I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

Cannot say I've noticed anything as yet. Its probably more hand holding of
people who never bother to check things they are clicking on etc. I noticed
the other day that 1 in three emails I sent from Virgin to yahoo accounts
was undelivered quoting the virgin server as being in a spamhouse list.


The problem isits fine if these boys running mega email systems want to get
real picky about what they allow, but its not actually teaching the masses
to be careful is it?
The most insecure of email systems has to be online web mail of which Yahoo
and Google run a fair few, and only yesterday yet another friend has had
their entire address book copied and stupid messages sent to them all
pretending to be from the person with the original account. Until people
actually take charge of their accounts and make sure they are not hacked,
there is little hope other than to make email so awkward and unreliable as
to make it pointless.

Brian

--
Brian Gaff....Note, this account does not accept Bcc: email.
graphics are great, but the blind can't hear them
Email:
__________________________________________________ __________________________________________________ __________


"Roger Mills" wrote in message
...
I use Outlook as my main email client, and have lots of email accounts set
up within it - mainly those linked to my (PlusNet) internet account, but
also including one Gmail account. I have always - until now - been able to
send emails from my Gmail account. But I've just tried to send one today,
only to have it blocked by some nefarious guff about clients like
Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

On 05/04/15 16:31, Brian Gaff wrote:
Cannot say I've noticed anything as yet. Its probably more hand holding of
people who never bother to check things they are clicking on etc. I noticed
the other day that 1 in three emails I sent from Virgin to yahoo accounts
was undelivered quoting the virgin server as being in a spamhouse list.


The problem isits fine if these boys running mega email systems want to get
real picky about what they allow, but its not actually teaching the masses
to be careful is it?
The most insecure of email systems has to be online web mail of which Yahoo
and Google run a fair few, and only yesterday yet another friend has had
their entire address book copied

They had two factor authentication (2FA) turned off, an account hacking
precaution that is pretty easy to set up.

Or they were using Windows.....

--
Adrian C

Of course they were using Windows, for most people that is all there is.
Brian

--
From the Sofa of Brian Gaff Reply address is active
"Adrian Caspersz" wrote in message
...
On 05/04/15 16:31, Brian Gaff wrote:
Cannot say I've noticed anything as yet. Its probably more hand holding
of
people who never bother to check things they are clicking on etc. I
noticed
the other day that 1 in three emails I sent from Virgin to yahoo accounts
was undelivered quoting the virgin server as being in a spamhouse list.


The problem isits fine if these boys running mega email systems want to
get
real picky about what they allow, but its not actually teaching the
masses
to be careful is it?
The most insecure of email systems has to be online web mail of which
Yahoo
and Google run a fair few, and only yesterday yet another friend has had
their entire address book copied

They had two factor authentication (2FA) turned off, an account hacking
precaution that is pretty easy to set up.

Or they were using Windows.....

--
Adrian C

On 06/04/15 09:59, Brian Gaff wrote:
Of course they were using Windows, for most people that is all there is.

pebkac error....


--
Adrian C

On Sun, 05 Apr 2015 15:48:29 +0100, Roger Mills
wrote:

I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!


Of course!

I went into account settings and turned on "access for less secure
apps" (TM)

If there are consequences I am not yet aware of them.


--

Graham.

%Profound_observation%

No I've not had to change anything and use gmail for some mailing lists. I
use a secure connection as usual though Outlook Express and live mail and
not seen any issues.
Maybe its just some users?
Brian

--
From the Sofa of Brian Gaff Reply address is active
"Graham." wrote in message
...
On Sun, 05 Apr 2015 15:48:29 +0100, Roger Mills
wrote:

I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!


Of course!

I went into account settings and turned on "access for less secure
apps" (TM)

If there are consequences I am not yet aware of them.


--

Graham.

%Profound_observation%

On 05 Apr 2015, Roger Mills wrote in
alt.windows7.general:

They do seem to be offering the option to "allow less secure apps"
- but that comes with dire warnings!

