Discussion:
command line email clients and gmail.com
Chuck Hallenbeck
2018-06-11 00:14:48 UTC
Permalink
Hi folks,

On my archlinux system with its command line environment, I have three
email clients able to send mail directly to my gmail smtp server at
port 587.

1. mutt with msmtp.

2. alpine

3. edbrowse.

All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.

Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.

Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.

Chuck
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (11% of Full)
When your only tool is a hammer, everything looks like a nail.
Sent from Alma's iPhone.
Justin Skists
2018-06-11 08:39:51 UTC
Permalink
Post by Chuck Hallenbeck
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Unless mutt and co. start using Google's OAuth and two-factor authentication (like some of the newer GUI clients), it may be impossible to continue to use gmail.com for SMTP and IMAP unless you keep the insecure security settings.

I used to use gmail.com as my kernel development address, but then I started migrating away from it after seeing this news article suggesting that gmail was becoming more-and-more a walled garden:

https://www.theregister.co.uk/2018/04/16/google_gmail_security/


Justin.
Janina Sajka
2018-06-12 17:28:20 UTC
Permalink
I don't think it's mutt that needs to use Google's dual authentication,
it's the user of Mutt.

I have had no issues using Google's dual authentication in several
years, since Linux Foundation first started requiring it some years ago.

In fact Google's dual authentication has become less onorous in recent
months. I've not been asked to reauthenticate in some time, across
several system reboots. If your IP address stays stable, I think you'll
find similar ease.

About 6 weeks ago I got a new Android phone. That prompted a validation
request, i.e. I'm confident authentication is still functioning.

I have used both Google's voice call second factor, as well as its SMS.
Assuming I'm home, I much prefer the former. From within Firefox, after
logging in with account ID and password, A google bot calls my voice
phone and reads out a 6 digit code for me to enter in the web form. From
there a TAB to Submit followed by Enter, and I'm in.

Because I've also chosen to register a few of my smart phone devices, I
may get a popup toast message on a registered device asking whether it
was really me that just tried logging in on my account. I can simply
double-tap the "Yes, that was me" button, and I'm in. This is what I did
on my old phone when I first brought my new phone on Google. Needless to
say, the new phone is now also registered.

Now I don't use Google's smtp as I have my own. However I would expect
similar behavior, meaning that you're logged in and registered with the
device you intend to use for outbound mail. It'll store your IP address,
and whatever additional machine identifying info it tracks--that I don't
know. Beyond that it's looking for a TLS cert, but I believe any valid
TLS should do the job.

Personally, I wouldn't want them to simply accept outbound mail, without
some kind of authentication. That would only serve as a vector for spam
amplification.

hth

Janina
Post by Justin Skists
Post by Chuck Hallenbeck
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Unless mutt and co. start using Google's OAuth and two-factor authentication (like some of the newer GUI clients), it may be impossible to continue to use gmail.com for SMTP and IMAP unless you keep the insecure security settings.
https://www.theregister.co.uk/2018/04/16/google_gmail_security/
Justin.
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Janina Sajka

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup: http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair, Accessible Platform Architectures http://www.w3.org/wai/apa
Jude DaShiell
2018-06-12 18:29:41 UTC
Permalink
That's what happened to me until my account got knocked over. I had
google phone me and keyed in six digit codes and sometimes got an sms
prompt on a device once it was already registered.
Also, last time I read google has a 500 messages a day limit on its smtp
service.



--
Kelly Prescott
2018-06-12 18:49:23 UTC
Permalink
Most normal email users do not send 500 messages per day. If you do, then
maybe you should look toward a commercial service which would support
that.
Post by Jude DaShiell
That's what happened to me until my account got knocked over. I had
google phone me and keyed in six digit codes and sometimes got an sms
prompt on a device once it was already registered.
Also, last time I read google has a 500 messages a day limit on its smtp
service.
--
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Jude DaShiell
2018-06-11 14:21:47 UTC
Permalink
I wasn't able to do so without a huge amount of inconvenience. Here's
the rest of that story too. I went as far as enabling two-step
authentication in February of 2018. Last week I tried logging into my
google account. My password was complex and 20 characters in length the
last time I logged into that account successfully. Last week the
password had been changed and whoever did that had it shortened to 14
characters. I ended up deleting my account. If I ever create another
google account I will not use any of google's enhanced security features
since all of them only provide the authorized users a huge amount of
hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have three
email clients able to send mail directly to my gmail smtp server at
port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
Don Raikes
2018-06-11 15:17:21 UTC
Permalink
So if gmail is not a viable option what are others using instead?
-----Original Message-----
From: Jude DaShiell <***@panix.com>
Sent: Monday, June 11, 2018 7:22 AM
To: Chuck Hallenbeck <***@gmail.com>; Speakup is a screen review system for Linux. <***@linux-speakup.org>
Subject: Re: command line email clients and gmail.com

I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
Chris Nestrud
2018-06-11 15:43:08 UTC
Permalink
I've had good luck with Fastmail, www.fastmail.com. Two-factor is
available but not nandatory. Option of per-app passwords so if someone
gets the password you use for mutt, they can't access the other features
of your account. I'm using it successfully for sending and receiving
mail using mutt under Linux, Outlook under iOS, and the standard mail
program on iPhone.

