| Page 1 of 2 | 1 | 2 |
|
|
Using Gmail accounts in Outlook [OT in uk.d-i-y]
I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Cannot say I've noticed anything as yet. Its probably more hand holding of
people who never bother to check things they are clicking on etc. I noticed the other day that 1 in three emails I sent from Virgin to yahoo accounts was undelivered quoting the virgin server as being in a spamhouse list. The problem isits fine if these boys running mega email systems want to get real picky about what they allow, but its not actually teaching the masses to be careful is it? The most insecure of email systems has to be online web mail of which Yahoo and Google run a fair few, and only yesterday yet another friend has had their entire address book copied and stupid messages sent to them all pretending to be from the person with the original account. Until people actually take charge of their accounts and make sure they are not hacked, there is little hope other than to make email so awkward and unreliable as to make it pointless. Brian -- Brian Gaff....Note, this account does not accept Bcc: email. graphics are great, but the blind can't hear them Email: __________________________________________________ __________________________________________________ __________ "Roger Mills" wrote in message ... I use Outlook as my main email client, and have lots of email accounts set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/15 16:31, Brian Gaff wrote:
Cannot say I've noticed anything as yet. Its probably more hand holding of people who never bother to check things they are clicking on etc. I noticed the other day that 1 in three emails I sent from Virgin to yahoo accounts was undelivered quoting the virgin server as being in a spamhouse list. The problem isits fine if these boys running mega email systems want to get real picky about what they allow, but its not actually teaching the masses to be careful is it? The most insecure of email systems has to be online web mail of which Yahoo and Google run a fair few, and only yesterday yet another friend has had their entire address book copied They had two factor authentication (2FA) turned off, an account hacking precaution that is pretty easy to set up. Or they were using Windows..... -- Adrian C |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On Sun, 05 Apr 2015 15:48:29 +0100, Roger Mills
wrote: I use Outlook as my main email client, and have lots of email accounts set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! Of course! I went into account settings and turned on "access for less secure apps" (TM) If there are consequences I am not yet aware of them. -- Graham. %Profound_observation% |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05 Apr 2015, Roger Mills wrote in
alt.windows7.general: They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? The "dire warning" is just FUD intended to keep you within the confines of Google. Go ahead and approve the "less secure" app. I did long ago so I could use various other IMAP and POP mail clients and it has never been a problem. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/2015 19:09, Huge wrote:
On 2015-04-05, Roger wrote: I use Outlook as my main email client, There's your problem, right there. So what would *your* solution be - bearing in mind that Google claim that virtually every email client that isn't one of their making is insecure! -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/2015 15:48, Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! What happens if you use SSL on port 465? I have had to use this in some hotels where sending via the normal port is blocked. -- Michael Chare |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! It might be a statement about SSL/TLS transport when connecting to Google. Consider whether the path to Google is protected by encryption. Years ago, all your email was traveling as plaintext, and could be read as it flies by, at the ISP. Or read by the NSA. Tightening up the transport might be part of this story. I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. I think part of the setup of things like that, relies on certificates. And at least one recent issue came up, when a certain laptop manufacturer, installed MITM software which generated bogus local certificates. Maybe this is some fallout from that incident. Lenovo has since issued removal software, due to the bad PR. http://support.lenovo.com/ca/en/prod...rity/superfish You have to read an awful lot of incident reports, to have any inkling where some of these "security" warnings are coming from. One of my browsers is almost useless now, due to the tightening of SSL/TLS and generating new sessions to prevent certain kinds of padding attacks. There's all sorts of stuff going on, that can be traced to the exploits you read about. ******* AS for the topic of email, to me webmail services are for the birds. I use a POP3 account, I have some idea what transport and what port number it uses. I have some idea what my exposures are. The people I've tried to help with webmail, everything done in webmail seems to be served with a large dose of bull****. Just a gut reaction of mine. I'm as suspicious as you are. Paul |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05 Apr 2015, Paul wrote in
