[Users] OAUTH2 Authorisation Status
lists
lists at lazygranch.com
Sat Apr 2 14:24:01 UTC 2022
In the US there are HIPAA "compliant" email vendors but based on your spelling you are not in the US.
You can get a VPS for about $5 a month and run your own server. Getting your email accepted is another story.
I am on Digital Ocean and Spectrum has a policy of not accepting any email from DO. So far they don't do this with Linode, AWS, etc.
Other than Spectrum I have no issues. AT&T requires a static IP from a VPS that they whitelist which isn't an issue other than you have to contact them once to get on the approved list.
One big advantage to running your own email server is you can use geolocation to limit the access to your account. For example on my server the only port open to the world is 25. I have the server set up to use 587 so there is no auth on 25. I can only retrieve and submit email from specific countries. I also block the IP space from hosting companies, VPSs other than my own IP, etc. I have greatly reduced the attack surface.
Case in point. When I used hosted services I was hacked from Morocco. I am sure it is a fine country but I don't live there and don't see the need to be able to change my password from that country. In the case of that hosted service there was an exploit in RoundCube and I don't use a browser for email. This hack was the breaking point for me and I have self hosted ever since it happened except for that brief moment when I used the HIPAA service.
The only way to change my email server is via SSH using PKI. There is no web access to make changes.
This sounds like a lot of work but really once it is set up there isn't much to to other than update the server. I host my own websites as well.
Original Message
From: bernard.moreton at gmail.com
Sent: April 2, 2022 1:48 AM
To: users at lists.claws-mail.org
Subject: Re: [Users] OAUTH2 Authorisation Status
Has anyone managed to get a successful (ie. stable) Production publishing status?
Changing codes every 7 days is not sustainable; nor is every 30 days.
Google used to have a refresh code, which presumably would need activating on request; but that seems to have dropped out of the picture ... ?
For me, freedom is more important than google, despite the pains that changing email addresses will cause.
Recommendations for reliable providers would be welcome, if we can't get reasonableness out of google!
"Do no evil"??? - they were a white knight, once ...
Sad, but best, wishes,
Bernard
On Thu, 31 Mar 2022 09:12:54 +0100
Wishful Thinking via Users <users at lists.claws-mail.org> wrote:
> Hi All,
>
> I've been using Claws with OAuth2 enabled successfully for the last 7 days.
>
> This morning it reported an Error condidtion, and (from the log) that:
>
> [quote]
> * OAuth2 obtaining access token using refresh token
> * OAuth2 access token not obtained
> * OAuth2 access token not obtained
> * Account '********@gmail.com': Connecting to POP3 server: pop.gmail.com:995...
> [endquote]
>
> So I can confirm what is suggested in the FAQ,
> https://www.claws-mail.org/faq/index.php/Oauth2
>
> [Note 3: " Regarding "Publishing status"" ... that is, that Authorisation with Testing
> Status apparently only lasts for seven days. ]
>
> FWIW, I discovered the way round it is to get another Authorisation Code, so maybe all is
> well, for the next 7 days...
>
> Has this been others' expeerience, please?
>
> Kind Regards,
> Rosemary Lockie
> _______________________________________________
> Users mailing list
> Users at lists.claws-mail.org
> https://lists.claws-mail.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users at lists.claws-mail.org
https://lists.claws-mail.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list