Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Fetchmail, gmail and 2fa.
1,782 views
Skip to first unread message
Rinaldi
Dec 7, 2021, 1:26:56 PM12/7/21
to
I'm currently using fetchmail to draw from various POP accounts and
distribute on my server using fetchmail, procmail, and dovecot. It has
worked flawlessly for several years going back to when imapd was the
serving daemon.
I received notification that Gmail will be going to 2FA (two factor
authentication) as of December 14.
Switching to 2FA at gmail results in a fetchmail authentication error.
Obviously the challenge/response required to log in is missing in
fetchmail, just the POP password is submitted.
Does this signal the end of my current mail service and force us to use
webmail? If not, how can I satisfy gmail's need for 2FA via fetchmail?
Is there an alternative to fetchmail that will provide this
authentication requirement?
Rinaldi
distribute on my server using fetchmail, procmail, and dovecot. It has
worked flawlessly for several years going back to when imapd was the
serving daemon.
I received notification that Gmail will be going to 2FA (two factor
authentication) as of December 14.
Switching to 2FA at gmail results in a fetchmail authentication error.
Obviously the challenge/response required to log in is missing in
fetchmail, just the POP password is submitted.
Does this signal the end of my current mail service and force us to use
webmail? If not, how can I satisfy gmail's need for 2FA via fetchmail?
Is there an alternative to fetchmail that will provide this
authentication requirement?
Rinaldi
Marco Moock
Dec 7, 2021, 2:13:17 PM12/7/21
to
Am Tue, 7 Dec 2021 12:26:44 -0600
schrieb Rinaldi <r...@nunya.inv>:
> Does this signal the end of my current mail service and force us to
> use webmail? If not, how can I satisfy gmail's need for 2FA via
> fetchmail? Is there an alternative to fetchmail that will provide
> this authentication requirement?
As I know, you need to use OAuth2 with 2FA to make it work, but I can't
try it, I got rid off all my Google accounts.
schrieb Rinaldi <r...@nunya.inv>:
> Does this signal the end of my current mail service and force us to
> use webmail? If not, how can I satisfy gmail's need for 2FA via
> fetchmail? Is there an alternative to fetchmail that will provide
> this authentication requirement?
try it, I got rid off all my Google accounts.
root
Dec 8, 2021, 12:24:36 AM12/8/21
to
Ralph Spitzner
Dec 8, 2021, 10:49:04 AM12/8/21
to
Rinaldi wrote on 12/7/21 7:26 PM:
all good just generate an "application-specific" password an use that instead of "your" password
-rasp
-rasp
Chris Vine
Dec 8, 2021, 7:23:25 PM12/8/21
to
Mike Small
Dec 8, 2021, 8:01:01 PM12/8/21
to
people seem to know something about getting email out of gmail. Maybe
you can glean something useful from what they write about it. Or maybe
their inc command could be adapted to your use if fetchmail can't do it:
https://lists.nongnu.org/archive/html/nmh-workers/2020-09/msg00005.html
https://lists.nongnu.org/archive/html/nmh-workers/2020-07/msg00017.html
https://lists.nongnu.org/archive/html/nmh-workers/2019-12/msg00064.html
https://lists.nongnu.org/archive/html/nmh-workers/2019-06/msg00118.html
https://lists.nongnu.org/archive/html/nmh-workers/2019-06/msg00099.html
- Mike S.
Rinaldi
Dec 8, 2021, 8:27:12 PM12/8/21
to
working for gmail in ~/.fetchmailrc.
poll pop.gmail.com with proto POP3 service 995
user '$USER' there with password '$2FAPWD' is '$USER' here ssl
Thanks for the tip.
Rinaldi
Ralph Spitzner
Dec 9, 2021, 12:50:44 AM12/9/21
to
Chris Vine wrote on 12/9/21 1:23 AM:
what happens if you google google ? :-)
gmail application specific password
first hit :
Sign in with App Passwords - Google Account Help
gmail application specific password
first hit :
Sign in with App Passwords - Google Account Help
Chris Vine
Dec 9, 2021, 6:56:57 AM12/9/21
to
sending I generally use postfix as a local server on localhost with
smtp.gmail.com as relay, or sometimes mailx and sylpheed directly
forwarding to smtp.gmail.com as relay. I also have two or three
different laptops which I use with my gmail account.
Do all these different applications require their own application
specific password? If so, given that each laptop would also seem to
require its own set of passwords, this all sounds somewhat tedious.
Chris
Ralph Spitzner
Dec 9, 2021, 8:14:57 AM12/9/21
to
Chris Vine wrote on 12/9/21 12:56 PM:
[...]
-rasp
[...]
> Do all these different applications require their own application
> specific password? If so, given that each laptop would also seem to
> require its own set of passwords, this all sounds somewhat tedious.
>
> Chris
>
I recently switched from a laptop to a mini-pc and it's still working, so my guess is no ....
> specific password? If so, given that each laptop would also seem to
> require its own set of passwords, this all sounds somewhat tedious.
>
> Chris
>
-rasp
Chris Vine
Dec 9, 2021, 10:16:24 AM12/9/21
to
password" for all your gmail applications on all your computers. I had
assumed that google in some way hashed some characteristic of each
computer into the password, and maybe some characteristic of each
application, but apparently not.
If so, this makes using google's not very application specific passwords
more tractable. This would still address what appears to be google's
main concern, which is people re-using passwords on other (non-google)
sites.
Ralph Spitzner
Dec 10, 2021, 2:01:57 AM12/10/21
to
Chris Vine wrote on 12/9/21 4:16 PM:
you could, of course just copy that pw and use it somewhere else :-/
I think it's more or less that you have to authenricate with 2fa with google
to get such a password,which THEY generate make it pretty safe to say that
it's either you, or someone using your credentials an phone that's logging in ....
-rasp
> On Thu, 9 Dec 2021 14:14:54 +0100
[...]
ll your computers. I had
> assumed that google in some way hashed some characteristic of each
> computer into the password, and maybe some characteristic of each
> application, but apparently not.
>
> If so, this makes using google's not very application specific passwords
> more tractable. This would still address what appears to be google's
> main concern, which is people re-using passwords on other (non-google)
> sites.
>
I guess it's pretty hard to 'footprint' something connecting to port 995...
> assumed that google in some way hashed some characteristic of each
> computer into the password, and maybe some characteristic of each
> application, but apparently not.
>
> If so, this makes using google's not very application specific passwords
> more tractable. This would still address what appears to be google's
> main concern, which is people re-using passwords on other (non-google)
> sites.
>
you could, of course just copy that pw and use it somewhere else :-/
I think it's more or less that you have to authenricate with 2fa with google
to get such a password,which THEY generate make it pretty safe to say that
it's either you, or someone using your credentials an phone that's logging in ....
-rasp
0 new messages