Re: [Evolution] Evolution and Google's less secure app problem

From: Pete Biggs <pete biggs org uk>
To: evolution-list gnome org
Subject: Re: [Evolution] Evolution and Google's less secure app problem
Date: Fri, 01 Jun 2018 15:01:28 +0100


   Like what is your version of Evolution?


The current default version on LinuxMint vs 18.3,  which is Evolution
3.18.5.2


I know people get frustrated with us saying this all the time, but that
is an old version and it doesn't have all the features necessary to
deal with evolving services like Gmail.

   What are you trying to do?


Create an Imap+ account in Evolution to give me access to a corporate
account where the only official way to access is via web client
( yuck ).  I've done it a few hundred times on domains where "allow
less secure apps" is set.  Yes, I'm a glutton for punishment, but on
average I have 6-8 different email accounts being handled through
Evolution ( I don't like Thunderbird ) and almost as many calendars
combined into one Evolution calendar.


I think it's important to understand what the differences are. Google
by default uses the OAuth2 mechanism for authentication. For things
that can't cope with OAuth2 the security can be lessened to use classic
username/password authentication. But there are restrictions in place
on whether OAuth2 can be dropped.

   How are you creating the account in Evolution?


Through the normal Edit->Preferences->> Add route.  Everything creates
correctly, but I get the dreaded message, long with an email stating my
access has been blocked for the app and machine in question. The
machine part is a real pain, because it is my normal work machine.


I'm not sure if 3.18.5 can deal with OAuth2. If it can, then you should
not explicitly set the account up as IMAP as that won't invoke the
OAuth2 mechanism.

If it can't, then your best bet is to use Gnome Online Accounts to
create the account in Evolution. GOA knows about OAuth2 and will deal
with all that side of thing while Evolution will deal with the data
like emails and calendar.

But I will say that I have 2FA turned on (and every one should!) which
means that it won't "allow less secure applications" and my Evolution
happily connects to my gmail account without any problems.


What period do you set for collecting new emails?  I find I'm
frequently in locations for 2 plus hours where I can't have a phone but
still need to be able to retrieve my email and 2+ hours is too long to
be unable to provide the 2nd factor.  Weird yes, but the band is mainly
aimed a cameras.


I am logged into Gmail with OAuth2 so it doesn't continually need to
prompt me for 2FA - it's a once only thing.  (And my emails are set to
be retrieved every 5 mins, but that's not really relevant.)

P.

Follow-Ups:
- Re: [Evolution] Evolution and Google's less secure app problem
  - From: Japhering

References:
- Re: [Evolution] Evolution and Google's less secure app problem
  - From: Japhering

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]