Can I use OAuth to authenticate Google SMTP

[Alvin63]

So having set up Google Workspace email, it kept throwing server errors and not sending emails saying username and password issues (they were the correct username and password). The Server AI bot said, set up 2FA and use an app password. So I did that, replaced the SMTP settings password with the app password and email working fine. However if one thing makes me quit this Google Workspace email it is the annoying yellow exclamation mark on my gmail avatar all the time. Really want it to go away! Clicking on it takes me to security settings - I've set up just about every security option there is but it still won't go away. The one thing left in security with a yellow exclamation mark is the app password. Google wants me to delete it if I'm not using the app any more. It doesn't like app passwords these days apparently - I had to do a lot of searching just to be able to generate one as it's not an option in google account.. Well I am using the app password - it's needed in Xenforo ACP to set up SMTP. So I can't delete the app password so I'm stuck with the yellow exclamation mark.

Is there an alternative to a) password and b) app password? Password doesn't allow email sending. App password does but is spoiling my screen with that yellow exclamation mark. I thought I saw something about 0Auth being an option?

 

[smallwheels]

I thought I saw something about 0Auth being an option?

OAuth is not intended for use with smtp AFAIK and I wouldn't even know how to use it for outgoing mails with XF.
The underlaying issue you have is that you seem to use google as smtp-relay for mails going out from your forum. While this does work technically (as XF is simply acting as an smpt-client here) I am relatively sure that this is not the intention that Google has for their workspace product and a bit unsure if it might even violate their TOS. Depending from the amount of mails sent by the forum and the amount of bounces you get doing so you might run into issues with your google account sooner or later, which may get pretty annoying to resolve. Possibly the best option would be to use another, dedicated smtp-relay for the mails sent by the forum, properly set up in the name server as being legitimate to sent mails from your forum/domain.

 

[Alvin63]

Well I'll have to see how it goes - I have 30 days to cancel. The email is working fine but the one little thing that makes me want to cancel is having a yellow exclamation mark on my gmail/google account avatar. It looks awful. I found google workspace extremely unintuitive and just want a simple email account for the forum! Which I had before but restrictions.

To have quick access to the forum email account, via a pinned bookmark, as before, I need to stay signed in to the google account hence having this yellow exclamation mark visible on my screen. It is annoying.

I bought the plan via the server, so if Google accept servers as re-sellers presumably they know websites and forums need email and send newsletters etc. Although I guess forums send more emails than websites perhaps.

I am sure I read something on here about using 0auth though, but can't find it.

 

[Kirby]

OAuth is not intended for use with smtp AFAIK and I wouldn't even know how to use it for outgoing mails with XF.

Possibly the best option would be to use another, dedicated smtp-relay for the mails sent by the forum, properly set up in the name server as being legitimate to sent mails from your forum/domain.

Agreed. While it does work technically (and some users are doing this) I'd recommend to use a proper SMTP service provider.

 

[Alvin63]

Anyway, according to AI, although Xenforo does support 0auth for site logins, it doesn't apply to smtp settings.

 

[Alvin63]

View attachment 327065



Agreed. While it does work technically (and some users are doing this) I'd recommend to use a proper SMTP service provider.

Thank you. So google workspace isn't a proper smtp service provider?

 

[ENF]

Thank you. So google workspace isn't a proper smtp service provider?

I think I already mentioned that this wasn't a good idea, it's better to use a dedicated mail delivery service that is made for that purpose.
Even companies or other orgs that use Google Workspace for business functions still use other mail handlers to distribute automated messages & broadcast emails, like newsletters, etc.

 

[Alvin63]

Yes you did and I appreciate that - however I had already set it all up and paid and got it working! I do however have a 30 day cancellation period.

View attachment 327065



Agreed. While it does work technically (and some users are doing this) I'd recommend to use a proper SMTP service provider.

THANK YOU. It has taken ages but I have finally got SMTP set up with Google 0Auth now. Deleted my "app password" in Google Account security settings. Still had a yellow exclamation mark - had to use the google authenticator app in the end to finish the security process and get a green shield. But the yellow exclamation mark is now gone.

And I thought setting up Amazon AWS was complicated (I gave up on that last time). This time I had the server's AI bot talking me through it. You can see why people just stick to the server's own email package. It's simple.