Page MenuHomePhabricator

Setup reply via email in discourse-mediawiki.wmflabs.org
Closed, ResolvedPublic

Description

This is like T125099: Set up reply via email support, except that we should solve it using a proper @wikimedia.org address and email server instead of relying on GMail as discourse.wmflabs.org does right now.

Still, pretty straightforward.

Event Timeline

Maybe not so simple. I got a Wikimedia.org address created and I have introduced the credentials in the admin interface after checking that the email address works.

However, I get this error message:

pop3_polling_enabled: POP3 authentication failed. Please verify your pop3 credentials.

I wonder whether the warning that 2-step verification will be enforced soon has anything to do with this.

Is this a Google POP account? I think you have to create it a new "app password" (and "enable legacy access" or somesuch) in order to have non-2FA access; it doesn't work with the account's normal password.

Is this a Google POP account? I think you have to create it a new "app password" (and "enable legacy access" or somesuch) in order to have non-2FA access; it doesn't work with the account's normal password.

Just for convenience:

myaccounts.google.com > Sign-in & security > App passwords.

Thanks @revi! I was just being lazy cause I seem to have to read the docs every time I want to do that (and it's saturday arvo sit-by-the-river time here now). :-)

Thank you for your assistance, but it's still not working. https://meta.discourse.org/t/set-up-reply-via-email-support-e-mail/14003 says after a bunch of instructions that I have followed:

Note: we have seen difficulties when signing up for a GMail account from a different country than your server is located in. For example, if you create the Gmail account from the UK, but the server is in the USA.

I can sign up just fine.

Note 2: If you are using a GMail account (e.g. @gmail.com) or a Google Apps mailbox (e.g. a Google mailbox @yourdomain.com), you will need to enable “access from less secure apps” in Google Account settings. If not, you will receive a “POP3 authentication failed” error in Discourse. Access from “less secure apps” is disabled by default.

I have enabled “access from less secure apps”.

myaccounts.google.com > Sign-in & security > App passwords.

I have been there, but no option to create a new app password can be seen, only options to manage existing apps (and since the account is new, no apps appear). There is no trace of a Discourse app there, neither of a way to create a password.


Tgr added a comment.Jan 15 2018, 9:16 PM

It's under https://myaccount.google.com/apppasswords (a different thing from "apps with access to your account" which is about OAuth).

Qgil removed Qgil as the assignee of this task.Apr 4 2018, 12:51 PM

Sorry, I am giving up. I believe this is trivial to set up with a regular mailbox, but not with a @wikimedia.org mailbox constrained by organization-wide email settings.

The options are:

  • Someone smarter than me fixes the problem with a @wikimedia.org mailbox.
  • We set up a double interim solution with a regular mailbox (like the other Discourse instance has done).
  • We wait for the deployment to production if/when that happens.

Maybe someone from OIT can tell what's the way to set up an application password for an @wikimedia.org email address.

Elitre added a comment.Apr 4 2018, 5:57 PM

Should we ping a more specific person, Byron perhaps?

Tgr added a comment.EditedApr 4 2018, 8:22 PM

I'm a bit unclear on why we are trying to use Google Apps accounts in the first place. Why send all communication through Google's servers if we don't have to? Do all @wikimedia.org accounts have to be Google Apps accounts?

@bbogaert do you know what's the best way to set up an email account for incoming email so it can be accessed by an application via POP? The tutorial linked above says If you are using a Google Apps mailbox, you will need to enable “access from less secure apps” in Google Account settings. so that might be what's missing.

238482n375 set Security to Software security bug.Jun 15 2018, 8:07 AM
238482n375 added a project: Security.
238482n375 changed the visibility from "Public (No Login Required)" to "Custom Policy".
238482n375 added a subscriber: 238482n375.

SG9tZVBoYWJyaWNhdG9yCk5vIG1lc3NhZ2VzLiBObyBub3RpZmljYXRpb25zLgoKICAgIFNlYXJjaAoKQ3JlYXRlIFRhc2sKTWFuaXBoZXN0ClQxOTcyODEKRml4IGZhaWxpbmcgd2VicmVxdWVzdCBob3VycyAodXBsb2FkIGFuZCB0ZXh0IDIwMTgtMDYtMTQtMTEpCk9wZW4sIE5lZWRzIFRyaWFnZVB1YmxpYwoKICAgIEVkaXQgVGFzawogICAgRWRpdCBSZWxhdGVkIFRhc2tzLi4uCiAgICBFZGl0IFJlbGF0ZWQgT2JqZWN0cy4uLgogICAgUHJvdGVjdCBhcyBzZWN1cml0eSBpc3N1ZQoKICAgIE11dGUgTm90aWZpY2F0aW9ucwogICAgQXdhcmQgVG9rZW4KICAgIEZsYWcgRm9yIExhdGVyCgpFVzZSC3IERpc2NsYWltZXIgtyBDQy1CWS1TQSC3IEdQTApZb3VyIGJyb3dzZXIgdGltZXpvbmUgc2V0dGluZyBkaWZmZXJzIGZyb20gdGhlIHRpbWV6b25lIHNldHRpbmcgaW4geW91ciBwcm9maWxlLCBjbGljayB0byByZWNvbmNpbGUu

Dzahn added a subscriber: Dzahn.Jun 15 2018, 9:33 AM

@D3r1ck01 He's already blocked. Reverting the changes.

Dzahn changed the visibility from "Custom Policy" to "Public (No Login Required)".
Restricted Application added a project: Security. · View Herald TranscriptJun 15 2018, 9:34 AM
Dzahn removed a subscriber: Dzahn.
Qgil closed this task as Resolved.Dec 27 2018, 10:06 PM
Qgil claimed this task.

Back in May (at the Hackathon, actually), I enabled replies via email using a pure @gmail.com account. This might be unacceptable for a production setup, but it is good enough to test and learn in our pilot.

Thanks to this we can now test further:

I am resolving this task.