Anyone one else encountered this - and what did you do?

The "dire warning" is just FUD intended to keep you within the confines
of Google. Go ahead and approve the "less secure" app. I did long ago
so I could use various other IMAP and POP mail clients and it has never
been a problem.

On 05/04/2015 15:48, Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!

What happens if you use SSL on port 465?

I have had to use this in some hotels where sending via the normal port
is blocked.

--
Michael Chare

On 05/04/2015 19:43, Michael Chare wrote:


What happens if you use SSL on port 465?


Slightly different error message (compared with using port 995) - but
still no go!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

| What happens if you use SSL on port 465?
|
|
| Slightly different error message (compared with using port 995) - but
| still no go!

465 and 995 are for outgoing and incoming
respectively. If you use both, with SSL, I don't
know of any more secure option, other than maybe
using secure password authentication.

The page you linked doesn't provide any real
information, so it's hard to know what they're
talking about. (Port 25 has been phased out for
a long time. It's associated with "open relay"
problems -- SMTP without password verification.)

If the above settings don't work then it's likely
just a google scam, as someone else mentioned.

Then of course there's the obvious question:
You probably have ISP email. You could have your own
domain email. There are other, less sleazy options
like hushmail. So one wonders why you're using
gmail in the first place.

On 05/04/2015 23:36, Mayayana wrote:

Then of course there's the obvious question:
You probably have ISP email. You could have your own
domain email. There are other, less sleazy options
like hushmail. So one wonders why you're using
gmail in the first place.


I do indeed have ISP email - which is what I use by default. I use Gmail
very little - but have found it useful sometimes when away from home,
when I haven't been able to use my ISP's SMTP server. I also use it as a
"throw-away" account for posting to a few forums - so that if it gets
seriously spammed, I can junk it and create another one.

It was in this connection - trying to post to a forum - that I
discovered that it no longer works.
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

On 06/04/2015 00:24:46, Roger Mills wrote:
On 05/04/2015 23:36, Mayayana wrote:

Then of course there's the obvious question:
You probably have ISP email. You could have your own
domain email. There are other, less sleazy options
like hushmail. So one wonders why you're using
gmail in the first place.


I do indeed have ISP email - which is what I use by default. I use Gmail very
little - but have found it useful sometimes when away from home, when I
haven't been able to use my ISP's SMTP server. I also use it as a
"throw-away" account for posting to a few forums - so that if it gets
seriously spammed, I can junk it and create another one.

It was in this connection - trying to post to a forum - that I discovered
that it no longer works.

Maybe because you haven't used it is what is causing the problem.
I have been using two gmail accounts with Outlook 2010 for a long
while. My settings in Outlook are the same as yours and I have not
encountered any problem (as yet).
I do go on to each account on the web about every three months and
clear out all the junk as I have Outlook set to leave messages on
server.
Perhaps it is that action that keeps it alive.

--
mick

Mayayana wrote:
| What happens if you use SSL on port 465?
|
|
| Slightly different error message (compared with using port 995) - but
| still no go!

465 and 995 are for outgoing and incoming
respectively. If you use both, with SSL, I don't
know of any more secure option, other than maybe
using secure password authentication.

Secure against what? E-Mail is insecure. Authenticating yourself
when reading/writing mail is all very well but doesn't prevent anyone
either impersonating you or intercepting your mail on its way to you
or from you.

--
Chris Green
·

On 06/04/15 10:18, wrote:
Mayayana wrote:
| What happens if you use SSL on port 465?
|
|
| Slightly different error message (compared with using port 995) - but
| still no go!

465 and 995 are for outgoing and incoming
respectively. If you use both, with SSL, I don't
know of any more secure option, other than maybe
using secure password authentication.

