[MGNLMAIL-66] Implement OAuth 2.0 authentication Created: 22/May/15  Updated: 10/Aug/22  Resolved: 18/May/17

Status: Closed
Project: Magnolia Mail Module
Component/s: None
Affects Version/s: 5.2.2
Fix Version/s: 5.5

Type: Improvement Priority: Neutral
Reporter: Richard Gange Assignee: Robert Šiška
Resolution: Fixed Votes: 0
Labels: support
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
causality
relation
is related to DOCU-2045 DOC: Example of how to use OAuth 2.0 Closed
is related to MGNLMAIL-104 Unable to send email through Gmail Closed
is related to MGNLMAIL-136 CLONE - Implement OAuth 2.0 authentic... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Release notes required:
Yes
Documentation update required:
Yes
Date of First Response:
Sprint: Kromeriz 96
Story Points: 8

 Description   

In order to use gmail as a mail client requires that you "Allow less secure apps access your Google account". Google points out "We don't recommend this option because it may make it easier for someone to gain access to your account."



 Comments   
Comment by Magnolia International [ 24/Jul/15 ]

Can you elaborate ? What is "using gmail as a mail client" in the context of Magnolia ?

Comment by Richard Gange [ 24/Jul/15 ]

Configuring the mail module to send email through a gmail account. Gmail claims that we are not secure enough. I thought maybe we should investigate if we could do better.

Comment by Magnolia International [ 03/Aug/15 ]

Ha, so it's using gmail as a mail server/relay, rather. Is this really something people (want to) do in production ?

Comment by Richard Gange [ 14/Aug/15 ]

Greg yes. I have one customer doing it now. But they have to use the less secure setting to do so.

Comment by Jan Haderka [ 23/Nov/15 ]

If your company mail is hosted by google/gmail then gmail is the server you would want to use as relay.

Comment by Antti Hietala [ 28/Apr/17 ]

Resolving this likely involves updating a library responsible for TLS encryption.

Comment by Robert Šiška [ 10/May/17 ]

Unfortunately, Google considers every application that doesn't authenticate over OAuth 2.0 to be "less secure". See here.

Generated at Mon Feb 12 06:03:18 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.