Re: mutt, imaps and OAuth2
Hello, Will Yardley (2022/08/04 16:44 -0700): > Yeah, if you can use an application password, and if your org has IMAP > enabled, this is the easiest approach and the path of least > resistence. That indeed corresponds to my experience. > There's also the external Python script used for oauth2, if it hasn't > been mentioned elsewhere in the thread > > https://gitlab.com/muttmua/mutt/-/blob/master/contrib/mutt_oauth2.py > https://gitlab.com/muttmua/mutt/-/blob/master/contrib/mutt_oauth2.py.README > > IIRC, it will / can work w/ Gmail I was aware of it but it has not been mentionned. Thanks. I came accross another similar project: https://github.com/google/gmail-oauth2-tools I think both projects work the same way and the difficulty I encountered while trying to use both of them was the creation of the appropriate "project". I was able to create one but then when I tried to use it I was told that it was not following Google's rules but with no more precision (was it the logo which was missing? Should I have given it a scope? Permissions...?). Also, what I didn't like so much about the approach provided by the script in mutt's repository was that it kindo of made it mandatory to use an encryption tool. Not that I think it's a bad idea, but it feels to me that given the complexity the process already has, it would be nice to be provided with a way to start _without_ encryption, at least to remove some of the complexity at the beginning. Best wishes, Sébastien.
Re: mutt, imaps and OAuth2
On Thu, Aug 04, 2022 at 12:51:34PM +0200, Sébastien Hinderer wrote: > Hello Francesco! > > Have you considered enabling 2fa and then adding an application-specific > > password? > > I didn't realise this possibility was there, actually, many thanks for > mentionning it! Yeah, if you can use an application password, and if your org has IMAP enabled, this is the easiest approach and the path of least resistence. There's also the external Python script used for oauth2, if it hasn't been mentioned elsewhere in the thread https://gitlab.com/muttmua/mutt/-/blob/master/contrib/mutt_oauth2.py https://gitlab.com/muttmua/mutt/-/blob/master/contrib/mutt_oauth2.py.README IIRC, it will / can work w/ Gmail /w
Re: mutt, imaps and OAuth2
Dear Francesco, Thank you, so much, for your response!! Francesco Ariis (2022/08/04 12:27 +0200): > Have you considered enabling 2fa and then adding an application-specific > password? I knew about app passwords but I stayed with the impression that they gad been abandonned and that OAuth2 was the only way to go. Apparently I was wrong and indeed, I enabled 2fa and could then create an app password which I was able to use with mutt! So, just to make sure I understand correctly: it is required that 2FA is enabled so that app passwords work? Any insight on why this is so? Because, to me, the two things look rather orthogonal. One other thing I found disappointing is that the app password Google generated for me was rather short, compared to what I would have come up with. So I don't relaly see the point, except that okay, thi password gies access only to my mails and not to the whole universe a Google account is. > I did that because I could not get OAuth2 to work It really made my day. Many thanks for your assistance! I think it'd be nice if this would be documented somewhere but I am not sure where. Best wishes, Sébastien.
Re: mutt, imaps and OAuth2
Hi Matthias, Matthias Apitz (2022/08/04 12:14 +0200): > Be prepared to run into troubles sending mails to GMail/GoogleMail. > Google requires very special DNS configs to accept mails for their > users. I gave up on this and do not send any mails to Google users > anymore. So far I didn't encounter any problem that I was aware of, as far sending e-mails is concerned. But thanks, still, since if something happens, at least I'll be prepared. Best wishes, Sébastien.
