continually being locked out by Gmail

LiamP · January 30, 2020, 9:50pm

Both the account I am sending FROM and the account I am sending TO are Gmail accounts.
Both Accounts have “Allow less secure apps” turned ON

I have used the following code as well as the Xojo Example app “SMTPSecureSocketExample” with the same results:

I get a ServerError of “Error: 535-5.7.8 Username and Password not accepted”

the gmail support site only recommends turning on the Allow Less Secure Apps.

Can someone please help.

thanks

[code]Dim oMail As EmailMessage
Dim i As Integer
Dim s As String
dim sMsg As String

sMsg = “test message body”

MailSocket.Address = “smtp.gmail.com”
MailSocket.Port = 587
MailSocket.ConnectionType = SMTPSecureSocket.TLSv1
MailSocket.SMTPConnectionType = SMTPSecureSocket.SMTPConnectionTypes.SSLTLS
MailSocket.Secure = True

MailSocket.Username = “***@gmail.com"
MailSocket.Password = "”

oMail = New EmailMessage
oMail.FromAddress = “*******@gmail.com”
oMail.AddRecipient("********@gmail.com")
'oMail.AddRecipient(oMember.sEmail1)
oMail.Subject = tfSubject.Text
oMail.BodyPlainText = sMessageFull
oMail.Headers.AppendHeader(“X-Mailer”,“SMTP Test”)

MailSocket.Messages.Append(oMail)
MailSocket.SendMail
[/code]

DerkJ · January 30, 2020, 10:13pm

MailSocket.ConnectionType     = SMTPSecureSocket.TLSv12

Try a newer tls version? I bet google isn’t using TLSv1(.0) anymore.

And you can also do:

MailSocket.SMTPConnectionType = SMTPSecureSocket.SMTPConnectionTypes.STARTTLS

To let the socket know you want TLS.

TimStreater · January 30, 2020, 10:51pm

[quote=473405:@Derk Jochems]MailSocket.ConnectionType = SMTPSecureSocket.TLSv12

Try a newer tls version? I bet google isn’t using TLSv1(.0) anymore.
[/quote]

Yes. See https://documentation.xojo.com/api/networking/sslsocket.html#sslsocket-sslconnectiontypes and use SSLv23.

Tomas_J · January 30, 2020, 11:10pm

Not really, SSL v2/v3 is considered as unsafe and must not be used. TLS 1.0/1.1 is considered as weak and shouldn’t be used either. Only TLS v1.2 and v1.3 are considered as safe and represent the current state of technology.

The host smtp.gmail.com accepts these protocols with ciphers:

[code]Non Weak’ cipher suites accepted by this service via the TLSv1.0 protocol:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA

‘Non Weak’ cipher suites accepted by this service via the TLSv1.1 protocol:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA

‘Non Weak’ cipher suites accepted by this service via the TLSv1.2 protocol:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384[/code]

Carlo_Rubini · January 30, 2020, 11:42pm

Try:

if MailSocket.port = 587 then
MailSocket.SMTPConnectionType = SMTPSecureSocket.SMTPConnectionTypes.STARTTLS
else
MailSocket.SMTPConnectionType = SMTPSecureSocket.SMTPConnectionTypes.SSLTLS
end if

DerkJ · January 31, 2020, 7:01am

Google will absolutely not use SSL. They require TLS and probably the newest 1.3, but Xojo doesn’t have that. So try tls v1.2

TimStreater · January 31, 2020, 9:34am

You didn’t read the link I provided, did you? Read that and understand why I suggested it.

Greg_O_Lone · January 31, 2020, 11:57am

No really, use SSLv23. While unfortunately named, this is actually negotiation mode and will start with the highest encryption available and work its way down to TLSv1 until it finds one that works.

LiamP · January 31, 2020, 4:54pm

using MailSocket.SMTPConnectionType = SMTPSecureSocket.SMTPConnectionTypes.STARTTLS

I get the following event log (from the SMTPSecureSocket Mailsocket):

Connection Established
535-5.7.8 Username and Password not accepted. Learn more at
535 5.7.8 https://support.google.com/mail/?p=BadCredentials h1sm3152357otm.34 - gsmtp
All Messages Sent - Complete
102

Using MailSocket.SMTPConnectionType = SMTPSecureSocket.SMTPConnectionTypes.SSLTLS

I get no results from the SMTPSecureSocket events and no email in my inbox

Carlo_Rubini · January 31, 2020, 11:51pm

Are you sure the password you are using is the code generated by google (Allow less secure apps) for your specific app?
In fact I do not have any problem either with 2step auth and Allow less secure apps, either with Google and other providers.

[code]
SMTPsock.address = trim(smtpFld.text)//“smtp.mail.yahoo.com”, “smtp.gmail.com” etc.
SMTPSock.port = val(portFld.text)
SMTPSock.username = userFld.text
SMTPSock.password = passFld.text//code gotten from Google/Yahoo etc.

if SMTPSock.port = 587 then
  SMTPsock.SMTPConnectionMode = 0//startls 
else
  SMTPsock.SMTPConnectionMode = 1
end if
SMTPsock.ConnectionType = SSLSocket.SSLv23
SMTPsock.secure = true

Dim mail as new EmailMessage
etc.[/code]