alt.windows7.general: It might be a statement about SSL/TLS transport when connecting to Google. Consider whether the path to Google is protected by encryption. I think Google mail requires SSL/TLS. They won't let you do POP3 or IMAP without it. AS for the topic of email, to me webmail services are for the birds. I use a POP3 account, I have some idea what transport and what port number it uses. I have some idea what my exposures are. The people I've tried to help with webmail, everything done in webmail seems to be served with a large dose of bull****. Just a gut reaction of mine. I'm as suspicious as you are. The error message in question is a real one from Google. I got it myself when I first used my own email client to grab Google via POP3 and IMAP. At first I couldn't connect. When I went to the Gmail web interface I found that message about "insecure apps". I had to approve it before I could connect. They want to keep you using the web interface or their approved Google mobile apps. Fortunately, they allow you to use other things, you just have to jump through a couple of hoops. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Roger Mills scribbled
On 05/04/2015 19:09, Huge wrote: On 2015-04-05, Roger wrote: I use Outlook as my main email client, There's your problem, right there. So what would *your* solution be - bearing in mind that Google claim that virtually every email client that isn't one of their making is insecure! Thunderbird works and has SSL. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Jonno wrote:
Roger Mills scribbled On 05/04/2015 19:09, Huge wrote: On 2015-04-05, Roger wrote: I use Outlook as my main email client, There's your problem, right there. So what would *your* solution be - bearing in mind that Google claim that virtually every email client that isn't one of their making is insecure! Thunderbird works and has SSL. Outlook has SSL. The issue AIUI is that Google require either OAuth 2.0 or 2-stage authentication or user's agreement to use "less secure apps". Does Thunderbird now have OAuth 2.0? -- Robin reply to address is (meant to be) valid |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/15 19:20, Roger Mills wrote:
On 05/04/2015 19:09, Huge wrote: On 2015-04-05, Roger wrote: I use Outlook as my main email client, There's your problem, right there. So what would *your* solution be - bearing in mind that Google claim that virtually every email client that isn't one of their making is insecure! Use thunderbird... |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Robin wrote:
Jonno wrote: Roger Mills scribbled On 05/04/2015 19:09, Huge wrote: On 2015-04-05, Roger wrote: I use Outlook as my main email client, There's your problem, right there. So what would *your* solution be - bearing in mind that Google claim that virtually every email client that isn't one of their making is insecure! Thunderbird works and has SSL. Outlook has SSL. The issue AIUI is that Google require either OAuth 2.0 or 2-stage authentication or user's agreement to use "less secure apps". Does Thunderbird now have OAuth 2.0? The quickest way to answer that is: 1) Download Thunderbird source tarball. 2) Extract just the TAR file, not the 125,000 files inside. 3) Use a hex editor. Oauth2 is present. http://i61.tinypic.com/1zlw21e.gif If you attempt to unpack source and use Windows search of the contents, around 67,000 files have the wrong line endings and a text search will ignore the file contents. Hex editing a TAR file, is a lot faster for a basic "is it even mentioned" check. It would probably take half the day, to identify the actual correct source file. Paul |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/2015 20:11, Paul wrote:
I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. Most - probably all - of my non-Gmail POP accounts are set up to use the default ports (110 in and 25 out) Gmail is set up to use an incoming port of 995, and "This server requires encrypted connection (SSL)" is ticked. The outgoing port is 587 and, below the port number in Advanced Settings, it says "Use the following type of encrypted connection:" - with the options being None, SSL, TLS and Auto. For the last n years, this has been set to TLS and has worked until now. All the settings were as per the instructions on Google's site at the time I set it up. Now they don't work, and changing from TLS to any of the other options makes no difference. If I click "Test Account Settings" in Outlook (causing it to try to send and receive test messages) it displays an error which says: "Log onto incoming mail server (POP3): Your e-mail server rejected your login. Verify your user name and password in your account properties. Under Tools, click E-mail accounts. The server responded: -ERR [AUTH] Web login required: https://support.google.com/mail/bin/answer.py?answer=78754" I can almost certainly make it work by going down the "Use a less secure connection" route - but does anyone know of any alternative port combinations etc. which are likely to work without having to do that? -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/2015 19:43, Michael Chare wrote:
What happens if you use SSL on port 465? Slightly different error message (compared with using port 995) - but still no go! -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Paul wrote:
Robin wrote: Outlook has SSL. The issue AIUI is that Google require either OAuth 2.0 or 2-stage authentication or user's agreement to use "less secure apps". Does Thunderbird now have OAuth 2.0? The quickest way to answer that is: 1) Download Thunderbird source tarball. 2) Extract just the TAR file, not the 125,000 files inside. 