Menu
GMail can used as a SMTP server. I've written the code that does it. But as we all know GMail may occasionally authenticate using captcha (image verification as they call it). The same thing may be the cause to reject SMTP authentication.
As I've seen google shows image verification when you try to log-in for the first time from some machine. All consecutive log-ins from the same machine (to the same account) use regular login. I'm a bit afraid this captcha may also come up again for some other reasons that I can't control.
So. Is it possible to still authenticate when special measures are needed? And how?
I should also mention that logging in from the machine via web browser also enables programmatic SMTP authentication.
730
The SMTP server for Gmail is a free SMTP server that anyone across the globe can use. It allows you to manage email transactions from your Gmail account via email clients or web applications.
Under Security, scroll down and enable access for less secure apps. This setting is required to enable SMTP, POP or IMAP access. If there is still a problem, try clearing Captcha: visit https://accounts.google.com/DisplayUnlockCaptcha and sign in with the Gmail username and password.
If your organization uses Microsoft Exchange or another SMTP service or server, you can set up the SMTP relay service to route outgoing mail through Google. You can use it to: Filter messages for spam and viruses before they reach external recipients. Apply email security and advanced Gmail settings to outgoing ...
Try:
http://www.google.com/accounts/DisplayUnlockCaptcha
Or for Google Apps for your domain:
https://www.google.com/a/yourdomain.com/UnlockCaptcha
I can bet it's an IP based solution, so if your app if deployed somewhere else, It doesn't help.
150
Google doesn't seem to be particularly clear about what prompts them to block a user's account until he has successfully entered a captcha phrase. However, it's likely that this is a mechanism which is triggered when Google sees what it considers to be unusual or suspicious activity associated with your account. As a result, I would expect it to be unlikely that they will supply an option to opt out of a mechanism which is protecting both them and you, although others are welcome to find evidence to the contrary.
Various discussions of when and how this happens throw up some suggestions which you might like to try to see if they help, such as choosing a stronger password or simply changing your password. Good luck!
10
IMHO The right way to do this, without implementing the user consent workflow or "hacking your account's security settings", is obtaining a refresh token with the Google OAuth2.0 Playground for Offline Access. After that, you can authenticate using the OAuth 2.0 API.
I got it working after reading Nodemailer/Gmail - What exactly is a refresh token and how do I get one?
3
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
