Bonum Certa Men Certa

Bypass “Less Secure Apps” in GMail With SeaMonkey Mail Using IMAP.

Reprinted with permission from Ryan Farmer

Problem: Google doesn’t support STARTTLS or plain username and password over TLS anymore.



Google has declared war on mail clients. It will probably get worse in the near future, but for now, you can still log in with a proper email program, like SeaMonkey.



When Google makes these additional changes I’ll see if I can hack around them too and update everyone.



(Google really doesn’t like IMAP because they can’t shove ads that look like email messages in it like they do in the Web Mail version. These are basically a phishing attack that Google lets advertising companies pay for.)



To help keep your account secure, from May 30, 2022, ​​Google no longer supports the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password.



Important: This deadline does not apply to Google Workspace or Google Cloud Identity customers. The enforcement date for these customers will be announced on the Workspace blog at a later date.



If an app or site doesn’t meet our security standards, Google might block anyone who’s trying to sign in to your account from it. Less secure apps can make it easier for hackers to get in to your account, so blocking sign-ins from these apps helps keep your account safe.

-Google


Solution: Fake the User Agent for Google.com and GMail.



Even though SeaMonkey Mail doesn’t have any security problems that Thunderbird doesn’t have, Google allows Thunderbird and denies SeaMonkey. They both use the same code to implement mail support.



To get around this, lie to Google about your User Agent String.



In about:config, right-click, make a new String.



Paste in general.useragent.override.gmail.com and for the value, use Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:115.14) Gecko/20100101



Be careful there’s no whitespace. Then do the same thing, make the value



Paste in general.useragent.override.google.com and for the value, use Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:115.14) Gecko/20100101



Then select OAuth as the authentication type and set up your GMail account in SeaMonkey and sign-in again (you may need to click the “Get Messages” button), and instead of seeing the “less secure apps” warning, it’ll log in and fetch your mailbox.



Every 18 months or so you have to bump the fake User Agent. This should be easy because Thunderbird uses ESR branches of Firefox (currently 115) and the minor builds on this ESR branch normally go to .14.



They only check the minor revision to make sure it’s not lower than the minimum required Thunderbird. They don’t check the major version to see if it actually exists yet or not. So putting “current ESR plus .14” works even though there is no such version.



This is important because I have also found out that if you’re not “following minor versions” of Thunderbird, Google will log you out and your mailbox will disappear from SeaMonkey until you bump it. And you usually only get two minor releases behind before they do this!



So really the only thing to bump is the rv:xxx.xx part of the String, whereas the x’s indicate the major and minor build of Thunderbird you’re claiming to be.



If you look in the “apps with access to my account” you’ll see an entry for “Mozilla Thunderbird” with “Access to GMail”. This is SeaMonkey.



“Security that you lie your way past. I like it.



Very “I’ll make three Windows Registry entries and Windows 11’s installer has no Secure Boot, TPM, or minimum processor anymore.” (which is also a thing) of Google.



Recent Techrights' Posts

After Microsoft's Bankruptcy in Russia Android (Linux) Will Dominate Asia Completely
Windows probably peaked in "XP" or "2000"
India: Windows Falls to 50% in Desktops/Laptops and 8% Overall
laptops/desktops fell to 16% of the whole
statCounter: GNU/Linux Up to 4.7% "Market Share" This Month
30,000 Microsoft jobs may be eliminated by year's end
Microsoft is in Trouble and Microsofters Know It
"I've been happy on Win 3.11 for years."
Links 02/06/2025: Political Leftovers, DRM, and Patents
Links for the day
 