3) Use a hex editor. Oauth2 is present. http://i61.tinypic.com/1zlw21e.gif If you attempt to unpack source and use Windows search of the contents, around 67,000 files have the wrong line endings and a text search will ignore the file contents. Hex editing a TAR file, is a lot faster for a basic "is it even mentioned" check. It would probably take half the day, to identify the actual correct source file. Thanks. I was apparently misled by https://bugzilla.mozilla.org/show_bug.cgi?id=849540 which suggested to me OAuth 2.0 wasn't yet working in the current release. -- Robin reply to address is (meant to be) valid |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote: I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. Most - probably all - of my non-Gmail POP accounts are set up to use the default ports (110 in and 25 out) Gmail is set up to use an incoming port of 995, and "This server requires encrypted connection (SSL)" is ticked. The outgoing port is 587 and, below the port number in Advanced Settings, it says "Use the following type of encrypted connection:" - with the options being None, SSL, TLS and Auto. For the last n years, this has been set to TLS and has worked until now. All the settings were as per the instructions on Google's site at the time I set it up. Now they don't work, and changing from TLS to any of the other options makes no difference. If I click "Test Account Settings" in Outlook (causing it to try to send and receive test messages) it displays an error which says: "Log onto incoming mail server (POP3): Your e-mail server rejected your login. Verify your user name and password in your account properties. Under Tools, click E-mail accounts. The server responded: -ERR [AUTH] Web login required: https://support.google.com/mail/bin/answer.py?answer=78754" I can almost certainly make it work by going down the "Use a less secure connection" route - but does anyone know of any alternative port combinations etc. which are likely to work without having to do that? What little I read last summer when I met this problem made clear it was nothing to do with ports, SSL etc. and that there was no way around the issue in Outlook other than the lower security settings. So that's what I did. As we've used Outlook since 1997 we're reluctant to switch to TB now even if it is free and community-based and all the other nice things that MS Office ain't :) AIUI there was also resistance within the Thunderbird community to implementing OAuth 2.0 as that meant bowing down to Google's unilateral decision. But from what Paul reported in response to me earlier they have now provided for 2 factor authentication (I assume quite recently). -- Robin reply to address is (meant to be) valid |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
| What happens if you use SSL on port 465?
| | | Slightly different error message (compared with using port 995) - but | still no go! 465 and 995 are for outgoing and incoming respectively. If you use both, with SSL, I don't know of any more secure option, other than maybe using secure password authentication. The page you linked doesn't provide any real information, so it's hard to know what they're talking about. (Port 25 has been phased out for a long time. It's associated with "open relay" problems -- SMTP without password verification.) If the above settings don't work then it's likely just a google scam, as someone else mentioned. Then of course there's the obvious question: You probably have ISP email. You could have your own domain email. There are other, less sleazy options like hushmail. So one wonders why you're using gmail in the first place. :) |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/2015 23:36, Mayayana wrote:
Then of course there's the obvious question: You probably have ISP email. You could have your own domain email. There are other, less sleazy options like hushmail. So one wonders why you're using gmail in the first place. :) I do indeed have ISP email - which is what I use by default. I use Gmail very little - but have found it useful sometimes when away from home, when I haven't been able to use my ISP's SMTP server. I also use it as a "throw-away" account for posting to a few forums - so that if it gets seriously spammed, I can junk it and create another one. It was in this connection - trying to post to a forum - that I discovered that it no longer works. -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/2015 00:24:46, Roger Mills wrote:
On 05/04/2015 23:36, Mayayana wrote: Then of course there's the obvious question: You probably have ISP email. You could have your own domain email. There are other, less sleazy options like hushmail. So one wonders why you're using gmail in the first place. :) I do indeed have ISP email - which is what I use by default. I use Gmail very little - but have found it useful sometimes when away from home, when I haven't been able to use my ISP's SMTP server. I also use it as a "throw-away" account for posting to a few forums - so that if it gets seriously spammed, I can junk it and create another one. It was in this connection - trying to post to a forum - that I discovered that it no longer works. Maybe because you haven't used it is what is causing the problem. I have been using two gmail accounts with Outlook 2010 for a long while. My settings in Outlook are the same as yours and I have not encountered any problem (as yet). I do go on to each account on the web about every three months and clear out all the junk as I have Outlook set to leave messages on server. Perhaps it is that action that keeps it alive. -- mick |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Robin wrote:
Roger Mills wrote: On 05/04/2015 20:11, Paul wrote: I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. Most - probably all - of my non-Gmail POP accounts are set up to use the default ports (110 in and 25 out) Gmail is set up to use an incoming port of 995, and "This server requires encrypted connection (SSL)" is ticked. The outgoing port is 587 and, below the port number in Advanced Settings, it says "Use the following type of encrypted connection:" - with the options being None, SSL, TLS and Auto. For the last n years, this has been set to TLS and has worked until now. All the settings were as per the instructions on Google's site at the time I set it up. Now they don't work, and changing from TLS to any of the other options makes no difference. If I click "Test Account Settings" in Outlook (causing it to try to send and receive test messages) it displays an error which says: "Log onto incoming mail server (POP3): Your e-mail server rejected your login. Verify your user name and password in your account properties. Under Tools, click