Secure against what? E-Mail is insecure. Authenticating yourself
when reading/writing mail is all very well but doesn't prevent anyone
either impersonating you or intercepting your mail on its way to you
or from you.

however using ssh does make man in the middle attacks harder.



--
Everything you read in newspapers is absolutely true, except for the
rare story of which you happen to have first-hand knowledge. €“ Erwin Knoll

| Secure against what? E-Mail is insecure.

There are different kinds of login. The most common
types are to pass the name and password as either
plain text or base-64, which is easily deciphered, on
a non-secure connection.

It used to be that anyone could send an email without
authentication. That was only needed for receiving.
Later there were minimal checks. For instance, some
ISPs used to check that email was at least coming
from their network.

That was changed because of spammers, mainly, rather
than security or privacy concerns. Over time it's become
standard to require login for sending and now it's becoming
common to use SSL and encrypted passwords. There's also
a push on to encrypt web traffic in general.

But I wouldn't argue with your point, especially where
GMail is concerned. While a secure connection might save
your email being hijacked while hanging out in Starbucks
on their wireless connection, even with all possible security
there's still Google reading your email, claiming co-rights to
your email and retaining copies even if you delete them,
all *as part of your alleged agreement with them*. That
means your email is also available to any employees with
access to Google servers, and probably to the NSA. It also
means you've given implied consent to the notion that you
don't care and don't expect private email. (That's the argument
that Google likes to use legally: You can't complain because
you have no reasonable expectation of privacy, because Google
is dishonest and everyone already knows that before they
sign up. It's sort of like, "Of course I robbed him, your honor,
but he gave me his implied consent by letting me into his house
to fix the drain. And he agreed to that on page 17 of the liability
disclaimer he signed before I did the work."

There was an interesting analysis of expectation of
privacy awhile back:

http://wakeforestlawreview.com/readi...nd-privacy-law

The gist of the idea being that one's expectation of
privacy, in a legal sense, is affected in part by one's
expectation. If we don't make an effort to keep email
private, through lack of security, use of corporate
webmail, etc, then we could lose the right. In other
words, in a way, Google's logic is correct: Anyone who
trusts Google should have known that Google can't be
trusted. Therefore, if you use GMail you've already
agreed to let Google rob you. And by extension you've
agreed that the NSA, Google's business partners, and
any Tom, Dick, or Harry, for that matter, are doing nothing
wrong in the simple act of reading your email. You
"left it out on the table", so to speak. Maybe you
didn't mean to, but you should have known that
anyone could just break into your house and look at
what's on the table.

The NSA has been trying to use the argument that
Microsoft should give them access to customer files on
their European servers with an even more far-fetched
claim, which is that customer files are not private property
but are, rather, Microsoft business records, which the
US govt has a right to access. There's already some
precedent for that, in a sense. If you get arrested and
the court gets a warrant (or subpoena?) to access your
GMail, they'll demand it from Google, not from you. So
where *is* your ownership?

Arguably one of the greatest threats to privacy is
the glib and lazy pronouncement by many people that,
"Hey, there's no online privacy anyway, so there's no
point in worrying about it."

Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!

It might be a statement about SSL/TLS transport
when connecting to Google. Consider whether the path
to Google is protected by encryption.

Years ago, all your email was traveling as plaintext,
and could be read as it flies by, at the ISP. Or
read by the NSA. Tightening up the transport might
be part of this story.

I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.

I think part of the setup of things like that,
relies on certificates. And at least one recent
issue came up, when a certain laptop manufacturer,
installed MITM software which generated bogus
local certificates. Maybe this is some fallout
from that incident. Lenovo has since issued
removal software, due to the bad PR.

http://support.lenovo.com/ca/en/prod...rity/superfish

You have to read an awful lot of incident reports,
to have any inkling where some of these "security"
warnings are coming from. One of my browsers is
almost useless now, due to the tightening of
SSL/TLS and generating new sessions to prevent
certain kinds of padding attacks. There's all sorts
of stuff going on, that can be traced to
the exploits you read about.