Chris
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
Sent: Monday, June 11, 2018 7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Chuck Hallenbeck
2018-06-11 19:10:25 UTC
Permalink
Hi Chris

I also was a huge fan of fastmail, abandoning them when they retired
their "classic" interface, which made their remaining "standard" site
inaccessible to the command line tools I had available here.

When some folks say "classic" I guess they mean "old-fashioned." I'd
return to them in a minute if I could

Chuck
Post by Chris Nestrud
I've had good luck with Fastmail, www.fastmail.com. Two-factor is
available but not nandatory.
Chris
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
Sent: Monday, June 11, 2018 7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (6% of Full)
When your only tool is a hammer, everything looks like a nail.
Sent from Violet's iPhone.
Chris Nestrud
2018-06-11 19:24:59 UTC
Permalink
You'd probably have decent luck with http://www.tuffmail.com. I used
them before switching to Fastmail. Their pages are simple enough that
they should work with text browsers. Available web-based mail clients
include Squirrelmail. Downsides include no two-factor auth and I believe no
per-app passwords. My information is a couple years out of date so YMMV.

Chris
Post by Chuck Hallenbeck
Hi Chris
I also was a huge fan of fastmail, abandoning them when they retired
their "classic" interface, which made their remaining "standard" site
inaccessible to the command line tools I had available here.
When some folks say "classic" I guess they mean "old-fashioned." I'd
return to them in a minute if I could
Chuck
Post by Chris Nestrud
I've had good luck with Fastmail, www.fastmail.com. Two-factor is
available but not nandatory.
Chris
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp
server > at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security
settings > have enabled something called "Allow access by less
secure apps.
Recently I have been asked by google to disable that feature for >
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature >
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (6% of Full)
When your only tool is a hammer, everything looks like a nail.
Sent from Violet's iPhone.
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Tom Fowle
2018-06-12 02:43:43 UTC
Permalink
Also using fastmail.com I have the feeling they may some time require two
part authentication, hope mutt will support that.
It is a paid service but not expensive.
extremely reliable and they even admit when they do have problems.

Tom Fowle WA6IVG
Post by Chris Nestrud
I've had good luck with Fastmail, www.fastmail.com. Two-factor is
available but not nandatory. Option of per-app passwords so if someone
gets the password you use for mutt, they can't access the other features
of your account. I'm using it successfully for sending and receiving
mail using mutt under Linux, Outlook under iOS, and the standard mail
program on iPhone.
Chris
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
Sent: Monday, June 11, 2018 7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Chuck Hallenbeck
2018-06-12 09:34:34 UTC
Permalink
Post by Tom Fowle
Also using fastmail.com I have the feeling they may some time require two
part authentication, hope mutt will support that.
It is a paid service but not expensive.
extremely reliable and they even admit when they do have problems.
Tom Fowle WA6IVG
Post by Chris Nestrud
I've had good luck with Fastmail, www.fastmail.com. Two-factor is
available but not nandatory. Option of per-app passwords so if someone
gets the password you use for mutt, they can't access the other features
of your account. I'm using it successfully for sending and receiving
mail using mutt under Linux, Outlook under iOS, and the standard mail
program on iPhone.
Chris
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
Sent: Monday, June 11, 2018 7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (3% of Full)
When elephants fight, the grass gets crushed.
Sent from Alonzo's iPhone.
Glenn At Home
2018-06-12 02:53:20 UTC
Permalink
I hadn't thought of it until now, but I use Startpage.com for my search
engine, because Google can't track your searches, and they have the same
privacy with startmail.
go to:
http://www.startpage.com/
and make it your search engine, and there is information for startmail there
too.
Glenn
----- Original Message -----
From: "Chris Nestrud" <***@chrisnestrud.com>
To: "Speakup is a screen review system for Linux."
<***@linux-speakup.org>
Sent: Monday, June 11, 2018 10:43 AM
Subject: Re: command line email clients and gmail.com


I've had good luck with Fastmail, www.fastmail.com. Two-factor is
available but not nandatory. Option of per-app passwords so if someone
gets the password you use for mutt, they can't access the other features
of your account. I'm using it successfully for sending and receiving
mail using mutt under Linux, Outlook under iOS, and the standard mail
program on iPhone.

