I am trying to send emails from Django using an email configured by Google Apps, my configuration at the settings.py file looks something like this:
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'contact#mydomain.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
When I try to send an email using:
from django.core.mail import send_mail
send_mail("Happy new year", "We wish you the best for 3001",
"contact#mydomain.com", ["someuser#gmail.com"])
I get the following error:
SMTPAuthenticationError:
(535, '5.7.1 Please log in with your web browser and then try again.
Learn more at
5.7.1 https://support.google.com/mail/bin/answer.py?answer=78754 k2sm758604obl.14')
Since I'm working on a remote server with no graphical user interface, I cannot even try to login from the browser.
Just go to
https://accounts.google.com/DisplayUnlockCaptcha
and click "continue". This is going to allow access from other servers.
I've been messing with this for a couple of hours within a cucumber/capybara/selenium test - discovered something stupid which will fix this error for good, guaranteed
The all too familiar error:
Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure) (Net::IMAP::NoResponseError)
As it turns out, there are TWO "Allow Less Secure Apps" toggles which need to be changed to allow logins from unknown devices/IMAP.
One here: https://myaccount.google.com/security?pli=1#connectedapps (bottom of the page)
And one here: https://www.google.com/settings/security/lesssecureapps
BOTH OF THESE GODFORSAKEN TOGGLES need to be changed to get rid of this error message.
edit: from user Milothicus (https://stackoverflow.com/users/3538026/milothicus): in myaccount.google.com, under 'Sign-in & Security', select 'Connected apps & sites'. this also has an option to 'Allow less secure apps'. after turning this one on, my server could now send me an automated email.
When I tried to access my account I was sent this email consisting of this link.
https://www.google.com/settings/security/lesssecureapps
You can turn-on then possibly turn-off after you've done testing.
I got the following response from Google Apps support:
You need to turn on your Outbound relay. To do this:
Log into your account at google.com/a/yourdomain.com
Click the Settings tab and then select Email in the left column.
In the Outbound relay section, select Allow users to send mail through an external SMTP when configuring a "from" address hosted
outside your domain.
Click Save changes.
They also provided a help link: http://support.google.com/a/bin/answer.py?hl=en&answer=176054
After turning on Outbound relay and using the proxy to login to the webmail one more time (thanks to #DaniloBargen and #joshcartme) the issue was resolved. I've read the link explaining what the Outbound relay is and I'm not really sure why would I need it (I don't believe I'm using an external SMTP server).
Since I'm not really sure this is what solved the issue I won't mark the response as accepted until I get some confirmation.
Set up an ssh tunnel to the server in question so that you could, from your home computer, log in to the gmail web client using the server's IP. You probably need to tunnel port 80 and port 443, maybe just 443. After logging in through the web client the problem should go away according to knowledge base article listed in the SMTPAuthenticationError.
Here's an example of how to set up the tunnel:
http://www.noah.org/wiki/SSH_tunnel#simple_port_forwarding_.28SSH_tunneling.29
Option #1 (this worked for me):
After getting the error Please log in with your web browser and then try again. Learn more etc. when trying to send email from my web application, I logged in to the email via browser from my local computer.
After I logged in, there was a yellow notification bar on top which asking me if I want to allow external application access my mail. I confirmed this and Google asked me to log in to the account from the application within the next 10 mins. This will white-list the application.
Option #2:
If Option #1doesn't work for you, try this: http://www.rocketideas.com/2012/05/gmail-error-password-not-accepted-from-server-solved/
etusm provided two locations to turn on less secure apps:
One here: https://myaccount.google.com/security?pli=1#connectedapps
(bottom of the page)
And one here: https://www.google.com/settings/security/lesssecureapps
both were turned on, but my headless server still couldn't send me an email. based on JohnPang's google+ recommendation, i found a third location where i had to allow access to less secure apps:
in myaccount.google.com, under 'Sign-in & Security', select 'Connected apps & sites'. this also has an option to 'Allow less secure apps'. after turning this one on, my server could now send me an automated email.
I found the solution at: https://support.google.com/accounts/answer/185833?hl=en and finally https://security.google.com/settings/security/apppasswords
If you are testing your project on a local machine, you should go to the latter link, and enable "Access for less secure apps".
