tcllib smtp package failing on gmail

[Tim Wallace]

I'm running the latest versions of tclsh8.6 and tcllib but my script
circa 2018 that sends emails just quit authenticating with SMTP LOGIN
and SMTP PLAIN. It seems that google wants two-factor authentication
(not really needed by me since all my passwords are unique) and then an
app password. But this was supposed to happen in the middle of last
year, and my script just started failing this month. Maybe
grandfathered in?

The smtp dialog says 535-5.7.8 Username and Password not accepted.

Can any of you email gurus tell me if that is feasible with the smtp
package and this setup? How would I enter the app password--can I
hardwire it into the script somehow? I don't see such an option in the
smtp::sendmessage

If Google is now a hassle, could yahoo or somewhere else still work?

Thanks,

--Tim

[Tim Wallace]

I tried the 2 step verification method (distinct from 2-factor
authentication) and made an app password. Putting that thing into my
script...eureka! We'll see what headaches the 2fa thing causes me
elsewhere, but since I'm on Android, hopefully not too much. I'll
change my Thunderbird password to this as well if I need to.

[saitology9]

That sounds great. Perhaps you could document your steps on the wiki for
the next person needing it.

[Alan Grunwald]

I spent years trying to work out how to do this. It's done now and I
can't recall the details, but I think the vital step was setting an app
password. I don't think two-factor authentication came into it at all,
but from what you're saying it seems that Google may have changed things
around a year or so back. As far as I recall, I don't have two factor
authentication switched on and the email mechanism I put together with
smtp::sendmessage was still working earlier this week. "2 step
verification" doesn't ring any bells at all.

Please post something if you want me to dig into my setup a bit more.

[Tim Wallace]

Yes, the app password is the key. Pasting the 16 alpha-numeric random
app password into my script replacing my regular password did the trick.
The option to generate an app password is grayed out until you enable
2-step Verification.

So go to your google account settings at myaccount.google.com, pick the
"Security" option at left, and turn on the 2-step Verification.

At this point before, a grayed-out "create app password" option below
came to life, but it doesn't seem to be there now! Putting app in the
"search google account" brought up some options, including the app
password, and selecting that brought up the app password dialog!

It's warning me that I should make sure I really need it before I do it,
so perhaps it knew I had been denied access with my script and hence
made it easier to do before. Or perhaps it knows I already have an app
password now, which I can use for multiple apps. Definitely I would try
re-using the one I have before I created a new one. The complexity of
Google is incredible.

--Tim

[Luc]

On Wed, 31 Jan 2024 14:56:12 -0500, Tim Wallace wrote:

I think they are planning to disable app passwords too. I vaguely
remember reading about it, the deadline is around June.

--
Luc
>>

[Tim Wallace]

The deadline for changing to app passwords was at least a year ago, I
think! So these things seem kind of flexible.

Google's support page states that:

"Starting in autumn of 2024, you and your users must use OAuth with
third-party apps to access Gmail, Google Calendar, and Google Contacts.
OAuth is a more secure access method. You will no longer use a password
for access (with the exception of app passwords)."

I am using the "oath2" method in Thunderbird, but it sounds like the app
passwords will still be good.