Thanks Al for posting this..
As a rule, everyone should be deprecating port 110/143 for
authentication and using the SSL/TLS versions..
Hopefully, this will help convince all other ISP's to at least do that.
-- Michael --
And of course, a quick pitch on email clients should consider supporting
CLIENTID to ensure all your customers have access to simple 2FA.
On 2019-12-16 11:20 a.m., Al Iverson via mailop wrote:
Google is announcing that in the future, G-Suite accounts will not
support LSA (Less Secure Access) account connection functionality.
This will put an end to accessing your Gmail account via POP3 or old
school IMAP, unless your email client supports OAuth.
Google says:
Access to LSAs will be turned off in two stages:
1. June 15, 2020 - Users who try to connect to an LSA for the first
time will no longer be able to do so. This includes third-party apps
that allow password-only access to Google calendars, contacts, and
email via protocols such as CalDAV, CardDAV and IMAP. Users who have
connected to LSAs prior to this date will be able to continue using
them until usage of all LSAs is turned off.
2. February 15, 2021 - Access to LSAs will be turned off for all G
Suite accounts.
Email:
- If you are using stand-alone Outlook 2016 or earlier, move to Office
365 (a web-based version of Outlook) or Outlook 2019, both of which
support OAuth access. Alternatively you can use G Suite Sync for
Microsoft Outlook.
- If you are using Thunderbird or another email client, re-add your
Google Account and configure it to use IMAP with OAuth.
- If you are using the mail app on iOS or MacOS, or Outlook for Mac,
and use only a password to login, you’ll need to remove and re-add
your account. When you add it back, select “sign in with Google” to
automatically use OAuth.
Net: After this is implemented, G-Suite accounts will no longer have
old school POP3 and IMAP support.
This isn't a bad thing, of course.
But it is a change. And I manage a bunch of deliverability test,
spamtrap and seed address accounts that are going to be impacted by
this-- my homegrown software used today does not yet have support for
OAuth, so I need to decide what I'm going to do. Build an app module
that supports OAuth? Move mailboxes to a different provider? Roll my
own?
Question for the group -- this clearly is being announced for G-Suite
accounts. Does anyone know if Gmail.com user accounts are going to
lose LSA access as well? Are there other folks out there that will
have to make code changes to comply with these changes?
TIA for your thoughts.
Cheers,
Al Iverson
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
