I've been using hmailserver for years, at hundreds of clients, but only for one specific purpose: SMTP Relay
For example...
local copier or temperature sensor or alerting system (such as PRTG) > hMailServer > smtp.gmail.com with authentication to a user account (mailbox) in the GSuite domain
This gives the sysadmin greater control and logging of messages sent out, and gives end-users further security by being able to see that all messages come from the same email account on their domain.
Today I received this announcement...
https://gsuiteupdates.googleblog.com/20 ... t.html?m=1
I realize the article says copiers and devices using smtp will continue to work, but I strongly suspect that is related to the "Google sanctioned" method where you whitelist the WAN IP of your device to Google and let it send unauthenticated to smtp.google.com
This method is undesirable for several reasons, not the least of which is no local log/retention of mail that's supposedly gone out, but also impossible to implement with any sense of reliability if your WAN IP is dynamic and not static.
So ... would it be possible/imparative for hMailServer to support OAuth directly?
support Oauth
Re: support Oauth
That link says in part
'No change is required for scanners or other devices using simple mail transfer protocol (SMTP) or LSAs to send emails. '
'No change is required for scanners or other devices using simple mail transfer protocol (SMTP) or LSAs to send emails. '
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation
Re: support Oauth
I could be wrong about this, but I believe when they say "scanners and printers" what they really mean is anything using smtp to relay mail through smtp.gmail.com.jpm wrote: ↑2019-12-17 14:47I realize the article says copiers and devices using smtp will continue to work, but I strongly suspect that is related to the "Google sanctioned" method where you whitelist the WAN IP of your device to Google and let it send unauthenticated to smtp.google.com
This method is undesirable for several reasons, not the least of which is no local log/retention of mail that's supposedly gone out, but also impossible to implement with any sense of reliability if your WAN IP is dynamic and not static.
So ... would it be possible/imparative for hMailServer to support OAuth directly?
The way it works (I think) is not about a particular device, but rather giving permission to use gmail's relay and for that all they can know about any SMTP connection is the IP address. The oauth allows access. If you've already obtained access permission for your IP, you won't need to do it again. So if you're relaying through hmailserver > smtp.gmail.com, then your hmailserver is the legacy device and you shouldn't have problems in the future.
I have had issues in the past gaining permission and the way I did it was to go into the gsuite admin console and manually allow it. Some apps and scripts that don't support oauth probably won't even get a notice for the reason it was blocked, so in those cases I went to the admin console, found it and allowed it. I'm not sure how this will work in the future, but I suspect that for SMTP it will remain the same because by its very nature its a password only protocol.
Apps that do support oauth open a browser window the first time you connect and that allow you to authorize it on the spot. That would be a good feature for hmailserver since finding the reason through the gsuite admin console is neither intuitive nor simple.
-
- New user
- Posts: 1
- Joined: 2021-02-04 09:07
Re: support Oauth
Hello everyone!
Want to bump this thread for a few questions.
Some background.
I'm using hMailServer as a small LAN mail server.
And I'm also using External accounts to download messages from
several G Suite accounts.
So the question is, will that POP3 download still work when Google
turns off access to LSAs for all G Suite accounts?
Possible workarounds?
Want to bump this thread for a few questions.
Some background.
I'm using hMailServer as a small LAN mail server.
And I'm also using External accounts to download messages from
several G Suite accounts.
So the question is, will that POP3 download still work when Google
turns off access to LSAs for all G Suite accounts?
Possible workarounds?
Re: support Oauth
I don't think anything changed or will change. You can still authorize "less secure connections" and they still allow pop/imap access.simplehmsuser wrote: ↑2021-02-04 09:10Hello everyone!
Want to bump this thread for a few questions.
Some background.
I'm using hMailServer as a small LAN mail server.
And I'm also using External accounts to download messages from
several G Suite accounts.
So the question is, will that POP3 download still work when Google
turns off access to LSAs for all G Suite accounts?
Possible workarounds?
Re: support Oauth
Was OAuth 2.0 or "Modern Authentication" ever implemented to allow hMailServer to relay mail to O365 / Exchange online accounts now that basic authentication has been disabled for SMTP connections to Microsoft?
Re: support Oauth
NO, however an APP password set in O365 (or gMail) will work fine.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation