On Fri, Feb 03, 2023 at 04:17:53PM +0200, Georgi Guninski wrote: > On Fri, Feb 3, 2023 at 4:08 PM Dima Pasechnik <dimp...@gmail.com> wrote: > > > > gmail still supports application passwords, so one can still bypass 2FA for > > sending/receiving mail to/from gmail. > > > > my previous message in this thread was sent from mutt+postfix. > > > > I love this, is it document somewhere? > I tried mutt with `imap` but couldn't make it work.
Yes, it's mutt+imap for reading, and locally installed postfix for
sending. This is being run on a more or less up to date Gentoo laptop.
(deleting messages from gmail might not work with my setup any more, it's a bit
iffy, as gmail deviates from normal imap here - but it's fixable)
in .muttrc I have a setup for several imap/email servers:
######################################################################
macro index <f2> '<change-folder>imaps://imap.gmail.com<enter>'
folder-hook 'gmail.com' 'source ~/.mutt/account.gmail'
macro generic "<esc>2" ":set from=dimp...@gmail.com"
macro index <f3> '<change-folder>imaps://foo.bar<enter>'
folder-hook 'foo.bar' 'source ~/.mutt/account.foobar'
...
set reverse_name=yes
alternates <username>@gmail.com$ b...@foo.bar$ #...
# to select what mailbox/From: I want.
set use_from = yes
set envelope_from ="yes"
set mime_forward=yes
set sendmail="/usr/sbin/sendmail -oem -oi" # sendmail is actually postix
unset imap_passive # Don't wait to enter mailbox manually
set imap_check_subscribed
set mail_check=300
set timeout=10
# keep a cache of headers for faster loading (1.5.9+?)
set header_cache=~/.hcache
# Display download progress every 15K
set net_inc=15
....
######################################################################
In .mutt/account.gmail I have
######################################################################
# Automatically log in to this mailbox at startup
set imap_user=<username>
set imap_pass=<app. password>
unset record
set spoolfile="imaps://imap.googlemail.com/INBOX"
set folder="imaps://imap.googlemail.com"
set postponed="=Drafts"
set from="<username>@gmail.com"
macro index,pager d "<save-message>=[Google<quote-char>
Mail]/Trash<enter><enter>" "Trash Message"
######################################################################
To generate <app. passwrd>, go you your Google account
settings->Security, and scroll to "Signing in to Google" to locate
"application passwords" menu, where you can generate new ones etc.
I have created one for imap, and one for postfix.
So this is all good for email reading etc; for sending I set up
postfix (probably built-in mutt's sending thing will work too, but I
didn't like it back then, as it's slow, and you have to wait for the
transaction with google's smpt server to complete). Postfix does proper
sendmail queing, sending in backgroud, etc. And it's nice to have a
working sendmail for sending from scripts etc...
For postfix, here is /etc/postfix/main.cf
#####################################################################
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters (the following 2 files are absent):
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
myhostname = <whatever> # FIX THIS TO A REAL VALUE (same as in /etc/mailname)
myorigin = /etc/mailname
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = /etc/mailname, <FIRST PART OF myhostname>,
localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtp_use_tls=yes
smtp_tls_security_level = may
smtp_tls_loglevel = 2
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
sender_dependent_relayhost_maps= hash:/etc/postfix/sender_relay
smtp_sasl_mechanism_filter = ntlm,login,plain
compatibility_level = 2
###################################################################
now, it remains to specify /etc/postfix/sasl_passwd
###################################################################
smtp.gmail.com <username>:<app. password>
smtp.foo.bar baz:SECRET_FOO_BAR
....
## for some smtp servers, one needs 'b...@foo.bar' as username, not
## just 'baz'
###################################################################
and /etc/postfix/sender_relay
###################################################################
<username>@gmail.com [smtp.gmail.com]:587
b...@foo.bar [smtp.foo.bar]:587
...
###################################################################
Dont't forget to run postmap to generate their hashes (*.db files)
If I recall right, I don't need to touch postfix's master.cf.
I also have
$ cat /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
which might be needed. One more catch: at different locations gmail
uses different names for folders such as Drafts, Trash (but this is easy
to figure out)
I'd be glad to help further with it.
Dima
--
You received this message because you are subscribed to the Google Groups
"sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to sage-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/sage-devel/Y90zhiHw4e/NgpWQ%40hilbert.
signature.asc
Description: PGP signature