*******

AS for the topic of email, to me webmail services
are for the birds. I use a POP3 account, I have
some idea what transport and what port number it
uses. I have some idea what my exposures are.
The people I've tried to help with webmail,
everything done in webmail seems to be served
with a large dose of bull****. Just a gut reaction
of mine. I'm as suspicious as you are.

Paul

On 05 Apr 2015, Paul wrote in
alt.windows7.general:

It might be a statement about SSL/TLS transport
when connecting to Google. Consider whether the path
to Google is protected by encryption.

I think Google mail requires SSL/TLS. They won't let you do POP3 or
IMAP without it.

AS for the topic of email, to me webmail services
are for the birds. I use a POP3 account, I have
some idea what transport and what port number it
uses. I have some idea what my exposures are.
The people I've tried to help with webmail,
everything done in webmail seems to be served
with a large dose of bull****. Just a gut reaction
of mine. I'm as suspicious as you are.

The error message in question is a real one from Google. I got it
myself when I first used my own email client to grab Google via POP3
and IMAP. At first I couldn't connect. When I went to the Gmail web
interface I found that message about "insecure apps". I had to approve
it before I could connect. They want to keep you using the web
interface or their approved Google mobile apps. Fortunately, they allow
you to use other things, you just have to jump through a couple of
hoops.

On 05/04/2015 20:11, Paul wrote:


I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.


Most - probably all - of my non-Gmail POP accounts are set up to use the
default ports (110 in and 25 out)

Gmail is set up to use an incoming port of 995, and "This server
requires encrypted connection (SSL)" is ticked.
The outgoing port is 587 and, below the port number in Advanced
Settings, it says "Use the following type of encrypted connection:" -
with the options being None, SSL, TLS and Auto. For the last n years,
this has been set to TLS and has worked until now. All the settings were
as per the instructions on Google's site at the time I set it up. Now
they don't work, and changing from TLS to any of the other options makes
no difference.

If I click "Test Account Settings" in Outlook (causing it to try to send
and receive test messages) it displays an error which says:
"Log onto incoming mail server (POP3): Your e-mail server rejected your
login. Verify your user name and password in your account properties.
Under Tools, click E-mail accounts. The server responded: -ERR [AUTH]
Web login required:
https://support.google.com/mail/bin/answer.py?answer=78754"

I can almost certainly make it work by going down the "Use a less secure
connection" route - but does anyone know of any alternative port
combinations etc. which are likely to work without having to do that?
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote:


I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.


Most - probably all - of my non-Gmail POP accounts are set up to use
the default ports (110 in and 25 out)

Gmail is set up to use an incoming port of 995, and "This server
requires encrypted connection (SSL)" is ticked.
The outgoing port is 587 and, below the port number in Advanced
Settings, it says "Use the following type of encrypted connection:" -
with the options being None, SSL, TLS and Auto. For the last n years,
this has been set to TLS and has worked until now. All the settings
were as per the instructions on Google's site at the time I set it
up. Now they don't work, and changing from TLS to any of the other
options makes no difference.

If I click "Test Account Settings" in Outlook (causing it to try to
send and receive test messages) it displays an error which says:
"Log onto incoming mail server (POP3): Your e-mail server rejected
your login. Verify your user name and password in your account
properties. Under Tools, click E-mail accounts. The server
responded: -ERR [AUTH] Web login required:
https://support.google.com/mail/bin/answer.py?answer=78754"

I can almost certainly make it work by going down the "Use a less
secure connection" route - but does anyone know of any alternative
port combinations etc. which are likely to work without having to do
that?