Chris
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
Sent: Monday, June 11, 2018 7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the
rest of that story too. I went as far as enabling two-step authentication
in February of 2018. Last week I tried logging into my google account.
My password was complex and 20 characters in length the last time I logged
into that account successfully. Last week the password had been changed
and whoever did that had it shortened to 14 characters. I ended up
deleting my account. If I ever create another google account I will not
use any of google's enhanced security features since all of them only
provide the authorized users a huge amount of hassle and are trivial for
hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
***@linux-speakup.org
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Karen Lewellen
2018-06-11 16:07:58 UTC
Permalink
this too might be an odd question, but why might one choose not to use
gmail in html mode directly?
Very back of the class question of course.
Post by Don Raikes
So if gmail is not a viable option what are others using instead?
-----Original Message-----
Sent: Monday, June 11, 2018 7:22 AM
Subject: Re: command line email clients and gmail.com
I wasn't able to do so without a huge amount of inconvenience. Here's the rest of that story too. I went as far as enabling two-step authentication in February of 2018. Last week I tried logging into my google account. My password was complex and 20 characters in length the last time I logged into that account successfully. Last week the password had been changed and whoever did that had it shortened to 14 characters. I ended up deleting my account. If I ever create another google account I will not use any of google's enhanced security features since all of them only provide the authorized users a huge amount of hassle and are trivial for hackers to crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Jude DaShiell
2018-06-11 16:42:01 UTC
Permalink
Another question from the back of the class. which command line e-mail
packages automatically strip out html formatting and show the correct text
in unicode or ascii or whichever preferred display format is in use on the
system? I suppose a good .mailcap entry would be capable of causing this
to happen automagically but don't know for sure.



--
Chuck Hallenbeck
2018-06-11 19:16:06 UTC
Permalink
Not to be outdone, but here's an even further back question:

What if I installed an MTA on my system, like exim or postfix? Would
that be a workaround? At present each of my three email programs sends
directly to smtp.gmail.com, and I have no MTA on my system at all.

Chuck
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (6% of Full)
When your only tool is a hammer, everything looks like a nail.
Sent from Lucy's iPhone.
Kirk Reiser
2018-06-11 23:20:31 UTC
Permalink
That's what I do for mail. I have postfix installed and then go back
and forth between alpine and mutt depending on the system on my LAN
I'm using. A while back I began having trouble with gmail accepting
mail so I had to install a dkim mail verifier to get around their
silliness. It works very well IMO and I don't know why anyone would
use anything else. I really like to control my own mail handling.

Kirk
Post by Chuck Hallenbeck
What if I installed an MTA on my system, like exim or postfix? Would
that be a workaround? At present each of my three email programs sends
directly to smtp.gmail.com, and I have no MTA on my system at all.
Chuck
Janina Sajka
2018-06-12 17:32:45 UTC
Permalink
dkim, dmark, and spf checks are now quite standard. Some inbound sites
will bounce mail that doesn't check out with these protocols.

Janina
Post by Kirk Reiser
That's what I do for mail. I have postfix installed and then go back
and forth between alpine and mutt depending on the system on my LAN
I'm using. A while back I began having trouble with gmail accepting
mail so I had to install a dkim mail verifier to get around their
silliness. It works very well IMO and I don't know why anyone would
use anything else. I really like to control my own mail handling.
Kirk
Post by Chuck Hallenbeck
What if I installed an MTA on my system, like exim or postfix? Would
that be a workaround? At present each of my three email programs sends
directly to smtp.gmail.com, and I have no MTA on my system at all.
Chuck
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Janina Sajka

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup: http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair, Accessible Platform Architectures http://www.w3.org/wai/apa
Jason White
2018-06-13 12:09:14 UTC
Permalink
Post by Janina Sajka
dkim, dmark, and spf checks are now quite standard. Some inbound sites
will bounce mail that doesn't check out with these protocols.
That's an important point. In general, spam filtering (and dealing with
recipients' spam filtering) is what makes running a mail server challenging.

Despite this, I do currently run my own - a Postfix instance on a virtual
machine hosted at linode.com.

This gives the greatest control, privacy and flexibility, but, as noted, it
comes with work attached.

