mmb Posted March 4, 2022 Posted March 4, 2022 (edited) @Michel Kohanim@GeddyGoogle has informed me by email that less secure apps will no longer be allowed to use Google SMTP beginning May 2022. I currently use Google's SMTP with the ISY and it works perfectly. I'm testing smtp-mail.outlook.com on Polisy and it works perfectly. However, the same Outlook settings on the ISY actually causes a crash of the ISY itself (complete restart). smtp-mail.outlook.com smtp port 587 Timeout 2,000 ms Enable TLS checked (Outlook actually says to use Starttls) Userid/PW the same in both the ISY/Polisy Are the mailers in both systems the same or perhaps are the libraries different on Polisy and the ISY that would cause this difference in behavior? I have other options for SMTP but I thought it would be worth asking as I can't be the only one being advised of the demise of Google'sless secure apps. Thanks in advance! Edited March 4, 2022 by mmb
DennisC Posted March 4, 2022 Posted March 4, 2022 41 minutes ago, mmb said: @Michel Kohanim@GeddyGoogle has informed me by email that less secure apps will no longer be allowed to use Google SMTP beginning May 2022. I currently use Google's SMTP with the ISY and it works perfectly. I'm testing smtp-mail.outlook.com on Polisy and it works perfectly. However, the same Outlook settings on the ISY actually causes a crash of the ISY itself (complete restart). smtp-mail.outlook.com smtp port 587 Timeout 2,000 ms Enable TLS checked (Outlook actually says to use Starttls) Userid/PW the same in both the ISY/Polisy Are the mailers in both systems the same or perhaps are the libraries different on Polisy and the ISY that would cause this difference in behavior? I have other options for SMTP but I thought it would be worth asking as I can't be the only one being advised of the demise of Google'sless secure apps. Thanks in advance! I received the same notice. I would like to continue using gmail. Will the following from the Wiki work: Configuring gmail Account Optional: Configuring (unique) App Password (required If you have e 2-Step Verification turned on) Go to Account from the Google apps list of apps Click on Security in the list on the left and scroll down to App passwords Click on Select App and Select Other (Custom Name) Enter ISY (or any other identifier) Click on Generate This will create a unique 16 character password, save it and use it below instead of the primary account password. Configuring for Use with gmail Make sure you have configured your gmail Account (see above) Go to Admin Console | Configuration tab | Emails/Notifications Under SMTP Settings ensure Use Default is Not checked For SMTP Server enter smtp.gmail.com For SMTP Port enter 587 For User ID enter the username associated with your gmail account (e.g. abc@gmail.com) For Password enter the password associated with your Account For From you can leave it blank. If your service allows it, you can add a display name ensuring the format follows First-Name Last-Name:Email-Address" Make sure TLS is checked For timeout, 5000 (or more) Click on the Save button Test 3 1
mmb Posted March 4, 2022 Author Posted March 4, 2022 (edited) 3 hours ago, DennisC said: I received the same notice. I would like to continue using gmail. Will the following from the Wiki work: I'll look into it, thanks! Update, I created a new Gmail account and turned off less secure apps and turned on two factor then generated a new password. That worked, thanks! I still need to know what's up with outlook.com's smtp... Edited March 4, 2022 by mmb
DennisC Posted March 5, 2022 Posted March 5, 2022 5 hours ago, mmb said: I'll look into it, thanks! Update, I created a new Gmail account and turned off less secure apps and turned on two factor then generated a new password. That worked, thanks! I still need to know what's up with outlook.com's smtp... @Michel Kohanim, Can you confirm that this method will continue to work when Google makes the change in Gmail effective?