What little I read last summer when I met this problem made clear it
was nothing to do with ports, SSL etc. and that there was no way around
the issue in Outlook other than the lower security settings. So that's
what I did. As we've used Outlook since 1997 we're reluctant to switch
to TB now even if it is free and community-based and all the other nice
things that MS Office ain't

AIUI there was also resistance within the Thunderbird community to
implementing OAuth 2.0 as that meant bowing down to Google's unilateral
decision. But from what Paul reported in response to me earlier they
have now provided for 2 factor authentication (I assume quite recently).
--
Robin
reply to address is (meant to be) valid

Robin wrote:
Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote:

I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.

Most - probably all - of my non-Gmail POP accounts are set up to use
the default ports (110 in and 25 out)

Gmail is set up to use an incoming port of 995, and "This server
requires encrypted connection (SSL)" is ticked.
The outgoing port is 587 and, below the port number in Advanced
Settings, it says "Use the following type of encrypted connection:" -
with the options being None, SSL, TLS and Auto. For the last n years,
this has been set to TLS and has worked until now. All the settings
were as per the instructions on Google's site at the time I set it
up. Now they don't work, and changing from TLS to any of the other
options makes no difference.

If I click "Test Account Settings" in Outlook (causing it to try to
send and receive test messages) it displays an error which says:
"Log onto incoming mail server (POP3): Your e-mail server rejected
your login. Verify your user name and password in your account
properties. Under Tools, click E-mail accounts. The server
responded: -ERR [AUTH] Web login required:
https://support.google.com/mail/bin/answer.py?answer=78754"

I can almost certainly make it work by going down the "Use a less
secure connection" route - but does anyone know of any alternative
port combinations etc. which are likely to work without having to do
that?

What little I read last summer when I met this problem made clear it
was nothing to do with ports, SSL etc. and that there was no way around
the issue in Outlook other than the lower security settings. So that's
what I did. As we've used Outlook since 1997 we're reluctant to switch
to TB now even if it is free and community-based and all the other nice
things that MS Office ain't

AIUI there was also resistance within the Thunderbird community to
implementing OAuth 2.0 as that meant bowing down to Google's unilateral
decision. But from what Paul reported in response to me earlier they
have now provided for 2 factor authentication (I assume quite recently).

I did the quickest check possible.

While the word appears in the code, we have no way
(immediately) of knowing it is wired up.

And this issue has apparently raised quite a stink...
I'm not going to try to summarize this.

https://bugzilla.mozilla.org/show_bug.cgi?id=849540

Paul

Paul wrote:
Robin wrote:
Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote:

I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.

Most - probably all - of my non-Gmail POP accounts are set up to use
the default ports (110 in and 25 out)

Gmail is set up to use an incoming port of 995, and "This server
requires encrypted connection (SSL)" is ticked.
The outgoing port is 587 and, below the port number in Advanced
Settings, it says "Use the following type of encrypted connection:" -
with the options being None, SSL, TLS and Auto. For the last n years,
this has been set to TLS and has worked until now. All the settings
were as per the instructions on Google's site at the time I set it
up. Now they don't work, and changing from TLS to any of the other
options makes no difference.

If I click "Test Account Settings" in Outlook (causing it to try to
send and receive test messages) it displays an error which says:
"Log onto incoming mail server (POP3): Your e-mail server rejected
your login. Verify your user name and password in your account
properties. Under Tools, click E-mail accounts. The server
responded: -ERR [AUTH] Web login required:
https://support.google.com/mail/bin/answer.py?answer=78754"

I can almost certainly make it work by going down the "Use a less
secure connection" route - but does anyone know of any alternative
port combinations etc. which are likely to work without having to do
that?

What little I read last summer when I met this problem made clear it
was nothing to do with ports, SSL etc. and that there was no way
around the issue in Outlook other than the lower security settings.
So that's what I did. As we've used Outlook since 1997 we're
reluctant to switch to TB now even if it is free and community-based
and all the other nice things that MS Office ain't

AIUI there was also resistance within the Thunderbird community to
implementing OAuth 2.0 as that meant bowing down to Google's
unilateral decision. But from what Paul reported in response to me
earlier they have now provided for 2 factor authentication (I assume
quite recently).