Last Article From Australia's Sam Varghese Was a Year Ago and It Covered the Release of Julian Assange, Who Will Apparently Come Back as 'Politician'
It'll soon be exactly 12 months
Hungary Seems Hungry for Linux
Windows down by a lot
Like in Europe, Bad News for Microsoft in US and Canada
If it loses those "regions", then what's left?
About 8 Waves of Mass Layoffs at Microsoft in 2025 (in Less Than 5 Months), Now Vista 11 "Market Share" Decreases
Really bad news for shareholders of Microsoft
statCounter Sees Bing "Share" Falling Over 0.5% in One Month, Now Lower Than Before the ChatGPT/Bing Chat Hype
Bing has been part of the mass layoffs for quite some time
Microsoft's Demise is a Global Phenomenon
mass layoffs justified using mindless buzzwords
All-Time Highs for GNU/Linux in EU and the UK, All-Time Lows for Microsoft
Combining ChromeOS and GNU/Linux, it adds up to and almost reaches 6%
[Video] New Introduction to Richard Stallman's Contributions Including GNU Emacs, GNU/Linux, and Software Freedom
from the channel previously bullied for supporting RMS
Links 02/06/2025: South Korea to Vote, Russia Blitzed From Within
Links for the day
Links 02/06/2025: Microsoft Spins Layoffs as "Slop", Frontier Settles Lawsuit
Links for the day
When You Publicly Boast About Wanting to Violently Attack People (Even Colleagues) Finding a Job Will Prove Difficult
there's a lesson to be learned here
The Web We Lost, the Information Lost Due to Microsoft's Attacks on Companies Like Yahoo! (Before the LLM Slop Frenzy)
When it comes to news sites, what can we say?
Covering Corruption in Poland, Including a War on Science (Due to Bad Politicians)
What we're about to show is that skilled and experienced scientists in Poland are besieged by bureaucrats
Gemini Links 02/06/2025: "Star Wars Day" and "Security Day"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 01, 2025
IRC logs for Sunday, June 01, 2025
The Openwashing Shills Initiative (OSI) - Part II: Lying to the IRS is a Big Issue
The OSI of today pretends to be something that it is not
Bloodlust and Love of Blades (Fascination With Murder) Nothing New Among Microsofters
Violence is not a joke and no group is magically entitled to make such "jokes"
Links 01/06/2025: Bird Flu, Food Price Inflation, and Growing US-China Hostilities
Links for the day
Links 01/06/2025: "Vibe Coding" Turns Out to be a Fraud and Amazon Merits Boycott, Argue Bloggers
Links for the day
Gemini Links 01/06/2025: "Stardust" and Ideal PC Setup
Links for the day
Links 01/06/2025: Windows TCO, Openwashing, "It's FOSS" Still Promoting Microsoft
Links for the day
Gemini Links 01/06/2025: Simplification and Networks Everywhere
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 31, 2025
IRC logs for Saturday, May 31, 2025
Google Bribes EFF. EFF Promotes LLM Slop as 'Fair Use'. To GAFAM It's a Low-Cost Lobby Hedge.
So the bribes pay off ("slush fund") and the word spreads
Slopwatch: Fake Text and Images, Financial Bubbles, and Scams in "Intelligent" Clothing
Sometimes what they mean by "AI" is just cheap labour somewhere else, as we discussed in IRC a few hours ago
Why Microsoft is Collapsing (Similar to What's Happening at IBM), As Insiders See It
IBM seems like one heck of a mess
Reliable Computing Means Free (Libre) Computing
Sites that want to promote security ought to deal with the biggest issues
Links 31/05/2025: US Court Orders Sides With RFE/RL, War Updates From Ukraine
Links for the day
Gemini Links 31/05/2025: ARM Server and power_supply Subsystem
Links for the day
Links 31/05/2025: Slop Stigmatised as Disinformation, Catalyst/Driver of "Death of Communication"
Links for the day
Common Sense 101: Do Not Write Blog Posts Saying You Want to Murder Colleagues (or Yourself)
Only crazy people would think stabbings are a joke
Microsoft Bankruptcy
"Microsoft unit in Russia to file for bankruptcy, database shows"
Techrights Does Not Compete With LLM Slop, It Exposes the Bastards, Plagiarists and Scammers Who Do That
People like Scam Altman, still facing a lawsuit from his own sister for sexual abuse against her
Links 31/05/2025: Microsoft-Connected Builder.ai is a Fraud and US is Purging Students Based on Race/Nationality
Links for the day
Gemini Links 30/05/2025: Limmat, Doomscrollers, and Arguments Parsing
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 30, 2025
IRC logs for Friday, May 30, 2025