Lettre is a popular Rust crate for setting up a SMTP client. It works well with Gmail’s SMTP server but preparing your Gmail account for use with Lettre (or a lot of other software…) is not immediately clear. This post will show you how to allow ‘Less Secure Apps’ for your google account and how to use Lettre to send emails through
Setting up Gmail
Allowing ‘Less Secure Apps’
Normally, Google wants you to perform all authentication to apps using Oauth2. However, to reduce the barrier of entry for the developer, we can tell Google to allow ‘Less Secure Apps’ to access our account. Once allowed, we can use basic smtp authentication to authenticate our app for sending emails.
For Non-Managed Users
- Log in to Gmail with the account you want use for smtp.
- Access ‘Google Account’ by clicking your avatar at the top-right of the page.
- From the menu on the left, access ‘Security’ settings.
- Scroll down to the ‘Less secure app access’ section.
- Click ‘Turn on access’ and move the slider to the enabled position.
Working with Two-Factor-Auth
If your account has Two-Factor-Auth enabled, then you need to create a new ‘App Password’ to use. An App Password is a random password that can be used by apps to log in without requiring 2FA.
- Access your ‘Google Account’ ‘Security’ settings like in the steps above.
- Scroll down to the ‘Signing in to Google’ section.
- Click on ‘App passwords’ and verify your current credentials.
- Generate a new password for app ‘Mail’ and device ‘Other’.
- Save the randomly generated app password, and use it instead of your normal password for authenticating with Lettre.
For Managed Users
If your account is managed by a Google domain account (business, enterprise, etc), then the domain administrator must enable access to Less Secure Apps.
- Log into the Google Admin Console.
- Click the ‘Security’ icon.
- Click the ‘Basic settings’ item.
- Under the ‘Less secure apps’ section, click ‘Go to settings for less secure apps >>’.
- Select either ‘Allow users to manage their access to less secure apps’ or ‘Enforce access to less secure apps for all users (Not Recommended).’
- Now perform the “For Non-Managed Users” steps given above.