Integrating RT Email with Google Mail (Gmail): Difference between revisions
(Created page with "== Incoming emails == Assuming "your_account@gmail.com" is RT's correspond address: Set( $CorrespondAddress, 'your_account@gmail.com' ); === Using getmail 5.6+ to fetch emails === ==== Set up OAuth2 client on google side ==== Based on https://developers.google.com/identity/protocols/oauth2/native-app, here are some notes: Enable "Gmail API" On "OAuth consent screen" create, select "Internal" user type, add scrop: "Gmail API .../auth/gmail.modify Read,...") |
m (Jbrandt moved page Set Up RT With Gmail to Integrating RT Email with Google Mail (Gmail) without leaving a redirect) |
||
(No difference)
| |||
Revision as of 09:31, 19 May 2022
Incoming emails
Assuming "your_account@gmail.com" is RT's correspond address:
Set( $CorrespondAddress, 'your_account@gmail.com' );
Using getmail 5.6+ to fetch emails
Set up OAuth2 client on google side
Based on https://developers.google.com/identity/protocols/oauth2/native-app, here are some notes:
Enable "Gmail API"
On "OAuth consent screen" create, select "Internal" user type, add scrop: "Gmail API .../auth/gmail.modify Read, compose, and send emails from your Gmail account"
On client id create, set the application type to "Desktop app"
Save the "Client ID" and "Client secret" values, which we will need in the next step.
Setup getmail on RT server
Based on https://www.bytereef.org/howto/oauth2/getmail.html
1. Get initial OAuth2 token
Create /home/user/.getmail/gmail.json
{"scope": "https://mail.google.com/",
"user": "your_account@gmail.com",
"client_id": "xzy.apps.googleusercontent.com",
"client_secret": "foo",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"redirect_uri": "http://localhost/",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs"}
Fill "client_id" and "client_secret" with the real values from previous step.
Note that redirect_uri "urn:ietf:wg:oauth:2.0:oob" does not work any more, we need to give it a URL, which google will redirect to once user approves the access.
chmod 600 /home/user/.getmail/gmail.json
Then run command:
getmail-gmail-xoauth-tokens --init /home/user/.getmail/gmail.json
It outputs a google URL, go to that URL and approves it as "your_account@gmail.com", which will redirects to URL like:
http://localhost/?code=A-VERY-LONG-STRING&scope=https://mail.google.com/
Copy the code value from URL and paste it to the previous getmail-gmail-xoauth-tokens command window, then hit "Return". If everything goes well, getmail-gmail-xoauth-tokens shall quit silently.
2. Fetch emails
Create /home/user/.getmail/getmailrc
[retriever]
type = SimpleIMAPSSLRetriever
server = imap.gmail.com
username = your_account@gmail.com
use_xoauth2 = True
password_command = ("getmail-gmail-xoauth-tokens", "/home/user/.getmail/gmail.json")
[destination]
type = MDA_external
path = /opt/rt5/bin/rt-mailgate
user = root
group = root
arguments = ("--url", "http://localhost", "--queue", "General", "--action", "correspond",)
[options]
read_all = false
Test it:
/usr/bin/getmail --rcfile=/home/user/.getmail/getmailrc
Then edit /etc/cron.d/rt to fetch mail regularly:
*/3 * * * * user /usr/bin/getmail --rcfile=/home/user/.getmail/getmailrc --quiet
Outgoing emails
Route through Google
Based on https://support.google.com/a/answer/2956491, here are a few extra notes:
In step 6(Allowed senders section), choose "Only addresses in my domains" In step 7(Authentication section), choose "Only accept mail from the specified IP addresses", do not choose "Require SMTP Authentication" In step 8(Add allowed IP), add public IP address of RT server
Turn on sender envelope in RT site config:
Set( $SetOutgoingMailFrom, 1 );