If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#31
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
"VanguardLH" wrote in message ... Live wrote: Otherwise, someone that knows more about POP, IMAP, and SMTP might identify which commands would reveal what e-mail client connected to the server. The headers of Stewart's post say X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 That's a header added for posts submitted via NNTP to a Usenet provider. Eternal-September that Stewart uses is a Usenet provider, not an e-mail provider. That is obviously a header to identify the *NNTP* client used to compose the post. You won't find the header, if any, in Stewart's posts submitted here in Usenet. This is Usenet, not e-mail. I was requesting someone that uses OE as their *e-mail* client do a test to see if OE adds an *e-mail* header that identifies his client (OE). I use Windows Mail as my e-mail client on vista and I see the header X-Mailer: Microsoft Windows Mail 6.0.6002.18197 That's not Outlook Express, is it. |
Ads |
#32
|
|||
|
|||
Windows Live Mail a less secure app?
winston wrote:
VanguardLH wrote: I was requesting someone that uses OE as their *e-mail* client do a test to see if OE adds an *e-mail* header that identifies [that client]. X-Mailer: Microsoft Outlook Express 6.00.2900.5931 Thanks for the update. Odd that Google thinks Outlook, WLM, and Thunderbird are less secure than Outlook Express when Outlook Express doesn't support TLS (unless SSL is enabled and port 25 is used). I'm not sure Google's definition of "less secure" has anything to do with transmission encryption. The same POP, IMAP, and SMTP commands are sent by every e-mail client so that cannot be a measure of "less secure". Someone mentioned that maybe Google is just trying to push their own products while nuisancing users of non-Google apps, and that seems more and more to be Google's most likely intent. If so, that would explain why they would target the e-mail clients that produce the greatest desktop e-mail volume (most e-mail traffic is from web apps). Google doesn't define "less secure". If they did then maybe we users of their service could figure out how to secure them; however, if all Google uses is the name of the e-mail client than nothing done to the e-mail client will satisfy Google's check on the e-mail client accessing their service. Without Google actually declaring what are their rules to determine what is and is not secure, all we can do is guess. My guess that Google was looking at a header to identify the e-mail client, and that the absence of any such header makes Google blind to the e-mail client, is wrong. We'll have to come up with other guesses as to Google's non-disclosed rules on secure or not. I can understand why an e-mail provider doesn't fully explain their anti-spam measures since they don't want to assist spammers in circumventing the filters. There is no good reason why Google would not detail on what criteria they base their judgment that an app is secure or not. A likely reason is to surreptitiously push users to Google's products. Perhaps if lots of users sent feedback on Google's deliberate ambiguity in describing this option then Google might make it more clear on how they judge an app as secure or not. https://support.google.com/accounts/.../6010255?hl=en Click on "Not helpful at all" and leave some text saying you want clarity in how Google determines if an app is secure or not. |
#33
|
|||
|
|||
Windows Live Mail a less secure app?
VanguardLH wrote:
winston wrote: If July '14 then ... then it must not be default Disabled. Correct. "not be default Disabled" is "Enabled by default" (so less secure apps ARE allowed). A visit to the Google web mail UI didn't prompt I not sure if it was an an interstitial page during webmail login or perhaps it was something they showed as a blurb in the webmail page, like they do with their Google+ blurb at the top or the Google Voice in Hangouts blurb in the left pane (if you have a Google Voice account). I remember Google showing it somehow about this option but that was a long time ago. Maybe it was a temporary thing and Google changed their minds. Maybe they removed it since "Allow less secure apps" being enabled by default let everyone's setup work. I don't think anyone has been tracking exactly when this option showed up, what was the default when it was added, if Google changed their minds of when to change the default for this setting, and if grandfathered accounts were handled differently than for newly created accounts. Setting in Google settings is 'enabled' Yep, as mentioned before, but I'm no longer sure this is the current default. Creating a new Gmail account would show what is the current default setting. Google requires a mobile phone number to create a new account and mine is already assigned to my old account as a security option. If the OP never changed this setting (as implied in his starter post) and if it was a newly created account (somewhat implied by the OP, too) then it appears Google changed their minds and made Disabled the default for this setting (so less secure apps get blocked). It could be after some date that Google decided to make Disabled the default this option so less secure apps would get blocked by default and that is why the OP hit the problem. For accounts that existed at the time Google added this option, maybe they grandfathered them with Enabled as the default. If the OP created a new account and made no changes to the settings of his Google account then it appears Disabled is the default for "Allow less secure apps". The OP will have to reply if this was the case for him: new account, "Allow less secure apps" disabled by default. As for you and I, it's possible Google grandfathered us in with Enabled as the default (so Google didn't **** up probably the majority of their existing users when they added the option). If the OP does not reply as to whether the problem cropped up for a new account he just created, someone will have to create a new Gmail account and then check what is the default setting. Well, we now know another datum on why logins may fail at Gmail. If the prompt shows up on that Win7 drive while I update my other software and utilities then I'll reply accordingly. Until then, it have been something temporary...with Google things change overnight, disappear, get modified with very little transparency. Since the complaint of failed password is very marginal, it would stand to reason that the only way to cause the failure is for a user to physically change the setting manually forcing 'it' to occur. -- ...winston msft mvp consumer apps |
#34
|
|||
|
|||
Windows Live Mail a less secure app?