Do you have two factor authentication enabled for the apps account ? Then you might need to use an application specific password for that application.
All of the above doesn't help in my case (weird). But this link might help you:
https://security.google.com/settings/security/activity
You can access it via Google Plus
Open Google+
Select "Security" from the top
Under "Recent activity" click "View all events"
You will see a list of "Unusual Activity"
It shows "Application / device sign-in attempt (prevented) Singapore" as I'm using AWS from Singapore
Click on "Change" > "Yes, that was me!"
Retry again. Done!
As of now (look at my post date) there is only one "Allow less secure apps" toggle in the Gmail account admin UI:
https://myaccount.google.com/u/0/security#connectedapps
It'll work from your local computer (Mac or PC) after that.
To allow access from Amazon EC2 (and I suspect other Cloud-located hosts), there is yet another flag to set in Google's never ending battle with spammers:
https://accounts.google.com/b/0/DisplayUnlockCaptcha
Recently, I have found that this issue can be resolved by confirming that the activity has originated from a request I initiated, by visiting Google Account
I had to confirm, under Security Events, that the suspicious activity was in-fact me, even though the originating server from where the request came from was cloud hosted, and therefore over 1000 km away. After clicking this step, and setting less secure apps, I was able to use getmail to retrieve my mail, over ssl using either imap or pop.
Just want to highlight Danilo Bargen's comment:
An easier way to connect to the other network using tunnels is to use a dynamic tunnel (ssh -D 6789 remotehost) and then to set localhost:6789 as SOCKS5-Proxy in Firefox. Then you are basically in the remote network with your browser and localhost is the remote host
Also I want to add that SOCKS Proxy method also works with Chrome. As a result you can log in with your local web browser as if you are on a server.
change your settings at https://www.google.com/settings/security/lesssecureapps so that your account is no longer protected by modern security standards.
This is occuring due to some apps are marked as less secure apps by google. So to use those apps, you need to give access for those apps. to do that follow http://www.codematrics.com/your-imap-server-wants-to-alert-you-to-the-following-please-login-via-your-web-browser-gmail/
Hope this will solve your issue.
In my case, when i tried to login to the google account via web, it asked me for a captcha. I entered the captcha and then the automation worked.
Related
I have signed up for Gsuite Essentials and attempted up upgrade to Gsuite Enterprise. I only have a single email address eg a#abc.com. I had already been using this account as a normal google account. (no gmail though).
I couldn't get the admin console to show the upgrade option, but found I needed to verify my domain. So I added the TXT record to my domain abc.com, which would then let me verify.
I could then log in to the admin console as a#abc.com and clicked on the upgrade option and completed the process. This then let my a#abc.com user have access to Gmail. I have not transferred any domain settings over to google, that is all still externally hosted.
I can now no longer log in to the admin console, it says that my a#abc.com account doesn't have the rights and I need to log in as the administrator. There is no other account linked to the Gsuite settings, so there is no other administrator. I can still log in to the normal google account and do the same functions as previous.
I have now removed the TXT record hoping that would cancel it out again.
How do I get access to the admin side again?
Side note: What I am mostly worried about is that I put my credit card details into the signup, but can't get into the admin page and can't contact any form of support. It is literally impossible to get support to use the serve I paid for.
First thing first, the txt records are a string for the only purpose to verify the ownership of the domain therefore deleting them won't change anything you only need this record for the verification process and once is done you can delete them.
As an example is like a text message sent to your mobile phone, if you delete the message nothing will happen right?
I tell you this so you won't more time on the domain DNS zone settings because the issue is not there and you won't solve the problem.
There may be few things that may have happened.
The first thing you should do is to navigate in an Incognito page, make sure that is the only incognito page that you have opened and log in with a#abc.com.
Try to run different test in incognito, the issue really looks like that you are logged in with multiple Google Accounts and when you go do admin.google.com it picks up the wrong one. That's why you should go in incognito.
EDIT
Use as reference this link Here.
Follow the steps in Paragraph 'I'm taking control from another admin' here the steps:
Go to the G Suite Essentials sign-up page.
2, Sign up using your email address at the domain you're verifying.
Use an address where you can get mail.
Follow instructions in the Setup Wizard to become the admin who manages G Suite Essentials for all users at your organization.