I did the quickest check possible.

While the word appears in the code, we have no way
(immediately) of knowing it is wired up.

And this issue has apparently raised quite a stink...
I'm not going to try to summarize this.

https://bugzilla.mozilla.org/show_bug.cgi?id=849540

Paul

The link that led to that one.

"gmail says Thunderbird not safe"
Go to Allow less secure apps and choose "Allow"

http://forums.mozillazine.org/viewto...f=39&t=2852231

Paul

On 05/04/15 23:03, Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote:


I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.


Most - probably all - of my non-Gmail POP accounts are set up to use the
default ports (110 in and 25 out)

Gmail is set up to use an incoming port of 995, and "This server
requires encrypted connection (SSL)" is ticked.
The outgoing port is 587 and, below the port number in Advanced
Settings, it says "Use the following type of encrypted connection:" -
with the options being None, SSL, TLS and Auto. For the last n years,
this has been set to TLS and has worked until now. All the settings were
as per the instructions on Google's site at the time I set it up. Now
they don't work, and changing from TLS to any of the other options makes
no difference.

If you have previously setup 2FA, you will have been using App
Passwords. Your last used App Password for this client has probably expired.

FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different
incoming port (993) but exactly same outgoing setup (587/TLS) as above.
Sending works fine.

--
Adrian C

On 06/04/2015 09:23, Adrian Caspersz wrote:
On 05/04/15 23:03, Roger Mills wrote:
On 05/04/2015 20:11, Paul wrote:


I'm not enough of a mail/tools expert, to know from
your description, what protections were in existence
at the time you sent the mail. Knowing the port
numbers used would help.


Most - probably all - of my non-Gmail POP accounts are set up to use the
default ports (110 in and 25 out)

Gmail is set up to use an incoming port of 995, and "This server
requires encrypted connection (SSL)" is ticked.
The outgoing port is 587 and, below the port number in Advanced
Settings, it says "Use the following type of encrypted connection:" -
with the options being None, SSL, TLS and Auto. For the last n years,
this has been set to TLS and has worked until now. All the settings were
as per the instructions on Google's site at the time I set it up. Now
they don't work, and changing from TLS to any of the other options makes
no difference.

If you have previously setup 2FA, you will have been using App
Passwords. Your last used App Password for this client has probably
expired.


No, I haven't set up 2FA.

FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different
incoming port (993) but exactly same outgoing setup (587/TLS) as above.
Sending works fine.


Just tried changing 995 to 993 on my POP/SMTP setup to no avail.
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

On 06/04/15 10:58, Roger Mills wrote:


No, I haven't set up 2FA.

FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different
incoming port (993) but exactly same outgoing setup (587/TLS) as above.
Sending works fine.


Just tried changing 995 to 993 on my POP/SMTP setup to no avail.

That wouldn't be expected to work.

Perhaps google want to enforce the use of 2FA but they are not exactly
being clear about it.

I'd recommend enabling it, but that's just me.

--
Adrian C

Roger Mills wrote:
On 06/04/2015 09:23, Adrian Caspersz wrote:
FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different
incoming port (993) but exactly same outgoing setup (587/TLS) as above.
Sending works fine.


Just tried changing 995 to 993 on my POP/SMTP setup to no avail.

993 is for IMAP not POP3

--
....winston
msft mvp consumer apps

On 06/04/2015 09:23, Adrian Caspersz wrote:

If you have previously setup 2FA, you will have been using App
Passwords. Your last used App Password for this client has probably
expired.

FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different
incoming port (993) but exactly same outgoing setup (587/TLS) as above.
Sending works fine.


I have the same with outlook 2013 and it works fine.
My AV software is doing a man in the middle on it so it can check the
contents.

