On Fri, 16 Aug 2019, loredana wrote: > Date: Fri, 16 Aug 2019 10:02:17 > From: loredana <llcf...@gmail.com> > To: Celejar <cele...@gmail.com> > Cc: debian-user@lists.debian.org > Subject: Re: webmail and email from command line > Resent-Date: Fri, 16 Aug 2019 12:03:05 +0000 (UTC) > Resent-From: debian-user@lists.debian.org > > First of all, I wish to thank all of you who shared their experience. > Be reassured I am taking any constructive suggestion into serious > account and exploring more. > > Then: > > On Fri, Aug 16, 2019 at 2:03 AM Celejar <cele...@gmail.com> wrote: > > > > On Wed, 14 Aug 2019 16:24:49 +000 > > > loredana <llcf...@gmail.com> wrote: > > > secure applications, this is likely not to be a viable solution (it > > > seems that google is going to forbit less secure application access > > > starting November first of this year and it is already a pain to use > > > it now). > > > > What is your source for Google's plans, and how is it already a pain? > > I am following the google development on this issue, but I got the > date from the mu4e mailing list. I'l post the link, if I can find it > again (remember, I am almost blind and even replying to email is, at > the moment, really slow and difficult). > > > have been using getmail and sylpheed with several Google mail accounts > > for years, and it seemed pretty straightforward - just set the "allow > > less secure apps" option, and then configure POP3 / SMTP normally. > > In the email that started this thread, I tried to make clear that this > is something happening "now". I use the internet for crossing oceans > quickly since bitnet and I remember whet google was born as > google."org". I am myself a long term gmail user and this is why I > carefully look after main changes. The way email clients will > authenticate to gmail is drfinitely one of them and is going to affect > us for sure. > > I may be able to be more responsive once I find a good way of avoiding > webmail. > Meanwhile, here is the best I could find toward a possible solution > that may help avoid the OAUTH2 authorization issue by complying with > it. > > You need debian buster as a minimum, then look at the gmailieer > package. It seems to be oauth2 enabled and therefore be able to access > gmail and possibly other mail providers. I still have to test it. If > you try it, be careful because it requires notmuch and notmuch is in > the less secure apps list, so you have to allow less secure apps > first, I guess, and hopefully be able to set it off/on as you like > again (if you can, this will probably get a feeling about the pain > ...). > > gmailieer is GPLv3+ and in debian. IMHO this these are two good > things. The debian package page: > https://packages.debian.org/search?keywords=gmailieer > > It seems that mbsync (isink) is on itw long way to become OAUTH2 > enableb, too, as possibly other applications. It is a matter of timen > and the free software community will catch up, as usual. > > I don't think the authentication issue is going to affect webmail > users for a while.
Running using 2fa may be possible with non-browser apps if your security records indicate you ran with what google considers an untrusted app and google has it listed. You can generate an app-specific password for the non-browser app and will need to save it. Then you modify your non-browser app settings on local machine and key in that app-specific password in place of the other password you used earlier. This has been documented for mutt as being possible and may work for other non-browser apps too. You'll need to give google a mobile number for account recovery and the like too. > > Loredana > > --