Why do I need OAuth when sending emails to my clients via gmail?

Question

I have basic legacy asp.net web application (no mvc, no .net core)

As of May 30 2022 google has stopped supporting less secure apps. So now if I want to send an email with mywebapp@gmail.com as from address, its not working!

SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more...

I have tried setting up apppassword and sending mail using NetworkCredentials, it works but straight afterwards I get an Application_OnError event raised and again the above SmtpException is thrown.

Some googling says to resolve this I needed to implement OAuth2.0, but this relates to using user's gmail account or some permissions related to this gmail account.

which is irrelevant in my scenario. I only want to send emails to my customers from mywebapp gmail account, not the user's account.

Then why should my customer (while using mywebapp) give consent to receive emails from mywebapp gmail account? given they dont have login credentials.

how is OAuth2.0 relevant in my scenario?

Feeling confused.

Side Question: If you think apppassword is the way to go then why am I receiving smtpexception after the email is successfully sent? can share code if required

My smtpClient code

 Public Function SendViaGmail(subject As String, body As String, recipients As String)
    
    Dim fromEmail As String = ConfigurationSettings.AppSettings("ContactEmail")

    Dim smtpClient As Mail.SmtpClient = New Mail.SmtpClient("smtp.gmail.com") With {
        .Port = 587,
        .DeliveryMethod = SmtpDeliveryMethod.Network,
        .Credentials = New NetworkCredential(fromEmail, "APP_PWD"), 
        .EnableSsl = True
        }

    Dim mailMessage As MailMessage = New MailMessage With {
    .From = New Mail.MailAddress(fromEmail),
    .Subject = subject,
    .Body = body,
    .IsBodyHtml = True
}

    mailMessage.[To].Add(recipients)
    If smtpClient IsNot Nothing Then
        smtpClient.Send(mailMessage)
    End If
End Function

My full post related is mentioned here

Linda Lawton - DaImTo · Accepted Answer · 2022-12-16T06:49:24.707

Why do I need OAuth when sending emails to my clients via gmail?

Answer: You do not, necessary it depends on the use case.

There are two ways to send emails via the smtp server now that google has removed less secure apps.

you can enable 2fa on the google account and create an apps password you can then take the exact same code you used before and simply replace the standard user gmail password with the apps password.
the second option would be to use xoauth2.

How is OAuth2.0 relevant in my scenario?

XOauth2 is a form of Oauth2 which allows an application to request consent of a user to access their private data in this case their gmail mail account. Using XOauth to imo would be over kill in your user case if you are only connecting to your own Gmail account then there is really no reason for you to use Xoauth2 and authorize a user.

Side Question: If you think apppassword is the way to go then why am I receiving smtpexception after the email is successfully sent? can share code if required

An smtpexception would imply to me there is an error in your code.

Note: Working example can be found in authors other question SmtpClient not working after setting up app password and 2-factor authentication enabled

thanks for a prompt response @DalmTo. I am sharing my code above — Samra, Dec 14 '22 at 22:51
Yeah I have seen your other question, I try to avoid supporting vb. — Linda Lawton - DaImTo, Dec 15 '22 at 07:09
Me too :D Iam a c# dev..but have just been pushed into this one project — Samra, Dec 15 '22 at 23:32

Why do I need OAuth when sending emails to my clients via gmail?

1 Answers1

Linked