I’ve Gotta Get A Message To You II: fixing SSMTP gmail authorisation

This is a ultra-short post related to sending email via the command line on Linux/Rasperry Pi.

On 30 May 2022, Google disabled the handy feature that allowed less secure sign in to Google accounts. This feature was a handy way to authenticate command-line routines that send email.

I noticed my daily emails had stopped, and when I tested sending an email using ssmtp:

echo "Hello, World!" | ssmtp fakeaddress@someplace.com

sure enough:

ssmtp: Authorization failed (535 5.7.8  https://support.google.com/mail/?p=BadCredentials ay15-20020a5d6f0f000000b002183cf9cd69sm277180zzz.15 - gsmtp)

The setting to allow less secure access had definitely been switched off with no chance of turning it back on. So, what to do? Google would like all apps to authenticate properly, but the problem with a command-line utility is there is no way to get a window to pop up and authenticate as can be done with regular apps. I tried and failed a few things before hitting on the answer. App Passwords

  • Enable two factor authentication (if it isn’t already) on the gmail account you want to link
  • In the Google account, select “Security”. Select “App Passwords” under “Signing in to Google”.
  • Make a description for your app here. I used “ssmtp on raspberry pi”.
  • Generate the 16 digit app password. Make a note of it!
  • Click done.

Now on the computer that will send the emails do sudo nano /etc/ssmtp/ssmtp.conf

root=myaccount@gmail.com
mailhub=smtp.gmail.com:587
 
FromLineOverride=YES
AuthUser=myaccount@gmail.com
AuthPass=myAppPassword
UseSTARTTLS=YES
UseTLS=YES

To be clear: AuthPass should be your new 16 character App Password and NOT your gmail password.

Save with ctrl + X and Y.

Now test it out:

echo "Hello, World!" | ssmtp fakeaddress@someplace.com

Success!

For how long this route will work, I do not know.

Leave a Comment

Your email address will not be published.