I want to authenticate myself using my Gmail ID and password on a Gmail SMTP server. I am using the GSASL library. I have a set of mechanisms that my client supports: Anonymous, External, Login, Plain, SecureID, Digest-MD5 and CRAM-MD5. Does somebody know which mechanism Gmail uses for user authentication?
To find out what authentication mechanisms an SMTP server supports, send the EHLO
command. If you haven't built your own SMTP client yet, you can test this using TELNET. The server will respond with the ESMTP extensions that it supports, including AUTH. For example, if you send the EHLO
command to smtp.gmail.com, you will find that it currently supports 4 mechanisms:
SERVER: 220 mx.google.com ESMTP c10sm612924yhk.4
CLIENT: EHLO AR93684-PC.local
SERVER: 250-mx.google.com at your service, [75.189.236.125]
SERVER: 250-SIZE 35882577
SERVER: 250-8BITMIME
SERVER: 250-AUTH LOGIN PLAIN XOAUTH XOAUTH2
SERVER: 250 ENHANCEDSTATUSCODES
So the answer to your question is Login, Plain, XOAuth, and XOAuth2.
Note that XOAuth has been deprecated in favor of XOAuth2: https://developers.google.com/accounts/docs/OAuth2