Gmail, Bounces & new Security protocol

Two questions:

  1. Anyone get Gmail to work for bounces? I’ve had no success.

I tried the info here: Process bounces from Gmail in phpList – InMotion Hosting Support Center

  1. Gmail says they are stopping “insecure logins”. I’m sure PHPlist would be on that list.

Anyone encounter that issue yet and will it work??


Hi WSpivak

The problem with getting Gmail to work for bounces has to do with the permissions of the Gmail account. You have to update the Security configuration to allow a 3rd Party Apps to access the Gmail account with only a username & password (i.e., without using a 2-factor authentication method or OAUTH2).

Before you get excited and run out and update your Gmail account Security settings, don’t bother. Gmail is disabling / removing the ability to allow 3rd Party Apps to access an account with only a username & password on May 30, 2022.

This is where the PHPMailer OAUTH / OAUTH2 capability needs to be integrated into phpList. PhpList utilizes PHPMailer to send each message, but the OAUTH2 authentication method is not supported by the phpList configuration. I’ve been looking at the phpList code trying to figure out how to integrate the OAUTH2 authentication into it. While it is certainly possible to hack the phpList code to include OAUTH2, it needs to be a capability added to the phpList code base (otherwise you can never update to the latest release of phpList after you have hacked the code).


Ben, thanks for the response.

As I think I wrote, I wasn’t able to get bounces to go to a designated email account (whether on my server or Gmail). All of them went back to the account that is sending the emails.

I just used some excel magic and culled the bounces and suppressed them. A little extra work, but now the list is essentially clean. So clean, that I can do the handful that come in “manually”.