From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id BE763158091 for ; Fri, 3 Jun 2022 08:54:04 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0B261E08A2; Fri, 3 Jun 2022 08:53:57 +0000 (UTC) Received: from mail-gw.thundermail.uk (mail-gw.thundermail.uk [149.255.60.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 6F36AE0875 for ; Fri, 3 Jun 2022 08:53:55 +0000 (UTC) Received: from mailgw01.thundermail.uk (mail-gw.thundermail.uk [149.255.60.66]) by mail-gw.thundermail.uk (Postfix) with ESMTPS id BA3D36000201 for ; Fri, 3 Jun 2022 09:53:54 +0100 (BST) X-ASG-Debug-ID: 1654246434-0554135d9457f2060001-LfjuLa Received: from cloud220.unlimitedwebhosting.co.uk (cloud220.unlimitedwebhosting.co.uk [149.255.60.183]) by mailgw01.thundermail.uk with ESMTP id 69K6nH1Vnu25gDam (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Fri, 03 Jun 2022 09:53:54 +0100 (BST) X-Barracuda-Envelope-From: confabulate@kintzios.com X-Barracuda-Effective-Source-IP: cloud220.unlimitedwebhosting.co.uk[149.255.60.183] X-Barracuda-Apparent-Source-IP: 149.255.60.183 Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa [217.169.3.230]) by cloud220.unlimitedwebhosting.co.uk (Postfix) with ESMTPSA id 30014C74EDA for ; Fri, 3 Jun 2022 09:53:53 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kintzios.com; s=default; t=1654246433; bh=Ajo2nvYSHmcxw4ChZ9YbN0lnD+9xxCqynw9d00A9Fkw=; h=From:To:Subject; b=WjEFul8bMY3/hCzST5cfIKePOvbKmBj6nzTFJv0xZPPeO5FR9NxcGPhJLXOUAfvha yRWN+pMVZicP39Rw4gnV5yssno/vlk+V18+SX8WMlRF+ocZS2wlkp/KIPOzELbPB0h 1y/UySLCNDoq9wDHmsizENKGXQsF7DFjf4sZN6gk= From: Michael To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Seamonkey automatic email download after switch to Oauth2 Date: Fri, 03 Jun 2022 09:53:22 +0100 X-ASG-Orig-Subj: Re: [gentoo-user] Seamonkey automatic email download after switch to Oauth2 Message-ID: <8074927.T7Z3S40VBb@dell_xps> In-Reply-To: <33106514-ceee-9041-88de-aed91f414a10@gmail.com> References: <33106514-ceee-9041-88de-aed91f414a10@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart10092301.nUPlyArG6x"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-PPP-Message-ID: <20220603085353.3536738.17391@cloud220.unlimitedwebhosting.co.uk> X-PPP-Vhost: kintzios.com X-Barracuda-Connect: cloud220.unlimitedwebhosting.co.uk[149.255.60.183] X-Barracuda-Start-Time: 1654246434 X-Barracuda-Encrypted: ECDHE-RSA-AES128-GCM-SHA256 X-Barracuda-URL: https://149.255.60.66:443/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at thundermail.uk X-Barracuda-Scan-Msg-Size: 2938 X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=1.9 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.98453 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-Archives-Salt: 12300495-aa8a-40ad-bfc3-9d795486a583 X-Archives-Hash: 1b091877ecd18230b8bb90bb40762bc3 --nextPart10092301.nUPlyArG6x Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Michael To: gentoo-user@lists.gentoo.org Date: Fri, 03 Jun 2022 09:53:22 +0100 Message-ID: <8074927.T7Z3S40VBb@dell_xps> In-Reply-To: <33106514-ceee-9041-88de-aed91f414a10@gmail.com> References: <33106514-ceee-9041-88de-aed91f414a10@gmail.com> On Friday, 3 June 2022 02:45:11 BST Dale wrote: > Howdy, > > Early this morning Seamonkey could no longer fetch emails. It wouldn't > accept the username and password. I did some searching and it seems > that Google is disabling plain text username and