I am trying to set up phplist to use my google account to send mails. I have installed the oauth2 plugin, obtained a token, and phplist is contacting the google smtp server. However the message from google is that authentication is required.
Maybe I am being naive but I thought that this is what the oauth2 token is for? If so then I must have not set something up either at the phplist end, or the google end. Would anyone have some suggestions as to what I need to do? I have included what I think is the relevant debug output below.
quick edit to add more info…is there a way to log what authentication info is being sent to google (if any)? Maybe I need to add to phplist config to specify that oauth2 should be used.
Thank you very much
Jon
2025-05-24 11:51:17 SERVER → CLIENT: 250-smtp.gmail.com at your service, [78.129.161.120]250-SIZE 35882577250-8BITMIME250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8
2025-05-24 11:51:17 CLIENT → SERVER: MAIL FROM:redacted@redacted.com
2025-05-24 11:51:17 SMTP INBOUND: “530-5.7.0 Authentication Required. For more information, go to”
2025-05-24 11:51:17 SMTP INBOUND: “530 5.7.0 [link removed]. 5b1f17b1804b1-442ebd6fe86sm278346185e9.0 - gsmtp”
2025-05-24 11:51:17 SERVER → CLIENT: 530-5.7.0 Authentication Required. For more information, go to530 5.7.0 [link removed] - gsmtp
2025-05-24 11:51:17 SMTP ERROR: MAIL FROM command failed: 530-5.7.0 Authentication Required. For more information, go to530 5.7.0 [link removed]. 5b1f17b1804b1-442ebd6fe86sm278346185e9.0 - gsmtp
OK, replying to myself here because I have got it working. I had to set the smtp user which maybe was obvious, I’m not sure, I thought the oauth token would handle that but I am probably wrong. However on its own that didn’t work. I also had to set the smtp password which I left as the default password and then it worked. So I guess it’s a bug requiring a (any) password but not using it? Anyway adding these settings to config.php seem to have resolved the issue so I will leave them here in case anyone else needs it:
@jon2 You are right. The OAuth2 token email address should be sufficient, and the password is not needed for connecting to the bounce mailbox or sending using SMTP. Because the smtp user and password were not present in config.php then core phplist decided that authentication was not necessary.
I have changed the plugin so that the token email address is used when sending and receiving, and explicitly set that authentication is needed. This works for sending and receiving through gmail and microsoft. In config.php I have these settings
There’s a first time for everything, thank you for updating this.
I wasn’t sure whether it was my lack of knowledge about oauth or if it was a bug. Your explanation makes sense and your plugin works great (once it logs in heh heh)