• PRODUCT

    PRODUCT

  • PRICING
    PRICING

  • HELP
    HELP

  • BLOG
    BLOG

  • APPSTORE
    APPSTORE

  • COMPANY
    COMPANY

  • LEGAL
    LEGAL

  • LOGIN
    LOGIN

  • GSuite and IMAP


  • GSuite and IMAP


  • Syncing your email using IMAP can get tricky. Here we explain our journey through two scenarios.

    NOTE: a bad actor could still use email forwarding to gain access to infomation.

    MFA turned off

    With just the email/password combination, and standard TLS

    host: 'imap.gmail.com',

    port: 993,

    tls: true

    We got the following error:

    Error: Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)] type: 'no', textCode: 'ALERT', source: 'authentication'

    The reason could be either:

    • IMAP access is turned off
    • App Password
    • allow less secure apps to access your account.
    • Display Unlock Captcha

    An email was also sent to the mailbox:

    Subject: Review blocked sign-in attempt

    From: Google

    Body:

    Review blocked sign-in attempt,

    Google just blocked someone from signing into your Google Account xxxr@gmail.com from an app that may put your account at risk.

    Less secure app

    --access date--

    --access location--

    Don't recognize this activity?

    If you didn't recently receive an error while trying to access a Google service, like Gmail, from a non-Google application, someone may have your password.

    LINK TO CHANGE PASSWORD, ETC.

    Are you the one who tried signing in?

    Google will continue to block sign-in attempts from the app you're using because it has known security problems or is out of date. You can continue to use this app by allowing access to less secure apps, but this may leave your account vulnerable.

    From the email, it seems like we would need to allow less secure apps to access your account. This option is at:

    https://myaccount.google.com/lesssecureapps

    However, it also looked like IMAP access was turned off.

    Enabling IMAP

    That was the first attempt, and did not solve the problem.

    allow less secure apps to access your account

    When we turned this option on, an email was immediately sent:

    From: no-reply@accounts.google.com

    Subject: Access for less secure apps has been turned on

    Body:

    Access for less secure apps has been turned on

    You recently changed your security settings so that your Google Account xxx@gmail.com is no longer protected by modern security standards.

    Please be aware that it is now easier for an attacker to break into your account. You can make your account safer again by undoing this change here, then switching to apps made by Google such as Gmail to access your account.

    Don't recognize this activity?

    Review your recently used devices now.

    And that did the trick. From that point on, the IMAP service worked fine.

  • Izyware Blog
    Izyware Blog