Re: mutt, imaps and OAuth2
Hello, Sam Kuper (2022/08/04 10:07 +): > On Thu, Aug 04, 2022 at 09:40:03AM +0200, Sébastien Hinderer wrote: > > I am about to work for an organization whose e-mails are managed by > > Google. > > Commiserations. Thanks. I was not very happy about that. :-) > As a *temporary workaround*, maybe see if you can edit the > GMail/GoogleMail settings so that a copy of each incoming email is > forwarded to an email address you control that is hosted by a > standards-compliant (and therefore Mutt-friendly) email hosting company. > IIRC, the GMail settings interface has an option for this - or failing > that, you can create a catch-all "filter" with a rule to forward the > emails. > > That will at least get your inbound mails into Mutt. Thanks! It's good to have this solution in case others would not have worked! > (Perhaps, as an adjunct to that workaround, if you are lucky, you will > manage to get outbound email working directly from Mutt via GMail, so > that you can also *send* work emails from Mutt.) Well for that I have an SMTP server with authnetication, which I expect will accept to send my e-mails no matter their headers. At least, it has been like this so far. > Good luck! thanks! Best wishes, Sébastien.
Re: mutt, imaps and OAuth2
On Thu, Aug 04, 2022 at 02:51:14PM +0200, Matthias Apitz wrote: > El día Donnerstag, August 04, 2022 a las 12:23:08 +, Sam Kuper escribió: >> On Thu, Aug 04, 2022 at 12:14:04PM +0200, Matthias Apitz wrote: >>> El día Donnerstag, August 04, 2022 a las 10:07:47 +, Sam Kuper escribió: As a *temporary workaround*, maybe see if you can edit the GMail/GoogleMail settings so that a copy of each incoming email is forwarded to an email address you control that is hosted by a standards-compliant (and therefore Mutt-friendly) email hosting company. IIRC, the GMail settings interface has an option for this - or failing that, you can create a catch-all "filter" with a rule to forward the emails. >>> >>> Be prepared to run into troubles sending mails to GMail/GoogleMail. >>> Google requires very special DNS configs to accept mails for their >>> users. I gave up on this and do not send any mails to Google users >>> anymore. >> >> I don't see how these remarks relate to my suggestion above? > > The relation is: once you have the enail downloaded from another > hosting provider and you want reply upstream through it to > GMail/GoogleMail recipients ... So... your comment *doesn't* relate to my suggestion above - which was about how to get *inbound* emails from Gmail/GoogleMail into Mutt. Sam
Re: mutt, imaps and OAuth2
El día Donnerstag, August 04, 2022 a las 12:23:08 +, Sam Kuper escribió: > On Thu, Aug 04, 2022 at 12:14:04PM +0200, Matthias Apitz wrote: > > El día Donnerstag, August 04, 2022 a las 10:07:47 +, Sam Kuper escribió: > >> As a *temporary workaround*, maybe see if you can edit the > >> GMail/GoogleMail settings so that a copy of each incoming email is > >> forwarded to an email address you control that is hosted by a > >> standards-compliant (and therefore Mutt-friendly) email hosting > >> company. IIRC, the GMail settings interface has an option for this - > >> or failing that, you can create a catch-all "filter" with a rule to > >> forward the emails. > > > > Be prepared to run into troubles sending mails to GMail/GoogleMail. > > Google requires very special DNS configs to accept mails for their > > users. I gave up on this and do not send any mails to Google users > > anymore. > > I don't see how these remarks relate to my suggestion above? The relation is: once you have the enail downloaded from another hosting provider and you want reply upstream through it to GMail/GoogleMail recipients ... matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub
Re: mutt, imaps and OAuth2
On Thu, Aug 04, 2022 at 12:14:04PM +0200, Matthias Apitz wrote: > El día Donnerstag, August 04, 2022 a las 10:07:47 +, Sam Kuper escribió: >> As a *temporary workaround*, maybe see if you can edit the >> GMail/GoogleMail settings so that a copy of each incoming email is >> forwarded to an email address you control that is hosted by a >> standards-compliant (and therefore Mutt-friendly) email hosting >> company. IIRC, the GMail settings interface has an option for this - >> or failing that, you can create a catch-all "filter" with a rule to >> forward the emails. > > Be prepared to run into troubles sending mails to GMail/GoogleMail. > Google requires very special DNS configs to accept mails for their > users. I gave up on this and do not send any mails to Google users > anymore. I don't see how these remarks relate to my suggestion above? Best regards, Sam