I've recently configured rspamd, a new anti-spam tool that somewhat improves
and simplifies spam filtering. It can also handle signing of outbound messages
with DKIM, but, for the moment, I'm still using OpenDKIM for that purpose.
Frank Carmickle
2018-06-29 14:32:18 UTC
Permalink
Hi all,

Sorry to be late to the thread

A few things to consider, from where I sit.

Using 465, smtps, is better than using 587 as there are starttls downgrade attacks.

I don’t generally like two factor auth for most services, as the second factor is often associated with the device you are most likely to loose, your phone.

I, like Jason, am running my own mail services as I don’t need google reading my mail any more than they already are, from senders and receivers on their service to me. The more of us who run our own mail systems the better the mail situation will be for us. In recent years it has gotten harder and harder for your legitimate mail to end up in someone’s inbox. Even with dkim and spf many services dump your legitimate mail in to a spam box if you aren’t whitelisted by the user. I too am running rspamd and I’m finding that it does a reasonably good job of keeping the spam count low.

$0.019

--FC
Post by Jason White
Post by Janina Sajka
dkim, dmark, and spf checks are now quite standard. Some inbound sites
will bounce mail that doesn't check out with these protocols.
That's an important point. In general, spam filtering (and dealing with
recipients' spam filtering) is what makes running a mail server challenging.
Despite this, I do currently run my own - a Postfix instance on a virtual
machine hosted at linode.com.
This gives the greatest control, privacy and flexibility, but, as noted, it
comes with work attached.
I've recently configured rspamd, a new anti-spam tool that somewhat improves
and simplifies spam filtering. It can also handle signing of outbound messages
with DKIM, but, for the moment, I'm still using OpenDKIM for that purpose.
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Janina Sajka
2018-07-02 16:25:33 UTC
Permalink
Hi, Frank, All:

Interesting about 465 over 587. I suppose this is now easier to maintain
using Let's Encrypt certs that are more likely to be accepted over
self-signed ones?

Also, about dual factor, one should have a ready plan in place when a
mobile phone is lost, especially if it's certainly lost and not just
misplaced. But more to the point, the second factor shouldn't be limited
to a single device, either. Any single point of failure is a problem.

In my case I have Google dual factor call my hard wired deskphone and
read out digits that I enter into the web form. Works like a charm.


PS: About those certs, I'm seriously considering taking up e residency
in E stonia. No joke!

http://eresident.gov.ee

There's an entire discussion behind that which I'll leave for another
day! Be well!

Janina
Post by Frank Carmickle
Hi all,
Sorry to be late to the thread
A few things to consider, from where I sit.
Using 465, smtps, is better than using 587 as there are starttls downgrade attacks.
I don’t generally like two factor auth for most services, as the second factor is often associated with the device you are most likely to loose, your phone.
I, like Jason, am running my own mail services as I don’t need google reading my mail any more than they already are, from senders and receivers on their service to me. The more of us who run our own mail systems the better the mail situation will be for us. In recent years it has gotten harder and harder for your legitimate mail to end up in someone’s inbox. Even with dkim and spf many services dump your legitimate mail in to a spam box if you aren’t whitelisted by the user. I too am running rspamd and I’m finding that it does a reasonably good job of keeping the spam count low.
$0.019
--FC
Post by Jason White
Post by Janina Sajka
dkim, dmark, and spf checks are now quite standard. Some inbound sites
will bounce mail that doesn't check out with these protocols.
That's an important point. In general, spam filtering (and dealing with
recipients' spam filtering) is what makes running a mail server challenging.
Despite this, I do currently run my own - a Postfix instance on a virtual
machine hosted at linode.com.
This gives the greatest control, privacy and flexibility, but, as noted, it
comes with work attached.
I've recently configured rspamd, a new anti-spam tool that somewhat improves
and simplifies spam filtering. It can also handle signing of outbound messages
with DKIM, but, for the moment, I'm still using OpenDKIM for that purpose.
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Janina Sajka

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup: http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair, Accessible Platform Architectures http://www.w3.org/wai/apa
Jason White
2018-07-03 18:44:27 UTC
Permalink
Post by Janina Sajka
Interesting about 465 over 587. I suppose this is now easier to maintain
using Let's Encrypt certs that are more likely to be accepted over
self-signed ones?
Yes, assuming that the client verifies the server's certificate.

I've just enabled port 465 (SMTPS) on my mail server - thanks for the
suggestion.