If this didn't solve the issue then you should contact the Google Support and they will tell you what happened.
The thing is that if you can't access the Google Admin you won't be able to contact the Google Support, hence you should follow this:
.1 Can't sign in to the Admin console: https://support.google.com/a/answer/6335621?hl=en
Unfortunately, nobody is responding to my support ticket so I think it's a problem needs someone with experience with sendgrid
the reproduction is simple:
did the Domain Authentication and Link Branding
Added all the necessary record to my DNS configs
All verified in SendGrid dashboard.
Tried sending an email and click on the link it gives me this
I think the issue might be that you that you use https links, but you don't have a "TLS pass-trough" set-up for them. It's really poorly explained on Sendgrid's branded links help page, but you can see a mention of it here. Basically you need something that will resolve TLS on your side and forward the request to sendgrid. It can be a proxy, as suggested on that help page, or i.e. a cloudfront distribution with a custom origin pointing to sendgrid and a certificate covering your branded link domain covered.
If you're using Cloudflare, I had luck following this guide in their documentation in order to get it to work. Sendgrid also recommends Fastly and KeyCDN.
The only drawback is you also have to contact customer support in order to request that SSL click and open tracking be enabled on your account.
If the destination link is http: and Chrome has Settings->Privacy->Advanced SSL warning switched on this happens as well. The url shortener url is https but the destination being http.
Give API Key its full access, follow steps:
Settings
API Keys
Edit API Key
Full Access
Update
Whitelist your domain, follow steps:
Settings
Sender Authentication
Domain Authentication
Select DNS Host
Enter your domain name
Copy all records and put them in your Advanced DNS management console
Add a branded link, follow steps:
Settings
Sender Authentication
Link Branding
Follow the steps on the screen
Copy all records and put them in your Advanced DNS management console
NOTE: When adding records, make sure not to have domain name in the host. Crop it out.
Now, I attach any http or https url in html_content like
html_content="<a href='https://www.python.org/'>Python</a>")
When I receive email, and click on the link, it loads perfectly.
This is the link generated - Python
I have searched for this and found answers that do not work in my case. I would appreciate some thoughts on this
I have set up a github page at: https://ir-ischool-uos.github.io/mwpd/
Some users reported that when they visit the page, an error about security is displayed, like this on Chrome:
- However, many users say it works ok for them.
I have found some sources say that this only happens if your link contains 'https' instead of 'http', but tested on two computers, one mobile phone and one tablet they both work fine. I also found source that say I should use GitHub page's https support, and I checked my setting this already is ticked.
Is there anything I can do to fix this for every user?
Thanks
This error could happen because of numerous of reasons. For example:
The server certificate (or at least one of the certificates in the chain of trust) is not among the trusted certificates that the browser/system maintains (maybe an outdated list?). Try to update the browser/system.
The date/time on the system is not configured correctly.
The connection is being intercepted (by an attacker?) and the certificate is manipulated, hence the SSL connection handshake process could not complete.
Your connection is not private error appears on websites using the SSL / HTTPs protocol when a browser is unable to validate the SSL certificate issued by the website.
Basically, any website using SSL / HTTPs protocol sends a security certificate information to users browsers upon each visit. Browsers then try to validate the certificate using the public key accompanying the certificate.
If it checks out, then users browser encrypts the data using the private key sent by your website. This encryption secures the data transfer between a user’s browser and your website.
I have checked it accross 3 different connections and they all worked just fine.
I believe the problem could be from the users. They may need to clear their cache, check if their clock is set correctly, their antivirus could be stopping it. And their browsers may be outdated.
What I will advice is just (https://support.github.com/contact). They could check to verify if this is an issue from the server or not.
But from what am looking at, this may be an issue with the user's device.
Also here are a few links you could refer and see if all settings on your own part are rightly set;
[1] https://github.com/docsifyjs/docsify/issues/236
[2] https://help.github.com/en/github/working-with-github-pages/securing-your-github-pages-site-with-https
[3] https://help.github.com/en/github/working-with-github-pages/troubleshooting-custom-domains-and-github-pages#https-errors
I hope this helps. Let me know!
