes third-party apps that still use basic authentication, such as CalDAV, CardDAV, IMAP, SMTP, and POP, to access Gmail, Google Calendar, and Contacts. If you’re not trying to connect for the first time, you will be able to continue using the apps until they’re turned off.
In the Google Admin console, you will not be able to access the turn on and off setting for less secure apps.
Users will not be able to turn IMAP on or off in their Gmail settings.
https://support.google.com/a/answer/14114704?hl=en&sjid=8073259250606890309-EU
=> More informations about this toot | More toots from Suran@toot.cat
@Suran I couldn't help but compare this with Tuta, which is "so secured" it's available only from its own client app :-/
=> More informations about this toot | More toots from Pandora@eldritch.cafe
@Pandora
I want the freedom NOT to use the GMail service to use other Google services.
=> More informations about this toot | More toots from Suran@toot.cat
@Suran We all want that since the beginning...
I could degoogle myself from lots of services, but it's too bad that the cost of moving away from Google Android to Murena Android is still too heavy for my day-to-day usage (no possibility to use Android Auto without Google Android, for example)
=> More informations about this toot | More toots from Pandora@eldritch.cafe
@Suran They're not disabling IMAP/SMTP/POP, right? As I understand it, they're just disabling password/basic authentication on those protocols. As long as your client supports https://developers.google.com/gmail/imap/xoauth2-protocol then you can continue using the standard email protocols. Did I miss something?
=> More informations about this toot | More toots from jamey@toot.cat
@jamey
So SMTP only for Email SUBMISSION and not for Email FORWARDING?
The "support center" page doesn't give any specifics here.
Because my own Email SERVER will never request that as the authentication method.
Only LOGIN or CRAM-MD5.
=> More informations about this toot | More toots from Suran@toot.cat
@Suran you have misunderstood this to the point of spreading complete misinformation. Please correct your post accordingly.
The only thing that is changing is that you can no longer use your "real" Google account password for IMAP/SMTP/etc. For good reason, this has already been really annoying to do for several years, requiring extra confirmation - now it will be completely disabled.
You can still use randomly generated "app passwords" and OAuth.
=> More informations about this toot | More toots from lambda@chaosfurs.social
@lambda @Suran but hasn’t that been disabled for several years already? last time i tried using a “less secure email client” google forced me to generate an app specific password in addition to enabling that setting
=> More informations about this toot | More toots from LambdaDuck@types.pl
@LambdaDuck @Suran from all the sources I can find, it looks like app passwords will continue to work. Google's wording on this is very confusing though, I agree.
=> More informations about this toot | More toots from lambda@chaosfurs.social
@Suran the thing that confuses me the most is what they actually disabled. i thought they had already disabled connecting by any of those methods using your real password years ago
=> More informations about this toot | More toots from LambdaDuck@types.pl
@Suran OK, this means one thing: time to migrate!!!
=> More informations about this toot | More toots from ZoidbergForPresident@mastodon.xyz
@Suran @cary5871 I'm having a hard time determining whether this means IMAP, etc. won't work at all, or whether it just means you have to generate an app password to use it. If they're going to shut off IMAP even with app passwords, that's huge. But that's not clear from this article. Either way, this might be the push I need to finally migrate my stuff away from gmail. My first gmail account is old enough to vote now, and I have every e-mail I've ever received on it. Definitely time to put those somewhere else.
=> More informations about this toot | More toots from simon@dragonscave.space
@simon @Suran if it means no more imap at all whatsoever, I have literally no idea what I'm going to do. lol, I've been on GMail since its inception, just about, and while I don't have every single email I've received, it's where I get all the email from the lists I'm subscribed to, and overall, it would be a pretty serious undertaking to migrate to something new. bleh.
=> More informations about this toot | More toots from cary5871@tweesecake.social
@cary5871 @Suran Well, what are you currently using to access it? All the major clients already log in using OAuth so they're not going to be affected. This includes Thunderbird, Apple Mail, outlook, Windows Mail.
=> More informations about this toot | More toots from simon@dragonscave.space
@simon @Suran I'm using Betterbird, which is a thunderbird clone? I guess you'd call it...
=> More informations about this toot | More toots from cary5871@tweesecake.social
@cary5871 @Suran Thunderbird uses a web-based login for Google accounts so I'd guess you're probably fine. But I don't know if Google has some kind of certification process for their "more secure apps" or something else that might gatekeep all the GMail backup scripts, for instance.
=> More informations about this toot | More toots from simon@dragonscave.space
@simon @cary5871 @Suran They do not. We use this at work and my Outlook, plus my iOS mail, do what they're told without complaining.
=> More informations about this toot | More toots from quanin@dragonscave.space
@simon @Suran @cary5871 IMAP, SMTP et al will still work with OAuth or an app password, depending on what you're client supports. This was made extremely clear in the email sent to Google Workspace admins who, for whatever reason, still have some users trying to authenticate with a standard user/pass combination. If you're a Google Workspace admin and didn't receive that mail, it probably means you don't have any affected users, although I hope they'll still let you know about the changes anyway. If you were planning to move away from Google already for unrelated reasons, carry on, but probably don't decide to do so based on a change which won't impact most people and was already enacted by some other providers (like Microsoft's hosted Exchange product).
=> More informations about this toot | More toots from jscholes@dragonscave.space
@jscholes @Suran @cary5871 I was already planning to, but I don't have enough justification for moving my main domain away from it. I will stop paying for the workspace subscription I have on TTHub soon though. I only had that because of unlimited storage, which is gone as of a couple of months ago. I figured app passwords would still work. Disabling those would be a much bigger deal and would make Google way less functional than Microsoft or Apple email. Although Microsoft disables SMTP by default now, so maybe it's all relative.
=> More informations about this toot | More toots from simon@dragonscave.space
@Faylen @Suran I don't think this is as bad as it sounds. They're disabling the ability to log in with a basic username and password, but still allowing clients that support the oAuth method to login. Most modern email clients will be just fine. As noted on the Google Help page at the following link, "The latest versions of Outlook, Apple Mail, and Samsung Mail support OAuth". likely many others which they don't list already support it as well. https://support.google.com/a/answer/9003945?hl=en
=> More informations about this toot | More toots from alpuzz@mastodon.social
@alpuzz @Suran Yeah, a few people have explained that to me. I didn't realize what oAuth actually was.
=> More informations about this toot | More toots from Faylen@disabled.social This content has been proxied by September (ba2dc).Proxy Information
text/gemini