Dennis@home wrote:
On 06/04/2015 09:23, Adrian Caspersz wrote:

If you have previously setup 2FA, you will have been using App
Passwords. Your last used App Password for this client has probably
expired.

FWIW I've got an gmail IMAP/SMTP setup on Outlook 2010. Different
incoming port (993) but exactly same outgoing setup (587/TLS) as above.
Sending works fine.


I have the same with outlook 2013 and it works fine.
My AV software is doing a man in the middle on it so it can check the
contents.

Which is not needed.

--
A

Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!

Gmail works fine here in Outlook 10 and Outlook 2013 using both IMAP and
POP3

IMAP
====
Incoming
imap.gmail.com using Port 993 and with SSL
Outgoing
smtp.gmail.com using Port 465 and with SSL



POP3
====
Incoming
pop.gmail.com using Port 995 SSL
Outgoing
smtp.gmail.com using Port 465 SSL or 587 TLS



--
....winston
msft mvp consumer apps

On 06/04/2015 21:27, "...winston€«" wrote:
Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!

Gmail works fine here in Outlook 10 and Outlook 2013 using both IMAP and
POP3

IMAP
====
Incoming
imap.gmail.com using Port 993 and with SSL
Outgoing
smtp.gmail.com using Port 465 and with SSL



POP3
====
Incoming
pop.gmail.com using Port 995 SSL
Outgoing
smtp.gmail.com using Port 465 SSL or 587 TLS




Doesn't work with 2007 though, sadly.
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

On 06/04/2015 22:31, Roger Mills wrote:
On 06/04/2015 21:27, "...winston€«" wrote:


Gmail works fine here in Outlook 10 and Outlook 2013 using both IMAP and
POP3

IMAP
====
Incoming
imap.gmail.com using Port 993 and with SSL
Outgoing
smtp.gmail.com using Port 465 and with SSL



POP3
====
Incoming
pop.gmail.com using Port 995 SSL
Outgoing
smtp.gmail.com using Port 465 SSL or 587 TLS




Doesn't work with 2007 though, sadly.

Anyway, as suggested by lots of people, I've now told it to permit less
secure apps - and I was instantly able to send and receive test messages
again.

So, looks like end of story - unless Google's dire warnings were genuine!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

Roger Mills wrote:
On 06/04/2015 21:27, "...winston€«" wrote:
Roger Mills wrote:
I use Outlook as my main email client, and have lots of email accounts
set up within it - mainly those linked to my (PlusNet) internet account,
but also including one Gmail account. I have always - until now - been
able to send emails from my Gmail account. But I've just tried to send
one today, only to have it blocked by some nefarious guff about clients
like Outlook[1] not being secure!

WTF? Is that yet another step along the road towards Google's world
dominance, or does it have any merit?

They do seem to be offering the option to "allow less secure apps" - but
that comes with dire warnings!

Anyone one else encountered this - and what did you do?

[1] Other "insecure" apps include Thunderbird and mail apps on Apple
devices and Windows phones - but not any Google apps of course!

Gmail works fine here in Outlook 10 and Outlook 2013 using both IMAP and
POP3

IMAP
====
Incoming
imap.gmail.com using Port 993 and with SSL
Outgoing
smtp.gmail.com using Port 465 and with SSL



POP3
====
Incoming
pop.gmail.com using Port 995 SSL
Outgoing
smtp.gmail.com using Port 465 SSL or 587 TLS




Doesn't work with 2007 though, sadly.

Not enough info.
POP3 or IMAP ?
What are your settings ?
Port, SSL or TLS, Password form (e.g Cleartext), Authentication, etc.


Is Gmail web UI user settings configured properly to enable POP3 or IMAP
(i.e. correct mail protocol enabled) ?

I've a replacable drive for this laptop with Win7/OL07 - testing it
works fine using POP3. For IMAP, works too - though my settings for
IMAP are Port 993 with SSL and 587 with TLS

Fyi...I don't scan email incoming or outgoing. There are occasions that
if enabled current or in the past doing so can corrupt the email
account, registry data, or pst file.