E-mail accounts. The server responded: -ERR [AUTH] Web login required: https://support.google.com/mail/bin/answer.py?answer=78754" I can almost certainly make it work by going down the "Use a less secure connection" route - but does anyone know of any alternative port combinations etc. which are likely to work without having to do that? What little I read last summer when I met this problem made clear it was nothing to do with ports, SSL etc. and that there was no way around the issue in Outlook other than the lower security settings. So that's what I did. As we've used Outlook since 1997 we're reluctant to switch to TB now even if it is free and community-based and all the other nice things that MS Office ain't :) AIUI there was also resistance within the Thunderbird community to implementing OAuth 2.0 as that meant bowing down to Google's unilateral decision. But from what Paul reported in response to me earlier they have now provided for 2 factor authentication (I assume quite recently). I did the quickest check possible. While the word appears in the code, we have no way (immediately) of knowing it is wired up. And this issue has apparently raised quite a stink... I'm not going to try to summarize this. https://bugzilla.mozilla.org/show_bug.cgi?id=849540 Paul |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Paul wrote:
Robin wrote: Roger Mills wrote: On 05/04/2015 20:11, Paul wrote: I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. Most - probably all - of my non-Gmail POP accounts are set up to use the default ports (110 in and 25 out) Gmail is set up to use an incoming port of 995, and "This server requires encrypted connection (SSL)" is ticked. The outgoing port is 587 and, below the port number in Advanced Settings, it says "Use the following type of encrypted connection:" - with the options being None, SSL, TLS and Auto. For the last n years, this has been set to TLS and has worked until now. All the settings were as per the instructions on Google's site at the time I set it up. Now they don't work, and changing from TLS to any of the other options makes no difference. If I click "Test Account Settings" in Outlook (causing it to try to send and receive test messages) it displays an error which says: "Log onto incoming mail server (POP3): Your e-mail server rejected your login. Verify your user name and password in your account properties. Under Tools, click E-mail accounts. The server responded: -ERR [AUTH] Web login required: https://support.google.com/mail/bin/answer.py?answer=78754" I can almost certainly make it work by going down the "Use a less secure connection" route - but does anyone know of any alternative port combinations etc. which are likely to work without having to do that? What little I read last summer when I met this problem made clear it was nothing to do with ports, SSL etc. and that there was no way around the issue in Outlook other than the lower security settings. So that's what I did. As we've used Outlook since 1997 we're reluctant to switch to TB now even if it is free and community-based and all the other nice things that MS Office ain't :) AIUI there was also resistance within the Thunderbird community to implementing OAuth 2.0 as that meant bowing down to Google's unilateral decision. But from what Paul reported in response to me earlier they have now provided for 2 factor authentication (I assume quite recently). I did the quickest check possible. While the word appears in the code, we have no way (immediately) of knowing it is wired up. And this issue has apparently raised quite a stink... I'm not going to try to summarize this. https://bugzilla.mozilla.org/show_bug.cgi?id=849540 Paul The link that led to that one. "gmail says Thunderbird not safe" Go to Allow less secure apps and choose "Allow" http://forums.mozillazine.org/viewto...f=39&t=2852231 Paul |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/2015 00:51, mick wrote:
Maybe because you haven't used it is what is causing the problem. I have been using two gmail accounts with Outlook 2010 for a long while. My settings in Outlook are the same as yours and I have not encountered any problem (as yet). I do go on to each account on the web about every three months and clear out all the junk as I have Outlook set to leave messages on server. Perhaps it is that action that keeps it alive. I don't *think* it's that. I do receive frequent emails in the account from one particular forum -even though I don't send very often. I have a rule set up which forwards incoming emails to a non-Gmail account and then deletes them. [Long story, but related to the fact that the rather old version of Mailwasher which I use to screen my emails can't handle servers which use SSL] -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 05/04/15 23:03, Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote: I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. Most - probably all - of my non-Gmail POP accounts are set up to use the default ports (110 in and 25 out) Gmail is set up to use an incoming port of 995, and "This server requires encrypted connection (SSL)" is ticked. The outgoing port is 587 and, below the port number in Advanced Settings, it says "Use the following type of encrypted connection:" - with the options being None, SSL, TLS and Auto. For the last n years, this has been set to TLS and has worked until now. All the settings were as per the instructions on Google's site at the time I set it up. Now they don't work, and changing from TLS to any of the other options makes no difference. If you have previously setup 2FA, you will have been using App Passwords. Your last used App Password for this client has probably expired. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. -- Adrian C |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Of course they were using Windows, for most people that is all there is.
