Why does gmail block my postfix relay?

The terms modern security standards standards was "little" vague here. No one except google can explain what is the exact meaning of modern security standards standards.

However, after lurking the internet about this term, here some explanation about this incident.

• apsillers answer on Security.SE

In my understanding, "less secure apps" refers to applications that send your credentials directly to Gmail. Lots of things can go wrong when you give your credentials to third party to give to the authentication authority: the third party might keep the credentials in storage without telling you, they might use your credentials for purposes outside the stated scope of the application, they might send your credentials over a network without encryption, etc.

"Less secure" isn't meant to say that apps that use your credentials are necessarily full of security holes or run by criminals. Rather, it is the category of behavior -- giving your credentials to a third party -- that is fundamentally less secure than using an authorization mechanism like OAuth. With authorization, you never allow the third party to see your credentials, so an entire category of problems are instantly eliminated.

• Thunderbird forum

Google wants email clients to implement OAuth2.0-based authentication, and has stated they intend to cause disruption (hassles) for users that authenticate (login) using a username/password with the POP, IMAP, or SMTP protocol. OAuth 2.0 requires the email client to launch a browser to display a HTML form provided by Google (which can do anything they want) , and then use a token that it returns.

This is not an issue of whether or not Thunderbird is implementing the latest version of SSL/TLS etc., they're basically saying they are trying to actively discourage people from using any email client that logins to Gmail using POP, IMAP or SMTP anymore. This appears to be another example of embrace, extend, and extinguish.

I haven't noticed anybody else that has run into this problem (where it wasn't due to password problem or logging in from a new device) yet. The help page states: "Go to Allow less secure apps and choose “Allow” to let less secure apps access your Google account. " I assume they're referring to a tab in the gmail webmail settings. I suggest you try that. Please let me know if that works around the problem

And in this case, you give your credentials to a third party called postfix. And because postfix doesn't (maybe won't) support OAuth, then GMail warns you.

The possible solution(s) came from this page by Martin Brinkmann

1. Enable Two-Factor Authentication for the account. Then generate one time password for postfix.
2. Change the "allow less secure apps" setting to enable. This allows them to connect to the account again.
3. Switch to a different service or program.

Related videos on Youtube

05 : 13

RESOLVED- Message Blocked Error Gmail Google Apps Script

Sanjeev Jain

83

00 : 50

Easy Fix MESSAGE BLOCKED On Gmail Resolve it in 45Seconds

Basil13

40

15 : 38

Configure Postfix to use Gmail as a Mail Relay on CentOS 7

itcircle

25

11 : 18

SMTP relay configuration With Gmail

ITSmartTraining

22

11 : 51

Install and Configure Postfix with Gmail SMTP for Perfect Mailing System

restoreBin - Digital Tech Simplified!

22

11 : 03

How to Configure Postfix with Gmail on Ubuntu

Tony Teaches Tech

21

09 : 37

How To Send Email Using Postfix Mail Relay Server With Gmail - Best For Nagios Alerts

Digital Avenue

5

02 : 33

DevOps & SysAdmins: Why does gmail block my postfix relay?

Roel Van de Paar

4

Author by

websterridge

Updated on September 18, 2022