Re: mutt, imaps and OAuth2
Francesco Ariis (2022/08/04 13:26 +0200): > Il 04 agosto 2022 alle 12:51 Sébastien Hinderer ha scritto: > > > > I tried to configure mutt to read those e-mails, in particular to make > > > > the OAuth2 authentification method work for imaps. > > > > > > Have you considered enabling 2fa and then adding an application-specific > > > password? > > > > Practically speaking, are you requested to confirm your authentication > > through your phone each time you read your e-mails withmutt, or just > > from time to time? > > Just once! that sounds really cool and worthexperimenting! I really hope the organization permits it, if it has the ability not to do so by default. When you created your app passowrd, did you have to associate special domains or permissions with it? Or did it "just work"? > But once you have 2fa turned on, you will not be able to turn > it off when you log in — say — in the web based gmail client. I won't do such things (I'm blind and such clients are not at all ocnvenient for me). However, I hpe that won't limit the ability to read such e-mails from the regular iPhone mail app, for instance? > I specifically use this feature with getmail (rather with mutt itself > directly), I suspect there are other mutters reading this conversation > which can bring their experience to the table. I see. In the past I used fetchmail and even procmail for sometime. But then, for some reason I wouln't be able to give, I switched to reading my e-mails directly from within Mutt through imap(s). Thanks again for your help, so valuable to have this way out of the OAuth2 business! Sébastien.
Re: mutt, imaps and OAuth2
* Sébastien Hinderer [08-04-22 06:52]: > Hello Francesco! > > Francesco Ariis (2022/08/04 12:27 +0200): > > Hello Sébastien, > > > > Il 04 agosto 2022 alle 09:40 Sébastien Hinderer ha scritto: > > > I am about to work for an organization whose e-mails are managed by > > > Google. > > > > > > I tried to configure mutt to read those e-mails, in particular to make > > > the OAuth2 authentification method work for imaps. > > > > Have you considered enabling 2fa and then adding an application-specific > > password? > > I didn't realise this possibility was there, actually, many thanks for > mentionning it! > > > > I did that because I could not get OAuth2 to work > > I think there are ways, but which do not look very straightforward to > me, sadly. > > Practically speaking, are you requested to confirm your authentication > through your phone each time you read your e-mails withmutt, or just > from time to time? iirc, you get an acknowledgement/confirmation/authentication originally and no more. I set it up last year and my mail system for two goggle accounts and have not been requested additional auth since for either. > If confirming authentication on the phone on each e-mail read is > required, then I fear it's quicly going to become a burden. If it's just > a matter of ocnfirming from time to time, then I think it's okay. it has not been for me. > I will also need to check whether my company allows this, which I am > not sure but will check still today. I use fetchmail and procmail: poll imap.gmail.com with interval 0 proto imap port 993 timeout 150 \ auth any, and tracepolls user 'abcdef.ghij', with password "abcdefghijklmno", is Ixme here, \ and ssl, and fetchall sslcertck mda '/usr/lib/sendmail -i -oem -f %F %T' user 'ghijklm.nopqr', with password "abcdeXlmnoo", is Ixme here, \ and ssl, and fetchall sslcertck mda '/usr/lib/sendmail -i -oem -f %F %T' it just works. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.orgopenSUSE Community Memberfacebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet oftc
Re: mutt, imaps and OAuth2
Il 04 agosto 2022 alle 12:51 Sébastien Hinderer ha scritto: > > > I tried to configure mutt to read those e-mails, in particular to make > > > the OAuth2 authentification method work for imaps. > > > > Have you considered enabling 2fa and then adding an application-specific > > password? > > Practically speaking, are you requested to confirm your authentication > through your phone each time you read your e-mails withmutt, or just > from time to time? Just once! But once you have 2fa turned on, you will not be able to turn it off when you log in — say — in the web based gmail client. I specifically use this feature with getmail (rather with mutt itself directly), I suspect there are other mutters reading this conversation which can bring their experience to the table.
Re: mutt, imaps and OAuth2
El día Donnerstag, August 04, 2022 a las 10:07:47 +, Sam Kuper escribió: > On Thu, Aug 04, 2022 at 09:40:03AM +0200, Sébastien Hinderer wrote: > > I am about to work for an organization whose e-mails are managed by > > Google. > > ... > As a *temporary workaround*, maybe see if you can edit the > GMail/GoogleMail settings so that a copy of each incoming email is > forwarded to an email address you control that is hosted by a > standards-compliant (and therefore Mutt-friendly) email hosting company. > IIRC, the GMail settings interface has an option for this - or failing > that, you can create a catch-all "filter" with a rule to forward the > emails. Be prepared to run into troubles sending mails to GMail/GoogleMail. Google requires very special DNS configs to accept mails for their users. I gave up on this and do not send any mails to Google users anymore. matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub
Re: mutt, imaps and OAuth2
Hello Francesco! Francesco Ariis (2022/08/04 12:27 +0200): > Hello Sébastien, > > Il 04 agosto 2022 alle 09:40 Sébastien Hinderer ha scritto: > > I am about to work for an organization whose e-mails are managed by > > Google. > > > > I tried to configure mutt to read those e-mails, in particular to make > > the OAuth2 authentification method work for imaps. > > Have you considered enabling 2fa and then adding an application-specific > password? I didn't realise this possibility was there, actually, many thanks for mentionning it! > > I did that because I could not get OAuth2 to work I think there are ways, but which do not look very straightforward to me, sadly. Practically speaking, are you requested to confirm your authentication through your phone each time you read your e-mails withmutt, or just from time to time? If confirming authentication on the phone on each e-mail read is required, then I fear it's quicly going to become a burden. If it's just a matter of ocnfirming from time to time, then I think it's okay. I will also need to check whether my company allows this, which I am not sure but will check still today. Best wishes, Sébastien.
Re: mutt, imaps and OAuth2
Hello Sébastien, Il 04 agosto 2022 alle 09:40 Sébastien Hinderer ha scritto: > I am about to work for an organization whose e-mails are managed by > Google. > > I tried to configure mutt to read those e-mails, in particular to make > the OAuth2 authentification method work for imaps. Have you considered enabling 2fa and then adding an application-specific password? I did that because I could not get OAuth2 to work —F
Re: mutt, imaps and OAuth2
On Thu, Aug 04, 2022 at 09:40:03AM +0200, Sébastien Hinderer wrote: > I am about to work for an organization whose e-mails are managed by > Google. Commiserations. > I tried to configure mutt to read those e-mails, in particular to make > the OAuth2 authentification method work for imaps [but so far, that > has not succeeded]. Others will be better placed to help you *fix* this. (I'm not a Google customer myself.) As a *temporary workaround*, maybe see if you can edit the GMail/GoogleMail settings so that a copy of each incoming email is forwarded to an email address you control that is hosted by a standards-compliant (and therefore Mutt-friendly) email hosting company. IIRC, the GMail settings interface has an option for this - or failing that, you can create a catch-all "filter" with a rule to forward the emails. That will at least get your inbound mails into Mutt. (Perhaps, as an adjunct to that workaround, if you are lucky, you will manage to get outbound email working directly from Mutt via GMail, so that you can also *send* work emails from Mutt.) Good luck! Sam
mutt, imaps and OAuth2
Dear all, I am about to work for an organization whose e-mails are managed by Google. I tried to configure mutt to read those e-mails, in particular to make the OAuth2 authentification method work for imaps. So far the problem seems to be that the project I have created in my organisation to describe mutt seems to not have enough permissions. Indeed when I try to obtain an OAuth token with the client id and secret id, I am said that the app does not respect Google's rules and I don't know which rules are missing. Perhaps I need to add a scope, or permissions, or a logo, I don't know. Could anybody help, please? Many thanks, Sébastien.