Jude DaShiell
2018-06-12 12:59:38 UTC
Permalink
Not really, mutt has smtp capability built-in which is probably how your
mail gets out in the first place. If you were to uninstall mutt, then
you'd need an mta like msmtp or exim4 or postfix to mail out or another
program with built-in smtp capability.
Date: Mon, 11 Jun 2018 15:16:06
Subject: RE: command line email clients and gmail.com
What if I installed an MTA on my system, like exim or postfix? Would
that be a workaround? At present each of my three email programs sends
directly to smtp.gmail.com, and I have no MTA on my system at all.
Chuck
--
Chuck Hallenbeck
2018-06-12 15:54:36 UTC
Permalink
I presently use msmtp to send my mutt mail, while alpine can redefine
"sendmail" to point directly to smtp.gmail.com:587, and edbrowse also
interacts directly with its "smarthost". So what I'm thinking is, I
could install postfix and let mutt and alpine hand their outbound mail
to postfix, and from there to gmail. Maybe gmail won't complain about
postfix like it does with my current setup. If I understood Kirk's
reply, that's how he sends his mail., though I'm not sure he uses
gmail.com.

Chuck
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (2% of Full)
When elephants fight, the grass gets crushed.
Sent from Colin's iPhone.
Janina Sajka
2018-06-12 17:31:18 UTC
Permalink
Yes, that would be the classic solution, provided your ISP isn't
blocking you.
Post by Chuck Hallenbeck
What if I installed an MTA on my system, like exim or postfix? Would
that be a workaround? At present each of my three email programs sends
directly to smtp.gmail.com, and I have no MTA on my system at all.
Chuck
--
Here too, In Northeast Ohio, The Moon is Waning Crescent (6% of Full)
When your only tool is a hammer, everything looks like a nail.
Sent from Lucy's iPhone.
_______________________________________________
Speakup mailing list
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
--
Janina Sajka

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup: http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair, Accessible Platform Architectures http://www.w3.org/wai/apa
Glenn At Home
2018-06-12 02:50:57 UTC
Permalink
My ISP gives me 10 accounts.

----- Original Message -----
From: "Don Raikes" <***@ORACLE.COM>
To: "Speakup is a screen review system for Linux."
<***@linux-speakup.org>; "Chuck Hallenbeck" <***@gmail.com>
Sent: Monday, June 11, 2018 10:17 AM
Subject: RE: command line email clients and gmail.com


So if gmail is not a viable option what are others using instead?
-----Original Message-----
From: Jude DaShiell <***@panix.com>
Sent: Monday, June 11, 2018 7:22 AM
To: Chuck Hallenbeck <***@gmail.com>; Speakup is a screen review
system for Linux. <***@linux-speakup.org>
Subject: Re: command line email clients and gmail.com

I wasn't able to do so without a huge amount of inconvenience. Here's the
rest of that story too. I went as far as enabling two-step authentication
in February of 2018. Last week I tried logging into my google account. My
password was complex and 20 characters in length the last time I logged into
that account successfully. Last week the password had been changed and
whoever did that had it shortened to 14 characters. I ended up deleting my
account. If I ever create another google account I will not use any of
google's enhanced security features since all of them only provide the
authorized users a huge amount of hassle and are trivial for hackers to
crack.
Date: Sun, 10 Jun 2018 20:14:48
Subject: command line email clients and gmail.com
Hi folks,
On my archlinux system with its command line environment, I have
three email clients able to send mail directly to my gmail smtp server
at port 587.
1. mutt with msmtp.
2. alpine
3. edbrowse.
All three methods work only when my google account security settings
have enabled something called "Allow access by less secure apps.
Recently I have been asked by google to disable that feature for
security reasons, but doing so prevents my outgoing mail from being
accepted by smtp.gmail.com.
Anybody else able to use gmail.com with that security feature
disabled, as google advises? Suggestions appreciated.
Chuck
--
_______________________________________________
Speakup mailing list
***@linux-speakup.org
https://urldefense.proofpoint.com/v2/url?u=http-3A__linux-2Dspeakup.org_cgi-2Dbin_mailman_listinfo_speakup&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=RSYNyNFr7Oj1BRE0qW_8pVA2z0qhUeWtOTBuXmZp9uE&m=9Y8i54Ecao5MzVdHocqncpqXwRPndS5BionYcK18yLw&s=LXtrQDl9Q334IQEp_JmRIyVJ1a6O790k7yV35vnOXn0&e=
_______________________________________________
Speakup mailing list
***@linux-speakup.org
http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup
Cleverson Casarin Uliana
2018-07-01 14:26:15 UTC
Permalink
Hello, does edbrowse work with the FastMail web interface? Also, does
one need to manually write sieve scripts to create rules for mail
filtering, or the FastMail web interface is friendly in this regard,
either using edbrowse or a desktop browser?

Thanks,
Cleverson
Loading...