Use Gmail as your SMTP Server – even when using 2-factor authentication (2-step verification)

Use Gmail as your SMTP Server – even when using 2-factor authentication (2-step verification)

By | 2016-12-01T16:37:39+00:00 July 6th, 2015|Tips & Tricks|0 Comments

Gallery Server can send emails for various events such as errors, account signup verification, and admin notification of new accounts. To configure, you must give Gallery Server an SMTP server it can use for sending the e-mails. Many organizations have an internal SMTP server you can use and hosting companies often provide one as well. But if you are self-hosting or can’t use the available SMTP server for whatever reason, Gmail provides one you can use to send up to 2,000 messages a day. This post tells you how to set up Gmail as an SMTP server for your gallery, including how to set things up when your Google account is configured with 2-factor authentication.

Set up Gmail as your SMTP server

Of course first you need a Google account. Get one here.

Now open web.config for your gallery and find the system.net section. The file will be in the root of your web application and can be opened in any text editor (it’s just an XML file). The system.net section will be commented out:

<!--
<system.net>
 <mailSettings>
  <smtp>
   <network host="relayServerHostname" port="portNumber" userName="username" password="password" />
  </smtp>
 </mailSettings>
</system.net>
-->

Delete this section and replace it with this one (be sure to delete the comment markers at the beginning and end):

<system.net>
 <mailSettings>
  <smtp deliveryMethod="Network">
   <network host="smtp.gmail.com" port="587" userName="user@gmail.com" password="XXXXXX"/>
  </smtp>
 </mailSettings>
</system.net>

Replace the username and password with your Gmail address and password.

Notice we use port 587, which according to Google, forces the connection to use TLS. Google allows port 465 for SSL, but requires an “implicit SSL” connection. Unfortunately, .NET uses an “explicit SSL” connection, so we can’t use port 465. If you do, you’ll be treated to a connection timeout error. So we use port 587.

Now go to the Site Settings – General page in the site admin area of your gallery and enable the SSL encryption setting in the e-mail settings section:

E-mail settings for using Gmail SMTP server in Gallery server

You can also enter the e-mail address for your Gmail account in the ‘show e-mails as coming from section’, but in reality whatever value you enter here is overridden by Gmail during the sending process to match the sending user. So while it would be nice to show your emails as coming from admin@yoursite.com (or whatever), your recipients will always see the e-mail as coming from the Gmail account.

Save your settings and click the ‘Send test e-mail’ link. If it works, great, you’re done. Have a great day. But there’s a good chance you get this error:

Error when Gmail setting has less secure apps disabled

To help with search engines, here is a SEO-friendly version of the text:

The following error occurred: System.Net.Mail.SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required.

What you do next depends on whether or not you have 2-factor authentication enabled, also known as 2-step verification. Use a browser to log in to your Google account and go to your Sign-in & security settings. Look for the 2-step verification setting:

Google sign-in settings

If 2-step verification is off and you want to keep it that way, read on. If it’s enabled or you want to enable it (a great idea, by the way!), skip to the next section.

To use Google as an SMTP server when 2-step verification is turned off, you need to turn on Google’s ‘less secure apps’ setting. Go to your Connected apps & sites setting and look for this section:

Gmail's 'less secure apps' setting

Turn it on, then go back to the e-mail settings in your gallery and send another test e-mail. Now it should work:

Gallery Server success message for email settings

Sweet! You’re good to go.

Enable SMTP server with 2-step verification (aka 2-factor authentication)

For increased security your Google account may be using 2-factor authentication, also known as 2-step verification. When enabled, you must log in to Gmail with both your password and your phone. This prevents hackers who get your password from getting into your account, since they won’t get the security code sent to your phone.

If it’s not already on and you want it enabled, visit your security settings in Google and follow the prompts to enable it:

gmail4

Once 2-factor authentication is enabled, the previous technique of specifying your e-mail address and password in web.config will no longer work. Instead, you must configure what Google calls an app password:

Google sign-in settings when 2-step verification is enabled

Click the App passwords button and you’ll see a screen where you can set one up:

Configure a Google app password

In the dropdown list, select Other (custom name) and type in a name (I used Gallery Server but it doesn’t matter). Then click Generate. Your app password will appear:

Google app password

Be sure to copy it to your clipboard before clicking Done because as far as I can tell there’s no way to see it again. Now paste this password into the password setting in web.config:

<network host="smtp.gmail.com" port="587" userName="user@gmail.com" password="XXXXXX"/>

Save the file, then go back to the e-mail settings in your gallery and send another test e-mail. Now it should work:

Gallery Server success message for email settings

Using Google as your SMTP server is a great option and works well once you know the steps. Hopefully this post steers you in the right direction. Have a great day!

About the Author:

Founder and Lead Developer of Gallery Server

Leave A Comment