On 04/20/2016 08:32 AM, Daniel P. Wright wrote:
Hello David,
The only thing I noticed with Gmail is that in order to work it requires the sender's account to toggle this setting: Allow less secure apps: OFF
That does sound unusual! Is my understanding you correctly that HaskellNet doesn't work UNLESS you disallow less secure apps? Or is it the other (more intuitive) way round? (i.e. HaskellNet is being considered a "less secure" app and thus being disallowed).
It's not particularly sinister... It's is simply that IMAP/SMTP do not have authentication options that are "secure enough" for Google[1]. Or perhaps rather that they at least must allow less secure authentication options per their respective standards/RFCs. Regards, [1] Basically they don't enforce two-factor auth.