Ask HN: Did Google turn off IMAP access for good over the weekend?
Google was going to turn off access for LSA apps soon, and this includes IMAP for Gmail. However, with the pandemic they delayed this indefinitely.
https://gsuiteupdates.googleblog.com/2020/03/less-secure-app...
Since May 1st, using IMAP to access a G Suite account stopped working, though, with a message:
> IMAP command 'AUTHENTICATE PLAIN <authdata>' returned an error: NO [AUTHENTICATIONFAILED] Invalid credentials (Failure)
I know the credentials are good because they work in the browser. Maybe an automated process somewhere kicked in?
81 comments
[ 3.8 ms ] story [ 151 ms ] threadHow is your experience so far with inboxing while using Mail In A Box?
The setting is also gone for me!
> I'm not sure if Google allows using phone notifications first (another 2fa method) and then switching to TOTP...
It's currently 2020-05-04 11:26 UTC and the issue is ongoing.
EDIT: does anyone know if google has an "uptime" page for their various services where they can provide status updates as they diagnose the issue? This is impacting our entire org on G-suite.
EDIT2: Found this, but it shows "Gmail" as "green" Yeah, it's still down :rolleyes: https://www.google.com/appsstatus#hl=en
EDIT3: As of 2020-05-04 11:45 UTC, it's back up for me.
Edit: the "Less secure apps" [1] setting was reporting "setting could not be read", it's just re-appeared here in the UK (11:40 UTC).
[0] https://downdetector.co.uk/status/gmail/
[1] https://myaccount.google.com/lesssecureapps
[0] https://allestoringen.nl/storing/gmail/
[1] https://support.google.com/mail/answer/185833?hl=en
https://developers.google.com/gmail/imap/xoauth2-protocol
https://hobo.house/2017/07/17/using-offlineimap-with-the-gma...
I haven't used it but it looks like it pushes the oauth2 token refresh off to an external script.
* https://support.google.com/mail/thread/44318228?hl=en
But yeesh - would've been just my luck! I'm in the process of putting together my de-Google plan lately.
Any suggestion for a comparable email service?
[1] https://www.ctrl.blog/entry/goodbye-fastmail.html
As with gmail the fastmail provider does read your email content to provide e.g. search (and in case of gmail who knows what more?). Both will hand out information with a lawful warrant. -- And as long as the government is reasonably sane [2] that's perfectly fine with me.
[1] https://fastmail.blog/2018/12/21/advocating-for-privacy-aabi... [2] otherwise I'd try ProtonMail (but it has a price in useability)
However a service not randomly shutting down or dropping support for open protocols _is_ part of my requirements for an email host.
If you expect your emails to be inaccessible to anyone except you and the recipient you'll have to encrypt them anyway. If you are worried about the data-mining for ad purposes on other providers switching to a paid provider like Fastmail is still a good option and while everyone is subject to ad-tech data mining not everyone is subject to a targeted collection by a government actor most of the time.
I want to bash Trump's latest haircut without fear of incoming, frivolous litigation.
I do, however, expect consequences if I do something really stupid.
They exceed all my expectations, and I‘m picky.
Posteo.de (no custom domain support), runbox.com, mailbox.org, mailfence.com, migadu.com, mxroute.com (if you don't mind hosting in the U.S.), ProtonMail (needs a bridge software to use IMAP) and Tutanota (no IMAP support)
If you'd like to support the next generation JMap (which Fastmail develops), then getting a paid subscription on Fastmail could help.
NOTE: it is not as AJAXy as Gmail.
[1] https://news.gandi.net/en/2017/01/introducing-sogo-new-webma...
[2] https://sogo.nu/
I guess someone didn't get the memo. Or else yes, perhaps they got some automated thing scheduled in advance and failed to roll it back properly as announced.
Probably 'cause they can't log into their IMAP account right now...
I'm comfortable with setting up a VM, but I don't know much about email.
https://github.com/awesome-selfhosted/awesome-selfhosted#ema... See especially homebox, Mail-in-a-box "complete solutions".
With brief exploration you might also be comfortable with just running the MTA for sending and forwarding, and MDA for "delivery", i.e. reading.
Will Apple Mail lose Gmail compatibility or can they upgrade to something?
https://developer.microsoft.com/en-us/office/blogs/end-of-su...
https://gsuiteupdates.googleblog.com/2019/12/less-secure-app...
Source: Had to do this to all my superb python bots that we using mails for error reporting.
I have a legacy Google Apps account on a custom domain, and have had two-factor auth configured for years. Today my SMTP credentials stopped working, so I went in and made a new app-specific password, and that is also not working as my SMTP password. I also can't enable the "less secure apps" option because 2fa is enabled. I don't see any path to fix this.
At the very end, I thought of changing my password and IT WORKED! Try "update" your password.