--
....winston
msft mvp consumer apps

On 05/04/2015 19:09, Huge wrote:
On 2015-04-05, Roger wrote:
I use Outlook as my main email client,

There's your problem, right there.


So what would *your* solution be - bearing in mind that Google claim
that virtually every email client that isn't one of their making is
insecure!
--
Cheers,
Roger
____________
Please reply to Newsgroup. Whilst email address is valid, it is seldom
checked.

Roger Mills scribbled


On 05/04/2015 19:09, Huge wrote:
On 2015-04-05, Roger wrote:
I use Outlook as my main email client,

There's your problem, right there.


So what would *your* solution be - bearing in mind that Google claim
that virtually every email client that isn't one of their making is
insecure!


Thunderbird works and has SSL.

Jonno wrote:
Roger Mills scribbled


On 05/04/2015 19:09, Huge wrote:
On 2015-04-05, Roger wrote:
I use Outlook as my main email client,

There's your problem, right there.


So what would *your* solution be - bearing in mind that Google claim
that virtually every email client that isn't one of their making is
insecure!


Thunderbird works and has SSL.

Outlook has SSL. The issue AIUI is that Google require either OAuth 2.0
or 2-stage authentication or user's agreement to use "less secure apps".
Does Thunderbird now have OAuth 2.0?
--
Robin
reply to address is (meant to be) valid

Robin wrote:
Jonno wrote:
Roger Mills scribbled

On 05/04/2015 19:09, Huge wrote:
On 2015-04-05, Roger wrote:
I use Outlook as my main email client,
There's your problem, right there.

So what would *your* solution be - bearing in mind that Google claim
that virtually every email client that isn't one of their making is
insecure!

Thunderbird works and has SSL.

Outlook has SSL. The issue AIUI is that Google require either OAuth 2.0
or 2-stage authentication or user's agreement to use "less secure apps".
Does Thunderbird now have OAuth 2.0?

The quickest way to answer that is:

1) Download Thunderbird source tarball.
2) Extract just the TAR file, not the 125,000 files inside.
3) Use a hex editor.

Oauth2 is present.

http://i61.tinypic.com/1zlw21e.gif

If you attempt to unpack source and use Windows search of the
contents, around 67,000 files have the wrong line endings
and a text search will ignore the file contents. Hex editing
a TAR file, is a lot faster for a basic "is it even mentioned"
check. It would probably take half the day, to identify the
actual correct source file.

Paul

Paul wrote:
Robin wrote:
Outlook has SSL. The issue AIUI is that Google require either OAuth
2.0 or 2-stage authentication or user's agreement to use "less
secure apps". Does Thunderbird now have OAuth 2.0?

The quickest way to answer that is:

1) Download Thunderbird source tarball.
2) Extract just the TAR file, not the 125,000 files inside.
3) Use a hex editor.

Oauth2 is present.

http://i61.tinypic.com/1zlw21e.gif

If you attempt to unpack source and use Windows search of the
contents, around 67,000 files have the wrong line endings
and a text search will ignore the file contents. Hex editing
a TAR file, is a lot faster for a basic "is it even mentioned"
check. It would probably take half the day, to identify the
actual correct source file.

Thanks. I was apparently misled by
https://bugzilla.mozilla.org/show_bug.cgi?id=849540 which suggested to
me OAuth 2.0 wasn't yet working in the current release.

--
Robin
reply to address is (meant to be) valid

On 05/04/15 19:20, Roger Mills wrote:
On 05/04/2015 19:09, Huge wrote:
On 2015-04-05, Roger wrote:
I use Outlook as my main email client,

There's your problem, right there.


So what would *your* solution be - bearing in mind that Google claim
that virtually every email client that isn't one of their making is
insecure!

Use thunderbird...