@mattab opened this Issue on August 20th 2015 Owner

This issue is about improving this FAQ: How do I send Piwik emails using Gmail SMTP server?

While setting it up today, I noticed that i was getting an error when sending a scheduled report

An error occured while sending 'HTML Email Report - 2.2015-08-20.101.en.html' to xxxxxxxxxxxxxxx<a class='mention' href='https://github.com/gmail'>@gmail</a>.com. Error was '5.7.14 <https://accounts.google.com/ContinueSignIn?sarp=1&scc=1&plt=AKgnsbucv 5.7.14 -v6FnaqYk_3-5- 5.7.14 UQGVqm7Gvg1qMTL70m9YF2_kcoVxK-eN_d9aPG5hrzzCtiG 5.7.14 5edES-qhoae2YHyGn3bqFQnBQ 5.7.14 8BFlMxvMs_RBCEP62jWESOR-fuYk> Please log in via your web browser and 5.7.14 then try again. 5.7.14 Learn more at 5.7.14 https://support.google.com/mail/answer/78754 cd16sm31949626wib.19 - gsmtp'<a href='/0'>#0</a> [internal function]

To resolve this issue I had to go to:

allow less secure apps

Steps

  • what does it mean to be less secure app? could we change our FAQ instructions and/or implementation so that users do not need to do this extra step?
  • if not possible, we should at least document in FAQ that user also need to change the setting on their google security account
@tsteur commented on August 21st 2015 Owner

I didn't have to do this I think. Did you use ssl and port 465?

@mattab commented on August 21st 2015 Owner

Did you use ssl and port 465?

yes, strange you didn't have to do this. I should try with another gmail account if I can reproduce

@MagicFab commented on August 26th 2015

Some more context:
http://security.stackexchange.com/questions/66025/what-are-the-dangers-of-allowing-less-secure-apps-to-access-my-google-account

To avoid this in the future and properly support using Google's SMTP, perhaps Piwik could implement OAuth 2: https://developers.google.com/gmail/oauth_overview?hl=en

@MagicFab commented on August 26th 2015
@mattab commented on September 19th 2015 Owner

If anyone else experiences this, please leave a comment!

@eantoranz commented on October 24th 2015

I'm running tests to send my first set of patches and I had to enable "less secure apps access" to be able to send the patches with git-send-mail through gmail (to my personal account, just testing, as I said).

@telx85 commented on August 19th 2016

G'day guys,

Old thread, but still an open issue, so I figured I would respond and keep it alive.

At least for me this is still an issue. Would love to be able to keep the security on my GAPPS account, rather then use less secure setting.

I've tested port 465 SSL and 587 TLS, to smtp.gmail.com using Login. But no joy.

@tsteur commented on August 19th 2016 Owner

I had a look and https://github.com/PHPMailer/PHPMailer would solve this issue. We could use it from Piwik 3 as it requires PHP 5.4 to use it. Here is explanation. Could be actually quite easy to implement and to switch to this library . More infos https://github.com/PHPMailer/PHPMailer/wiki/Using-Gmail-with-XOAUTH2

@telx85 commented on August 20th 2016

That would be a great addition to Piwik from my perspective.
Top job guys!

Powered by GitHub Issue Mirror