Brian -- From the Sofa of Brian Gaff Reply address is active "Adrian Caspersz" wrote in message ... On 05/04/15 16:31, Brian Gaff wrote: Cannot say I've noticed anything as yet. Its probably more hand holding of people who never bother to check things they are clicking on etc. I noticed the other day that 1 in three emails I sent from Virgin to yahoo accounts was undelivered quoting the virgin server as being in a spamhouse list. The problem isits fine if these boys running mega email systems want to get real picky about what they allow, but its not actually teaching the masses to be careful is it? The most insecure of email systems has to be online web mail of which Yahoo and Google run a fair few, and only yesterday yet another friend has had their entire address book copied They had two factor authentication (2FA) turned off, an account hacking precaution that is pretty easy to set up. Or they were using Windows..... -- Adrian C |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
No I've not had to change anything and use gmail for some mailing lists. I
use a secure connection as usual though Outlook Express and live mail and not seen any issues. Maybe its just some users? Brian -- From the Sofa of Brian Gaff Reply address is active "Graham." wrote in message ... On Sun, 05 Apr 2015 15:48:29 +0100, Roger Mills wrote: I use Outlook as my main email client, and have lots of email accounts set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! Of course! I went into account settings and turned on "access for less secure apps" (TM) If there are consequences I am not yet aware of them. -- Graham. %Profound_observation% |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Mayayana wrote:
| What happens if you use SSL on port 465? | | | Slightly different error message (compared with using port 995) - but | still no go! 465 and 995 are for outgoing and incoming respectively. If you use both, with SSL, I don't know of any more secure option, other than maybe using secure password authentication. Secure against what? E-Mail is insecure. Authenticating yourself when reading/writing mail is all very well but doesn't prevent anyone either impersonating you or intercepting your mail on its way to you or from you. -- Chris Green · |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/15 09:59, Brian Gaff wrote:
Of course they were using Windows, for most people that is all there is. pebkac error.... -- Adrian C |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
"Roger Mills" wrote in message ... On 06/04/2015 00:51, mick wrote: Maybe because you haven't used it is what is causing the problem. I have been using two gmail accounts with Outlook 2010 for a long while. My settings in Outlook are the same as yours and I have not encountered any problem (as yet). I do go on to each account on the web about every three months and clear out all the junk as I have Outlook set to leave messages on server. Perhaps it is that action that keeps it alive. I don't *think* it's that. I know it isn't. I don't do anything like that and do use gmail quite a bit and have never had it say there was ever any problem and have never told it to allow less secure email clients either. I do receive frequent emails in the account from one particular forum -even though I don't send very often. I have a rule set up which forwards incoming emails to a non-Gmail account and then deletes them. [Long story, but related to the fact that the rather old version of Mailwasher which I use to screen my emails can't handle servers which use SSL] |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/2015 09:23, Adrian Caspersz wrote:
On 05/04/15 23:03, Roger Mills wrote: On 05/04/2015 20:11, Paul wrote: I'm not enough of a mail/tools expert, to know from your description, what protections were in existence at the time you sent the mail. Knowing the port numbers used would help. Most - probably all - of my non-Gmail POP accounts are set up to use the default ports (110 in and 25 out) Gmail is set up to use an incoming port of 995, and "This server requires encrypted connection (SSL)" is ticked. The outgoing port is 587 and, below the port number in Advanced Settings, it says "Use the following type of encrypted connection:" - with the options being None, SSL, TLS and Auto. For the last n years, this has been set to TLS and has worked until now. All the settings were as per the instructions on Google's site at the time I set it up. Now they don't work, and changing from TLS to any of the other options makes no difference. If you have previously setup 2FA, you will have been using App Passwords. Your last used App Password for this client has probably expired. No, I haven't set up 2FA. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. Just tried changing 995 to 993 on my POP/SMTP setup to no avail. -- Cheers, Roger ____________ Please reply to Newsgroup. Whilst email address is valid, it is seldom checked. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/15 10:58, Roger Mills wrote:
No, I haven't set up 2FA. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. Just tried changing 995 to 993 on my POP/SMTP setup to no avail. That wouldn't be expected to work. Perhaps google want to enforce the use of 2FA but they are not exactly being clear about it. I'd recommend enabling it, but that's just me. -- Adrian C |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
|
Using Gmail accounts in Outlook [OT in uk.d-i-y]
| Secure against what? E-Mail is insecure.
There are different kinds of login. The most common types are to pass the name and password as either plain text or base-64, which is easily deciphered, on a non-secure connection. It used to be that anyone could send an email without authentication. That was only needed for receiving. Later there were minimal checks. For instance, some ISPs used to check that email was at least coming from their network. That was changed because of spammers, mainly, rather than security or privacy concerns. Over time it's become standard to require login for sending and now it's becoming common to use SSL and encrypted passwords. There's also a push on to encrypt web traffic in general. But I wouldn't argue with your point, especially where GMail is concerned. While a secure connection might save your email being hijacked while hanging out in Starbucks on their wireless connection, even with all possible security there's still Google reading your email, claiming co-rights to your email and retaining copies even if you delete them, all *as part of your alleged agreement with them*. That means your email is also available to any employees with access to Google servers, and probably to the NSA. It also means you've given implied consent to the notion that you don't care and don't expect private email. (That's the argument that Google likes to use legally: You can't complain because you have no reasonable expectation of privacy, because Google is dishonest and everyone already knows that before they sign up. It's sort of like, "Of course I robbed him, your honor, but he gave me his implied consent by letting me into his house to fix the drain. And he agreed to that on page 17 of the liability disclaimer he signed before I did the work." There was an interesting analysis of expectation of privacy awhile back: http://wakeforestlawreview.com/readi...nd-privacy-law The gist of the idea being that one's expectation of privacy, in a legal sense, is affected in part by one's expectation. If we don't make an effort to keep email private, through lack of security, use of corporate webmail, etc, then we could lose the right. In other words, in a way, Google's logic is correct: Anyone who trusts Google should have known that Google can't be trusted. Therefore, if you use GMail you've already agreed to let Google rob you. And by extension you've agreed that the NSA, Google's business partners, and any Tom, Dick, or Harry, for that matter, are doing nothing wrong in the simple act of reading your email. You "left it out on the table", so to speak. Maybe you didn't mean to, but you should have known that anyone could just break into your house and look at what's on the table. :) The NSA has been trying to use the argument that Microsoft should give them access to customer files on their European servers with an even more far-fetched claim, which is that customer files are not private property but are, rather, Microsoft business records, which the US govt has a right to access. There's already some precedent for that, in a sense. If you get arrested and the court gets a warrant (or subpoena?) to access your GMail, they'll demand it from Google, not from you. So where *is* your ownership? Arguably one of the greatest threats to privacy is the glib and lazy pronouncement by many people that, "Hey, there's no online privacy anyway, so there's no point in worrying about it." |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Mayayana wrote:
| Secure against what? E-Mail is insecure. There are different kinds of login. The most common types are to pass the name and password as either plain text or base-64, which is easily deciphered, on a non-secure connection. It used to be that anyone could send an email without authentication. That was only needed for receiving. Later there were minimal checks. For instance, some ISPs used to check that email was at least coming from their network. Yes, but that's *only* from you to your E-Mail provider. The E-Mail then gets sent across multiple networks using simple SMTP protocols in general so is basically 'not private'. That was changed because of spammers, mainly, rather than security or privacy concerns. Over time it's become standard to require login for sending and now it's becoming common to use SSL and encrypted passwords. There's also a push on to encrypt web traffic in general. Yes, the passwords you need to connect to your E-Mail account