If you are using a school/college wifi, most probably someone has your credentials and he/she is using it at the same time as you so basically when he/she is using the web you'll get this message, you should probably change your password or switch on VPN.
If the WiFi/other network used to access the website in question is a school or public network, some 3rd-party software used by it's administrator might be trying to prevent or override the connection to your website.
That might happen in order to display an error message (e.g. "Website access prohibited"), a captive portal (network login window), or just to watch the data being sent around.
Since you're using HTTPS it was prevented when the certificate check failed, because with HTTPS in place that software has no way of presenting it's own page or eavesdropping, other than creating it's own certificate with your website name in it on the fly. Which, of course, was rejected by the browser, since either the user didn't expect it, or, if it's indeed a school/company network, the PC wasn't properly enrolled for use on the said network.
Either way, there is no problem with your webpage itself. Because Github manages the server for your Pages, chances you could create something causing that problem yourself are pretty much zero.
Sometimes it happens because of the wrong IP/DNS settings. Checking the below places might help resolve the issue:
Make sure you are using a common public DNS server. How to check the DNS server you are using depends on your operating system. Moreover, if you are using a VPN client and it has a DNS configuration, check that setting too.
Check if there is an IP address associated with GitHub in the system's hosts file. In Linux and macOS you may use sudo vi /etc/hosts. If there is one, turn that line into a comment by adding # at the beginning of the line. Save, exit, and check if you see that error again. Do step 3 only if you are still getting the same error.
Go to https://www.ipaddress.com, search for github.io, and add its IP address at the bottom of /etc/hosts file like this example: 140.82.114.4 github.io.
Hope this helps.
I am trying to add a new member on my google-cloud project but i can't make it work.
The link inside the auto-generated email from google is well linking to the page where the user can confirm/decline the invitation inside a modal.
But when this user click "confirm" an error message appear inside the modal but disappear immediately - so quickly i can't read it. As a result i can never grant access to my project to this user.
In my browser debugger here is the error i can trace (some values are forged) :
"NetworkError: 400 Bad Request - https://console.developers.google.com/m/teams/acceptinvitation?xsrf=AFE_nuNg_V8394FDKjdfkjkjwKDFXDVg%3488T6J5783&authuser=1&action=accept&pid=apps~myproject-hosting&receive_updates=false"
This user has a custom domain which is a google-apps managed domain. I specify this because its the only kind of users we cannot invite to the project.
No problem for adding users with #gmail account.
From the google-cloud documentation i can read this :
If you are using a Premier or Google Apps domain, the administrator for your domain should first create the Google account from within the Users panel of your Admin Console.
I don't understand this sentence as my user is off-course already listed in my domain.
This might be expected behavior from the App Engine. I know that once you link you application to a specific domain via Google Apps, it becomes very hard to add people from outside that domain to your application.
I know that you can create a google group, enable "out-of-domain" members to that group. Then you can add that group to your project. Then you can add his email to the group, which should give him access to the project.
Only caveat here is that, if your domain is google.com, you will not be able to use this workaround, and this may require help from support.
Well i finally did it.
Google seems to have fixed the flashing error message making it impossible to read.
Now it display something like this : "Contact your administrator to enable AppHosting admin on your account".
This is done has follow :
Login to your main google-app account on http://admin.google.com
Go to "App"
Go to "Additional Google services"
Enable "Google Developers Console" for everyone
Now my user can be invite to the google-cloud project.
I need my application to be able to log on to Gmail and send email on behalf of the user. The user supplies credentials. However, when I do so I get this message from Gmail:
Subject: Google Account: sign-in attempt blocked
Hi Jessica,
We recently blocked a sign-in attempt to your Google Account [...].
...
If this was you you can switch to an app made by Google such as Gmail
to access your account (recommended) or change your settings at
https://www.google.com/settings/security/lesssecureapps so that your
account is no longer protected by modern security standards.
I would like my app to "protect users by modern security standards" but nowhere do I find any data on what "modern security standards" means in this context. The app uses SSL, user name and password.
The app works if you do click the link, but I really don't want my users to have to click the "lesssecureapps" link, though if that is the only option, so be it. But I'd rather modify my app to be compliant with what Gmail needs. However, nowhere does it say what I am missing.
Any help please? I want to do the right thing.