Emails landing with red banner in gmail inbox - google-cloud-platform

Suddenly all the emails sent through gmail api are landing with a red banner in recipients inbox as shown below.
So, I created a new OAuth ClientID in Google Cloud platform and used those credentials to provide access to my test gmail account. Then I sent emails using Gmail Api and emails are landing in inbox without any red banner which is good.
But we need to use the same old OAuth ClientID as we have so many users who provided access to it. If we change these ClientID and ClientSecret to use the new one, we need all our users to re-authorize, which we don't want to do. Can someone help why the existing OAuth Client ID is throwing this red banner in recipients mailbox?

As stated in this blog, this warning message speaks about one of the security measures taken by Google. Also from this related SO post, either your message contains a scam web page that steal users informations or the Domain/IP of your server has been used in the past for stealing personal informations. Check if IP is blacklisted on Mxtoolbox Configure Reverse DNS (Match your domain name with your IP), SPF and DKIM, Send legitimate email and everything will be fine.

Related

How can I allow users to send emails through my django app but coming from their own gmail account?

I have a django app where users can send emails through the app to contacts that they upload themselves. I use Sendgrid to send the email and the recipient receives an email from a "white-label" address like hello#mydomain.com
Now, I would like to implement a system where I can allow users to send emails through our app but that those emails are sent by their own email address. To make it simple, let's just consider "Gmail" and if a user want they can "login with their gmail account" on my app and then send emails from my app that are sent from their account... I know that Gmail has an API and I wonder if I can leverage it to do what I need.
You can definitely send emails using Gmail API methods but keep in mind the below stated in their official documentation:
Note: The Gmail API shouldn't be used to replace IMAP for developing a
full-fledged email client. Instead, see IMAP, POP, and SMTP.
As they recommend, you could integrate IMAP/SMTP features in your application so users can authenticate/provide access to their accounts and achieve your goal of having emails sent from their accounts.

Using sendgrid domain authentication sends email to spam in Django

I am trying to send email from my Django application. For this, I have used Twilio SendGrid service. Though my application can send the email, it ends up in spam folder. So, I have followed this tutorial to authenticate my domain which I bought from AWS route 53. In sendgrid, the domain authentication status shows 'verified' but the emails are still sent to spam folder. I have not created any MX or TXT record in DNS setting as the tutorial says it was created automatically during domain authentication in sendgrid.
One thing I have noticed that the email still shows, 'via.sendgrid.net' message (attached an image below) with the email. Whereas it should be my authenticated domain name. I have created sendgrid account with an outlook email and using that address to send email from Django app. Is this the reason my emails are going to spam? Or can anyone please help me to find a solution for this problem? Thanks in advance.
FYI: I have done 'Single Sender Verification' in sendgrid during developing this app. But now I have deployed it in aws. I guess this feature is still working instead of 'Domain Authentication'.

Approved & Published Google OAuth consent screen still gives "This app isn't verified" Error

I submitted changes to my OAuth consent screen.
Name change
logo update,
2 new scopes
domain change
Google contacted me to send them a video that show how I would be using the 2 new scopes. I did this and after that they approved everything. The verification status changed to "Published" and all domains and scopes have a green tick next to them.
I can see the logo & name change when I do a normal login. When I request the new scopes on the screen where it is needed I still see the "This app isn't verified".
I have confirmed that I am sending only the scopes in the consent screen.
openid
profile
email
https://www.googleapis.com/auth/calendar.events
https://www.googleapis.com/auth/calendar.readonly
I replied to the emails that google sent me to ask if there is still something that needs to be approved, they just reply and ask for a video. It looks like an automated response, but then I send them another video.
What more needs to be done to get the app verified? I did go through all their documentation.
Problem is that Google was correct and the scopes the app was submitting is incorrect.
What was approved by google:
https://www.googleapis.com/auth/calendar.events
https://www.googleapis.com/auth/calendar.events.readonly
But the app was requesting:
https://www.googleapis.com/auth/calendar.events
https://www.googleapis.com/auth/calendar.readonly
Almost the same, but not. Always triple check that what you are sending is the same as what is allowed.

Multiple MX Records

We have a site on Google Cloud, let's call it 'main.co.uk'
and a subdomain site called 'forum'.
We are using Gmail business for main.co.uk emails, verified by MX records, SPF etc
Now what's confusing me is using mailgun for sending mail for 'forum'.
I know we can have multiple MX Records for main.co.uk but is there a good way to do this? do we set different priorities? Will we get issues with mailgun and Google trying to handle incoming mail?
Any advice would be great.
Using mailgun for sending emails does not involve MX records. Services like mailgun will use credentials for one of your email servers and will act like an email client program. Mailgun will authenticate and then upload email to the email server. There is also the option for programs like mailgun to act as an SMTP server for your domain (you can have more than one sending server).
Mailgun can also be configured as an email server for receiving email. However, you do not replace your existing email server, instead you create a subdomain that is then managed by mailgun. In this use case all incoming emails for that subdomain someone#mailgun.example.com are then processed by mailgun. This is similar to having multiple email accounts that you need to login into to read your email. The intent here is for mailgun to apply intelligence to the sending and processing of your email campaigns by managing email bounces, click throughs, etc.
MX records specify the mail server responsible for accepting email. You can have multiple MX records with different priorities but they are pointing to the same email system (collection of servers storing your inbox), not to different servers at different providers. For example, you would not have one MX record point to Gmail and another MX record pointing to Office 365 (or mailgun and Google). Multiple MX records support fault tolerance and failover, not multiple providers.
You can have an email server setup for main.co.uk and another email server setup for forum.main.co.uk but these are separate email server setups (I am ignoring email aliasing). You can have mailgun send email for someone#forum.main.co.uk with a return address anotherperson#main.co.uk. Normally you want to keep the sender address and return address the same so that SPAM filters don't kick in.
In summary, use mailgun to send emails from your website and / or email marketing campaigns and a normal email system (Office 365, Gmail, etc.) for everything else but have them setup as separate independent email systems.

How to retrieve email addresses from my gmail account?

I am writing an "Invite Users" feature for my website.
I wanted the user to enter his gmail credentials or facebook credentials, and I wanted to send emails to the friends he chooses from.
Although I found out that you cannot send privates messages to your friends on FB via the API.
How can I accomplish the same using google / gmail ?
You should use the Google Contacts API along with OAuth. Accepting the user's GMail ID and password on your own site is never a good idea. http://code.google.com/apis/contacts/