are mostly there to stop spam generators using your account, there's no intent to make your E-Mail private. But I wouldn't argue with your point, especially where GMail is concerned. While a secure connection might save your email being hijacked while hanging out in Starbucks on their wireless connection, even with all possible security there's still Google reading your email, claiming co-rights to your email and retaining copies even if you delete them, all *as part of your alleged agreement with them*. That means your email is also available to any employees with access to Google servers, and probably to the NSA. It also means you've given implied consent to the notion that you don't care and don't expect private email. (That's the argument that Google likes to use legally: You can't complain because you have no reasonable expectation of privacy, because Google is dishonest and everyone already knows that before they sign up. It's sort of like, "Of course I robbed him, your honor, but he gave me his implied consent by letting me into his house to fix the drain. And he agreed to that on page 17 of the liability disclaimer he signed before I did the work." Not to mention that as soon as it gets sent anywhere every intermediate server can see the E-Mail, not just Google. -- Chris Green · |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/2015 09:23, Adrian Caspersz wrote:
If you have previously setup 2FA, you will have been using App Passwords. Your last used App Password for this client has probably expired. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. I have the same with outlook 2013 and it works fine. My AV software is doing a man in the middle on it so it can check the contents. |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Dennis@home wrote:
On 06/04/2015 09:23, Adrian Caspersz wrote: If you have previously setup 2FA, you will have been using App Passwords. Your last used App Password for this client has probably expired. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. I have the same with outlook 2013 and it works fine. My AV software is doing a man in the middle on it so it can check the contents. Which is not needed. -- A |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
On 06/04/2015 18:09, A wrote:
Dennis@home wrote: On 06/04/2015 09:23, Adrian Caspersz wrote: If you have previously setup 2FA, you will have been using App Passwords. Your last used App Password for this client has probably expired. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. I have the same with outlook 2013 and it works fine. My AV software is doing a man in the middle on it so it can check the contents. Which is not needed. That would be why none of the recent "invoice" emails got through without the attachment being sterilised? |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Adrian Caspersz wrote:
On 06/04/15 10:58, Roger Mills wrote: No, I haven't set up 2FA. FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different incoming port (993) but exactly same outgoing setup (587/TLS) as above. Sending works fine. Just tried changing 995 to 993 on my POP/SMTP setup to no avail. That wouldn't be expected to work. Perhaps google want to enforce the use of 2FA but they are not exactly being clear about it. I'd recommend enabling it, but that's just me. IIRC I decided against that as I don't have a phone on which I could install Google's 2 factor authentication app and I didn't want to risk being locked out when away from home and out of SMS range. But I appreciate that put's me in a minority; and I haven't checked since if there are other options. -- Robin reply to address is (meant to be) valid |
Using Gmail accounts in Outlook [OT in uk.d-i-y]
Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts set up within it - mainly those linked to my (PlusNet) internet account, but also including one Gmail account. I have always - until now - been able to send emails from my Gmail account. But I've just tried to send one today, only to have it blocked by some nefarious guff about clients like Outlook[1] not being secure! WTF? Is that yet another step along the road towards Google's world dominance, or does it have any merit? They do seem to be offering the option to "allow less secure apps" - but that comes with dire warnings! Anyone one else encountered this - and what did you do? [1] Other "insecure" apps include Thunderbird and mail apps on Apple devices and Windows phones - but not any Google apps of course! Gmail works fine here in Outlook 10 and Outlook 2013 using both IMAP and POP3 IMAP ==== Incoming imap.gmail.com using Port 993 and with SSL Outgoing smtp.gmail.com using Port 465 and with SSL POP3 ==== Incoming pop.gmail.com using Port 995 SSL Outgoing smtp.gmail.com using Port 465 SSL or 587 TLS -- ....winston msft mvp consumer apps |
| All times are GMT +1. The time now is 09:52 AM. |
|
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004 - 2014 DIYbanter