Michel Kohanim Posted March 7, 2022 Posted March 7, 2022 @DennisC, It depends on the change. As long as they support client keys, it should work. With kind regards, Michel
Geddy Posted March 8, 2022 Posted March 8, 2022 @DennisC and @mmb - personally I would say the change shouldn't impact the operation of the Gmail account, but as @Michel Kohanim says it depends on the final change. I've been running with Gmail since I got the ISY. I haven't made the change to IoP yet so can't confirm there. But I have always had 2-Step Verification on and an app specific password. I didn't get a notice (probably because of that fact). When I go to look for the "Less Secure Apps" section in security I get this notice: So my guess would be if you use Gmail with 2-Step Verification and have an app-specific password you should be able to continue using. Now... @mmb for your question about Outlook.com...can't help on that. I've never tried using Outlook.com servers. And my current setup ain't broke so don't want to temp fate and make any changes. Maybe before I migrate to IoP I'll give the Outlook settings a try. I have 2FA setup there as well so that will need an app specific pass also (for me anyway). If you can't get by using the Gmail with app-specific pass and need to use Outlook perhaps open a support ticket for them to check the logs when the IoP is crashing.
mmb Posted March 8, 2022 Author Posted March 8, 2022 3 hours ago, Geddy said: Now... @mmb for your question about Outlook.com...can't help on that. I've never tried using Outlook.com servers. And my current setup ain't broke so don't want to temp fate and make any changes. Maybe before I migrate to IoP I'll give the Outlook settings a try. I have 2FA setup there as well so that will need an app specific pass also (for me anyway). If you can't get by using the Gmail with app-specific pass and need to use Outlook perhaps open a support ticket for them to check the logs when the IoP is crashing. Thanks @Geddy, Gmail is working fine with the new 2FA bypass userid and pw. I'd be very careful using Outlook.com's smtp in the ISY as it crashes the device hard and getting proper smtp settings back to something useful was not trivial. I actually tested again just now and it indeed crashes hard and there are no log files and nothing in the Event Viewer. The same settings work fine on Polisy.
brians Posted March 8, 2022 Posted March 8, 2022 Since upgrading to Polisy a month or two ago, I just left the STMP Use Default and has been working. I thought UD got rid of this before because of spam. Should I add my gmail back in?
Geddy Posted March 8, 2022 Posted March 8, 2022 12 minutes ago, mmb said: The same settings work fine on Polisy. So when you say it's crashing it's crashing the (old) ISY994i device? Not the ISY on Polisy process? Hope you were able to clear it out and get the "proper" SMTP settings back in easier this time. Thanks for testing them again. I think I'll certainly steer clear if it's on the 994 device. Can't have that crashing on me! Just one reminder...if it's an extra Gmail account (only for sending ISY notifications) it is a good idea to log in at least once a quarter (every 3 months) so they don't deactivate it for inactivity. I forget what Google set their timeframe too, but I know they've been adjusting their requirements for such "dummy" accounts that just send the same messages over and over. 1 minute ago, brians said: I thought UD got rid of this before because of spam The default mail process was fixed in 5.3.4 (or maybe just prior) for the 994 devices. I would expect it to work as intended in IoP. But, it does always have the potential for issues, so it's good to have a backup plan to switch to in case. Or to take some traffic off the UD servers depending on your notification load. I know @MrBill, and others, suggests the Notification node server and the Pushover app for mobile notifications rather than email alerts. It's all in personal preference.
mmb Posted March 8, 2022 Author Posted March 8, 2022 8 minutes ago, Geddy said: So when you say it's crashing it's crashing the (old) ISY994i device? Not the ISY on Polisy process? Hope you were able to clear it out and get the "proper" SMTP settings back in easier this time. Thanks for testing them again. I think I'll certainly steer clear if it's on the 994 device. Can't have that crashing on me! Just one reminder...if it's an extra Gmail account (only for sending ISY notifications) it is a good idea to log in at least once a quarter (every 3 months) so they don't deactivate it for inactivity. I forget what Google set their timeframe too, but I know they've been adjusting their requirements for such "dummy" accounts that just send the same messages over and over. The default mail process was fixed in 5.3.4 (or maybe just prior) for the 994 devices. I would expect it to work as intended in IoP. But, it does always have the potential for issues, so it's good to have a backup plan to switch to in case. Or to take some traffic off the UD servers depending on your notification load. I know @MrBill, and others, suggests the Notification node server and the Pushover app for mobile notifications rather than email alerts. It's all in personal preference. @Geddy the Outlook.com smtp is crashing the old ISY994 device, it's fine on the Polisy. Proper smtp settings are a challenge to get back on the ISY994 unless you do a complete power down (I discovered), otherwise you get repeated crashing. I didn't know about the Gmail account authentication so I'll be sure to do that, thanks. I'll check into Pushover, thanks again. 2
MrBill Posted March 8, 2022 Posted March 8, 2022 1 hour ago, mmb said: The same settings work fine on Polisy. What is the timeout set on 994 vs polisy? I'd suggest increasing as high as 10,000 (10 seconds). the 994 is a much slower machine thus encryption/decryption takes longer. Also always check the ISY error log for clues about email failures. finally, one more word... the test messages show up in your spam folder even if program generated messages don't.
