Switched to google workspace oauth email and getting too many login attempts error

[NealC]

I created a google workspace to send email through gmail using the oauth. Email tests went fine and then I tried sending 1600 emails to my users that need to complete their registrations due to email reliability issues I have with exchange. I'm getting the following error. How can we use gmail and be able to email our users from the forum such as for mass emails?

• Authenticator XOAUTH2 returned Expected response code 250 but got code "454", with message "454-4.7.0 Too many login attempts, please try again later.

 

[digitalpoint]

Well even if you don't hit an error about too many authentications, there's still a limit on how many emails you can send per day that way (2,000... maybe it's a generic error about hitting that since even by your number, you were close to that):

Gmail sending limits in Google Workspace - Google Workspace Admin Help

To keep systems healthy and accounts safe, Google limits the

support.google.com

Sending via Gmail is most definitely not intended for automated emails... the limits are more for real users responding to email.

 

[Miri]

This may be the cause of Google's new restrictions on mass mailings using gmail. Google is further tightening its controls for mass emails to combat spam.

Email sender guidelines - Google Workspace Admin Help

The guidelines in this article can help you successfully send and deliver email to personal Gmail accounts. Starting in 2024, email senders must meet the requirements described here to send email to G

support.google.com

 

[digitalpoint]

This may be the cause of Google's new restrictions on mass mailings using gmail. Google is further tightening its controls for mass emails to combat spam.

Email sender guidelines - Google Workspace Admin Help

The guidelines in this article can help you successfully send and deliver email to personal Gmail accounts. Starting in 2024, email senders must meet the requirements described here to send email to G

support.google.com

That's for anyone sending to gmail.com addresses, not necessarily people send through Gmail servers.

 

[Miri]

I had read in the news that it would also be someone who sent emails using Gmail. Maybe I shared the wrong link or I should change my news source.

 

[digitalpoint]

Ya not sure... but the current limitation of only being allowed to send 2,000 emails in total via Gmail is already lower than the upcoming limitation of needing to set email policies (SPF, DKIM, DMARC, etc.) for your domain if you send to more than 5,000 gmail.com addresses.

So even if you hit the cap and used Gmail servers to send 2,000 emails to gmail.com addresses, you still wouldn't be allowed to send anymore, so you would never hit the 5,000 email thing.

 

[NealC]

I wonder if the issue is that XF is authenticating for each email send. Wouldn't it just need to oauth authenticate at beginning of the end and then somehow batch send emails? Everything seems to be moving to oauth so how is this going to be handled in the future?

 

[digitalpoint]

I wonder if the issue is that XF is authenticating for each email send. Wouldn't it just need to oauth authenticate at beginning of the end and then somehow batch send emails? Everything seems to be moving to oauth so how is this going to be handled in the future?

Maybe... but that still wouldn't let you bypass the limitation of not being allowed to send more than 2,000 emails per day via Gmail.

 

[NealC]

So the alternative then is Office365 which is 10K for now, it will likely follow google I suppose. Cancelling google workspace business starter, it's a no go for solving this problem with email reliability.

 

[digitalpoint]

Ya... I haven't run across a reasonable third-party solution for send email. It's either cost prohibitive or just doesn't allow you to send many emails. Once upon a time I wrote a XenForo 1 addon that allowed you to send directly via Gmail API, but I ran into the same issue (sending limit of a Gmail account) and ended up not even being able to use it. It was nice that it didn't disclose your server's IP in the email headers, but just wasn't viable because of volume limits.

 

[NealC]

Typically when something uses OAUTH it returns a token, does it not? Then you use that token for each subsequent request. Why is XF authorizing every mail send?

 

[digitalpoint]

A token is still an authentication. So a message about too many authentications doesn’t mean much. As I mentioned earlier, it’s probably just a weirdly worded error after you hit 2,000 emails sent.

 

[NealC]

It stopped around 20 into 1600 sends