"VanguardLH" wrote in message ... Live wrote: "VanguardLH" wrote in message ... Live wrote: Otherwise, someone that knows more about POP, IMAP, and SMTP might identify which commands would reveal what e-mail client connected to the server. The headers of Stewart's post say X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 That's a header added for posts submitted via NNTP to a Usenet provider. Eternal-September that Stewart uses is a Usenet provider, not an provider. That is obviously a header to identify the *NNTP* client used to compose the post. You won't find the header, if any, in Stewart's posts submitted here in Usenet. This is Usenet, not e-mail. I was requesting someone that uses OE as their *e-mail* client do a test to see if OE adds an *e-mail* header that identifies his client (OE). I use Windows Mail as my e-mail client on vista and I see the header X-Mailer: Microsoft Windows Mail 6.0.6002.18197 That's not Outlook Express, is it. I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. |
#35
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps |
#36
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
"VanguardLH" wrote in message ... Live wrote: "VanguardLH" wrote in message ... Live wrote: Otherwise, someone that knows more about POP, IMAP, and SMTP might identify which commands would reveal what e-mail client connected to the server. The headers of Stewart's post say X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 That's a header added for posts submitted via NNTP to a Usenet provider. Eternal-September that Stewart uses is a Usenet provider, not an provider. That is obviously a header to identify the *NNTP* client used to compose the post. You won't find the header, if any, in Stewart's posts submitted here in Usenet. This is Usenet, not e-mail. I was requesting someone that uses OE as their *e-mail* client do a test to see if OE adds an *e-mail* header that identifies his client (OE). I use Windows Mail as my e-mail client on vista and I see the header X-Mailer: Microsoft Windows Mail 6.0.6002.18197 That's not Outlook Express, is it. I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. Okay, now you've got what is the header for Outlook Express, also confirmed by winston. I suspect it is not that Google thinks those desktop clients are more secure but rather that Google doesn't bother to check for them; i.e., the list is incomplete or they don't care about low-volume clients that are not supported (OE hasn't been supported since 2002 and WLM is a legacy product which means it also is not supported). OE and Thunderbird generate a very small amount of the total worldwide volume of e-mail traffic. So it could be those clients are off Google's radar. It could also be Google is trying to thwart spam that originates from their e-mail service so they target those desktop clients that produce the highest e-mail traffic from that platform. Without Google actually defining what they mean by "less secure", it's us making "could be" guesses as to what Google is doing. I don't use e-mail apps on smartphones (I only have dumbphones since all I want a phone to do is make and receive calls). Other than mentioning some desktop e-mail clients that Google claims are less secure, their statements indicate they are primarily focused on mobile device apps. Because of limited memory and disk space, mobile apps have to be small (i.e., they are not as robust as desktop apps). So it looks like Google considers e-mail apps on mobile devices and the most common desktop e-mail apps (which altogether are much smaller than e-mail traffic generated by mobile device apps) as "less secure". Since Google has delibertely left vague what means "less secure" means I'm not going to believe them. They provide no foundation for their claim. If the rule looks arbitrary then it probably is. Google wants you to use their e-mail app or their webmail client. Since Google doesn't produce a desktop e-mail program, that means you must surely need to move to using your web browser to access Gmail using their webmail client. Uh huh, sure. If not their webmail client then they want you to use their mobile device app: https://play.google.com/store/apps/d...gle.android.gm From what I hear from others, Android's e-mail app sucks. None of the articles that I looked suggesting e-mail apps for Android mention the one that comes with Android. You could go with their 2-step validation scheme and get a security key; else, you'll be toting around a piece of paper with the backup codes -- which is the same [lack of] security as turning over someone's keyboard to see the sticky notes with their passwords. Ah, but their security key on USB won't work unless you use THEIR web browser (Google Chrome). And, ah, you can't use any USB stick but only one that is FIDO Universal 2nd Factor (U2F) capable so you have to buy a FIDO USB security dongle to use Google's security key to work only in Google Chrome. So "less secure" apparently is anything not Google. That OE or any desktop e-mail client (since Google doesn't make one) got missed is probably a mistake waiting to be fixed. Not on their radar yet. |
#37
|
|||
|
|||
Windows Live Mail a less secure app?
". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. |
#38
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Since others in a private MSFT forum have reported OE failing unless the Google setting is configured for less secure clients, if you've a Gmail account using OE without issue that Gmail setting is also configured as less secure. -- ...winston msft mvp consumer apps |
#39
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Actually I'm just making guesses on Google's decisions. Google isn't telling us what they mean by "less secure" so all we can do is guess. Without details, to us Google's choices are arbitrary and surreptitious. |
#40
|
|||
|
|||
Windows Live Mail a less secure app?
". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Since others in a private MSFT forum have reported OE failing unless the Google setting is configured for less secure clients, if you've a Gmail account using OE without issue that Gmail setting is also configured as less secure. -- ...winston msft mvp consumer apps Google defines security in his own way. It is not necessary to adopt his definition. |
#41
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Since others in a private MSFT forum have reported OE failing unless the Google setting is configured for less secure clients, if you've a Gmail account using OE without issue that Gmail setting is also configured as less secure. -- ...winston msft mvp consumer apps Google defines security in his own way. It is not necessary to adopt his definition. Google's a person ? -- ...winston msft mvp consumer apps |
#42
|
|||
|
|||
Windows Live Mail a less secure app?
". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Since others in a private MSFT forum have reported OE failing unless the Google setting is configured for less secure clients, if you've a Gmail account using OE without issue that Gmail setting is also configured as less secure. -- ...winston msft mvp consumer apps Google defines security in his own way. It is not necessary to adopt his definition. Google's a person ? -- ...winston msft mvp consumer apps "its definition" is ok? |
#43
|
|||
|
|||
Windows Live Mail a less secure app?
"Live" wrote in message ... ". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Since others in a private MSFT forum have reported OE failing unless the Google setting is configured for less secure clients, if you've a Gmail account using OE without issue that Gmail setting is also configured as less secure. -- ...winston msft mvp consumer apps Google defines security in his own way. It is not necessary to adopt his definition. Google's a person ? -- ...winston msft mvp consumer apps "its definition" is ok? I mean "its" in place of "his". |
#44
|
|||
|
|||
Windows Live Mail a less secure app?
Live wrote:
Google defines security in his own way. It is not necessary to adopt his definition. You don't get a choice how an e-mail provider defines security. It's their service, their resource, their property, not yours. Yes, you definitely have to adopt Gmail's definition of security. The only choice you get is to turn on/off the "Allow less secure apps" option. Also, with Gmail, you have NO CHOICE to disable their anti-spam filter. It is always on and you cannot disable it. |
#45
|
|||
|
|||
Windows Live Mail a less secure app?
On Wed, 29 Apr 2015 11:01:49 +0300, Live wrote:
"Live" wrote in message ... ". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: ". . .winston" wrote in message ... Live wrote: I have Outlook Express as my e-mail client on win8 and I see the header X-Mailer: Microsoft Outlook Express 6.00.2900.2180 So Google thinks that Windows Mail and Outlook Express are more secure than Outlook, WLM and Thunderbird. The real questions would be g - Are you using that 3rd party modified version of MSFT's OE with a Google Gmail account. And if so, is it using POP3 or IMAP or both ? - What are you're Google settings for the security settings discussed in this thread (Less Secure apps etc.) -- ...winston msft mvp consumer apps The real question is whether OE and WM are more or less "secure" than other e-mail clients and this question has been explained perfectly by VanguardLH. Since others in a private MSFT forum have reported OE failing unless the Google setting is configured for less secure clients, if you've a Gmail account using OE without issue that Gmail setting is also configured as less secure. -- ...winston msft mvp consumer apps Google defines security in his own way. It is not necessary to adopt his definition. Google's a person ? -- ...winston msft mvp consumer apps "its definition" is ok? I mean "its" in place of "his". That works better :-) "His" and "her" (or "hers") usually look like people in idiomatic English. -- Gene E. Bloch (Stumbling Bloch) |
Thread Tools | |
Display Modes | Rate This Thread |
|
|