password. Honestly, > sounds like a good idea really. During my searches, most recommended > OAuth2 so I switched to it. Err ... perhaps not? The use of a browser to delegate sign on is not necessarily a good idea, because it introduces layers of complication and with it potential vulnerabilities. Random explainer here: https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611 I recall some IMAP4 devs complaining about it, but Google pushed on regardless. From the end of May if you want to login to Gmail you have no option but to use OAuth2. I expect this will break some users login if they have not disabled what Google calls "Less secure application access" and shared with Google their mobile phone number and what other *private* information Google wants to know, before it allows you to access your email messages. > After a while, I noticed it wasn't downloading new emails > automatically. I have it set to check for new messages every 10 minutes > or so. I had to hit the Get Msgs button each time. I'd prefer it to do > it automatically. I tried restarting Seamonkey and even changing the > settings for doing it automatically, in case a config file needed > updating after the switch, still doesn't do it automatically. I'm > attaching a screenshot of the settings. > > Does using OAuth2 disable automatically fetching messages or am I > missing some other setting? It worked fine until I switched to OAuth2 > so I don't know what else it could be. Is there something better than > OAuth2 that gmail supports? I just picked the first option I found. > > Thoughts?? The OAuth2 mechanism will refresh exchange of tokens between client and server when they expire, but this should be seamless and transparent to the user. If there is a breakdown in the connection for some time and a token expires, then depending on the mail client it may pop up a window asking for your login credentials to be resubmitted. It does this occasionally on Kmail, but I have not noticed it on T'bird, which I believe is similar/same to the mail client of Seamonkey. Checking for emails every so often on a timer, is separate to authentication/ authorization. Whether you check for email manually, or after a timer triggers it, OAuth2 will kick in on each occasion as the next step. There may be some bug in Seamonkey. You could try a later version or try T'bird. If that works with the same settings, but Seamonkey doesn't, then by a process of elimination the issue would be with Seamonkey's implementation. HTH. --nextPart10092301.nUPlyArG6x Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXqhvaVh2ERicA8Ceseqq9sKVZxkFAmKZzAIACgkQseqq9sKV ZxlWmg//Z5mL5xoH0tUe6Hh/EvkCYI36ye7J7fjYhhNz03hfk+ECXA0PDSg0m3K+ /WoG+6P1FKrMxO6WvYkazfUP1PGFJ4aGDt6DeptgRtFoCzUiNMAcSRSDYvqpgmFl 9esZ4+Vg25zSXqiMojq2H4oCTD+VdfMl+vIudVubIAxJt0H/zYwCntKPY3iRBBZd We27UAf8+q0JS8Hsg7eSgQPdpEeVI81h4cpxMCsMMoeNno7g9Wtc4nFLyUQQp4Fw 8yVkJ/r5oUWftCh98x211K9w1OERPL6I+OKyIJ+fWHKDlf/KDkQI2lSp/PA4mGJt nWh4Q5XBLoj6OUyVvPSlICA06tE562DxQJNnyLZa0Wf9V0gtk54pqsbm8MSP+k9Z +jz8ecJePH4E7YUMdZJxd2LatnD0aRjA2Msg/jOLCyUyIvyG2HCNf93P1GvcmWeV nuHEiYUM+8Djnm3MlFdsXW0tVoWHrZ5jVLuHYvoc5kOySZvvgxNdf5OvF/ACxiqU UGBEnR1gAlbGOlJr5aoE6P/SDzJgH0+1RZR+ipZC17XErlZ8KFmS38zFokmI/cRh hj2M+XEjoK/wYIsjv2pTlulOs98zwjo2/+XrBz6UIcE3VBwJ+WFLwNFv6Cc4LvkZ KPYZw2eyi81s9UrcKVu9gF20ga9qVmzSVFEhj9ppSJXM42nu+Vw= =wv5S -----END PGP SIGNATURE----- --nextPart10092301.nUPlyArG6x--