mmb Posted March 8, 2022 Author Posted March 8, 2022 45 minutes ago, MrBill said: What is the timeout set on 994 vs polisy? I'd suggest increasing as high as 10,000 (10 seconds). the 994 is a much slower machine thus encryption/decryption takes longer. Also always check the ISY error log for clues about email failures. finally, one more word... the test messages show up in your spam folder even if program generated messages don't. Thanks I increased it to 2 seconds but I’ll leave it with gmail for now as during a couple of the reboots I didn’t think it was going to come back properly. The error and crash seems to occur on smtp Save/Test so nothing is written to the error log and the log file is just startup info after the reboot. I had the event viewer running but the user interface freezes when the ISY994 crashes which forces you to terminate the interface java process.
DennisC Posted March 8, 2022 Posted March 8, 2022 (edited) 6 hours ago, Geddy said: @DennisC and @mmb - personally I would say the change shouldn't impact the operation of the Gmail account, but as @Michel Kohanim says it depends on the final change. I've been running with Gmail since I got the ISY. I haven't made the change to IoP yet so can't confirm there. But I have always had 2-Step Verification on and an app specific password. I didn't get a notice (probably because of that fact). When I go to look for the "Less Secure Apps" section in security I get this notice: So my guess would be if you use Gmail with 2-Step Verification and have an app-specific password you should be able to continue using. The message I received is different, it starts with: "You may lose access to some of your third party apps... On May 30, you may lose access to apps that are using less secure sign-in technology" Hopefully, when I make the change all will be good. Edited March 8, 2022 by DennisC Correction
Geddy Posted March 9, 2022 Posted March 9, 2022 2 hours ago, DennisC said: Hopefully, when I make the change all will be good. Watch out for those apps! That message (and somewhat the other one) is specific to apps that use just the Google User/Pass. I think with 2-step authorization they consider the app specific password safe enough alternative that they will allow it. I think it's more geared toward things like Scan to email (like some HP printers can do) since it typically uses your default user/pass combination. If you have it setup with app specific password or have "Sign in with Google" maybe you'll be alright. I haven't received any such notice, but I've had 2-step authorization setup for a very long time. So I'm hoping that it wouldn't impact the setup. We'll know April 1st (great day to get hosed!). I'd check more on this page from Google: https://support.google.com/accounts/answer/6010255 The fixes they list include specifically having an app specific password is allowed. HA! Just noticed that my "backup codes" are from 2011. That must have been when I first activated 2FA process for my primary account.
DennisC Posted March 9, 2022 Posted March 9, 2022 2 minutes ago, Geddy said: Watch out for those apps! That message (and somewhat the other one) is specific to apps that use just the Google User/Pass. I think with 2-step authorization they consider the app specific password safe enough alternative that they will allow it. I think it's more geared toward things like Scan to email (like some HP printers can do) since it typically uses your default user/pass combination. If you have it setup with app specific password or have "Sign in with Google" maybe you'll be alright. I haven't received any such notice, but I've had 2-step authorization setup for a very long time. So I'm hoping that it wouldn't impact the setup. We'll know April 1st (great day to get hosed!). I'd check more on this page from Google: https://support.google.com/accounts/answer/6010255 The fixes they list include specifically having an app specific password is allowed. HA! Just noticed that my "backup codes" are from 2011. That must have been when I first activated 2FA process for my primary account. The account in question is dedicate to my ISY. It is used for nothing else. I have an account for each house. The only thing accessing the account is ISY to send notifications. I only go in to account 2 or 3 times a year.
Recommended Posts