I know there's an API for a Gmail plugin in your browser. Is there one for the server? For example, if I want to write an anti-virus app that reads emails coming in to an account on the server, then let's them continue or quarantines them - all before the user ever sees them?
Obviously it would have to be authorized for the users it did this for.
EDIT: As of 26/06/2014, this answer has become incorrect, as Google just released a dedicated API to GMail. See the link in this post for reference.
Original answer below this line :
From a technological perspective, it's a mail server just like any other.
Thus, your choice should fall on a mail protocol. It's also already answered in the question you linked: https://stackoverflow.com/a/2820280/1680196
Your app would open an IMAP connection to your mail server of choice (in this case gmail), scan for incoming mail, read the content and trigger a delete / move to trash if necessary.
Personally, I wouldn't trust any app like this running outside my own mailserver / mail client, since this use case requires full read and write access to a users mails.
There might be some API for Google Apps for Domains mail accounts, but I doubt this goes beyond the RSS mail notifications.
Edit: Official Google api documentation also refers to IMAP for accessing user inboxes. Link to IMAP OAuth overview. With application specific passwords users could enable your app to access their account without exposing their actual credentials, but beyond that I fear you are out of luck.
There is an HTTP REST API now!
http://developers.google.com/gmail/api/
(And has been for years if you were willing to use IMAP. :-D)
Related
About two years ago, I created a Node.js application that would send emails periodically through Gmail's Less Secure Apps option. This worked quite well, but they recently got rid of it. I have G-Suite email addresses under my domain that I would like to send emails from, but the new Gmail API takes quite a bit of effort to set up and maintain. Is there a way that I can use Node.js to send emails from those addresses, but in a simpler way? Could I possibly use another SMTP server, like Yahoo or iCloud, with Nodemailer?
if you want to continue as you are just create an apps password.
otherwise you can configure a service account and set up domain wide deligation through your workspace domain account.
The service account will be able to send email on behalf of a user on your domain without any authorization needed. This is probably the most robust solution
I am prototyping an automated messaging system with a few pilot companies and about 10 users. They want my system to send status emails on their behalf, from their gmail accounts. This can easily be accomplished when they enter their gmail usn/pwd into my system (it is AES 256-bit encrypted before being stored in the DB). The problem is that the first time my system tries to send a status email on their behalf, using their account, the message is blocked until "Allow less secure apps" is enabled. When they try again, it's blocked again, along with scary warnings being emailed to them by google saying that someone has their google password. Only after they click through that and verify that my system has permission to do this, all is good, no more warnings, and everything works.
I have been researching this and I have found 2 potential approaches for smoothing this process and avoiding the scary warnings to the users:
Enable 2-factor authentication in the google account, and use an app-specific password (per user I think??) to send the emails without any warnings.
Have my system use oauth2 with the gmail accounts so that google no longer considers my app "less secure".
My question is, what is the best approach, and how do I set this up? If my gmail users enable 2-factor authentication, can they store their code into my system, and my system uses that code for future auto-emails? Does it even work that way? My experience with 2-factor auth is that a code is sent to the user's phone each and every time. Is that not the case? Would a stored code on my server (1 per user) work over and over? Does it expire after a certain amount of time?
And my understanding with oauth2 is that my users would need to be actively logged in with their google account and somehow exchange tokens with my server, but I really don't know. Is there some way for my web server (PHP) to implement oauth2 in connection with gmail accounts?
In summary, what is the simplest way to send auto-generated gmails for my users who are paying for this service without triggering scary warnings from google? The volume of emails is low -- this isn't spam -- it's a status follow-up system for the workplace.
You are right on your second point; that is an easy way to accomplish your objectives. You'll first have to authorize your app with Gmail to work with OAuth. You can follow these links to learn how to implement authorization in your server, but you can also enter here to appreciate some examples. When you develop the authorization protocol, you can read the Gmail API to start working with your customer accounts.
I am working on an application that requires communication via email with the user and the client for whom the application is being developed.
Basically the flow is thus :
Program Does Something
Program sends an email detailing if it worked or not to the user and my client
We have established a Gmail account to make this happen. Unfortunately my clients users are multinational and Gmail freaked out and started blocking users, which started throwing exceptions when they were trying to use the program.
In the emails I saw when I checked the account, I saw I see at least two of these emails that say "Suspicious sign in prevented", and there was a red bar that said multiple attempts were tried to sign in and asked if it was me, and there were points all over the world.
How would I go about making it so that Gmail doesn't freak out when it sees users trying to sign in all over the planet?
Isn't sending through a some kind of a server application not an option? I.e. instead of making SMTP connection from your end user app directly to Gmail server your app sends a request to your web server which does actual SMTP connection. This way you'll also eliminate issues when SMTP ports are blocked on end users' machines.
I'm working on a web-based application, and looking to integrate each user's e-mail (gmail, yahoo, etc.) into it. I'd like to do an automatic sync (side detail: selective to specific e-mail addresses) of inbox and sent messages, i.e. any messages sent through the application will appear in the user's e-mail, and vice versa; any messages received in the application will appear in the e-mail, and vice versa.
My question: I realize this will probably involve IMAP. Is there a way to go about this without storing the user's e-mail passwords? I'm open to any language, infrastructure, etc.
If there's really no way around storing the passwords, would MD5 be sufficient? Any other thoughts would be greatly appreciated.
you would need to find an OAuth-based API for accessing the email provider. this would allow the user to authenticate themself, provide you with an access token for later use.
I believe you can do this with Gmail, Yahoo (see links)
A situation where this might arise is a private messaging system on a forum. A user might want PMs forwarded to their main email so that they don't have to remember to check the inbox on your site as well as their main email. Then when users reply to those messages, you want the reply to go as a PM to another forum user.
Forwarding PMs as emails is trivial. In order to allow replies, you need to have the email server on your site parse out some information in the email that indicates which user it should be forwarded to as a PM.
If you really want to allow a user to access their entire GMail inbox from within the interface on your site, rather than just messages that went through your site anyway, then you are facing a much larger task.
I have a requirement where I have to count all sent email by users belonging to a domain that they manage with google. All email is of course managed with gmail.
Although this task initialy seemed trivial, there doesn't seem to be a way to do this directly, meaning through some API call.
Any ideas?
Thanks
Stelios
As far as I know the Gmail API doesn't offer access to the total of send items.
Tthe g4j project (written in Java) reverse engineered Gmail's protocol in order to access an account using HTTP calls. However, the solution is fragile since it could be easily broken whenever Gmail decides to change its HTTP protocol.
Screenshot of a Java application build on top of g4j:
It's not easy but there is a way to access a gmail account.