Easy POP for Thunderbird Gmail >5/30/2022

Lately I've been getting dire warnings from Google that my POP SMTP Gmail accounts won't work on Thunderbird (aka Tbird) after the end of May 2022. They grumbled about "insecure access" but I couldn't find any clear guidance on exactly what they will require (especially for POP/SMTP), what my options are, or exactly how to proceed. I have email going back to the 1990s stored in mailboxes on my computer and want to keep using Gmail that way. At first I thought Google will now demand IMAP, so I wasted time trying to find out how to set that up so new email could still be stored on my computer.

Now it seems clear the only requirements are the latest Tbird version, and OAuth2 login rather than password. Now I'm able to login automatically in Tbird Ubuntu and keep using POP for local storage. Despite reports to the contrary, it's working fine with no annoying 2FA (two-factor authentication, where you have to get a code via text every time you check or send email). I've never used 2FA for Gmail but if you do, it's apparently a setting you can toggle off/on via a Gmail web login or presumably in their app (I've never used that). I didn't need to change any setting other than OAuth2, in the two server settings (incoming and outgoing mail) for each of my various Gmail accounts.

In the hope it may be helpful for others, here are the quick and easy steps I used to stay with POP in Tbird on Ubuntu Linux (same settings for Tbird in any OS, though the menu locations may be different). After figuring all this out, actually doing these steps took me two minutes or less for each of my Gmail accounts. If you use IMAP, some of this will probably be helpful but I've not tested it. From what I've read (links below), this will continue to work for POP after May 30. If not (does anyone actually know for sure?), I'll update.

  1. Check that you're using Tbird version 91.8.1 or later:
    *In Tbird click Help -> About Thunderbird. Update if needed.
    *Also ensure that any installed Anti-Viral add-ons or apps are temporarily disabled.

  2. Turn on JavaScript (can turn off again after you send/receive email in Step 7 below):
    *Edit -> Preferences -> General -> Config Editor
    In the search box type: javascript. On the line containing javascript.enabled if it's
    set to false, click the left/right arrow symbol to change it to true.

  3. Turn on Cookies (can turn off again after you send/receive email):
    *Edit -> Preferences -> Privacy & Security -> Accept cookies from sites [Checkbox ON]
    (can set "3rd Party" to Never and "Keep till" to Close Tbird for extra security)

If you have more than one Gmail account the above steps are done once for all accounts, then the following steps need to be done for each account.

  1. Switch each account's Incoming email from Password to OAuth2 for Gmail login:
    *Edit -> Account Settings -> [your account name] -> Edit SMTP server
    In the lines in the popup box use the settings below:
    Server Name: smtp.gmail.com
    Port: 995
    Connection security: SSL/TLS
    Authentication method: OAuth2

  2. Switch each account's Outgoing email from Password to OAuth2 for Gmail login:
    *Edit -> Account Settings -> Outgoing Server (SMTP)
    Click the server name and Edit in the upper box.
    In these lines in the popup box use the settings below.
    Server Name: smtp.gmail.com
    Port: 465
    Connection security: SSL/TLS
    Authentication method: OAuth2

  3. Though they apparently won't be used after this, have your password(s) handy during this process and then store them somewhere you can find if needed again later.

  4. Get and then send email for each of your Thunderbird Gmail accounts. When you do each of these things, a big window will pop up asking for your login and password for each account. Then a message that you're allowing Tbird to access your email, and a checkbox to confirm that you actually trust anyone other than Google with such a policy (I actually trust Tbird more than Google, but that's another topic). Anyway, once I'd done that for both sending and receiving email, Tbird worked as quickly and effortlessly as it had before Google opaquely made things "safer."

  5. If desired, turn off cookies and javascript once for all accounts (steps 2 & 3 above). I find Tbird still works perfectly with those off, and I like to imagine that having them off provides a tiny bit of extra privacy & security. If OAuth2 relies on a cookie to store login ID and at some point Tbird stops working again, it may be that cookies need to be turned on again temporarily to update it (possibly requiring your old password).

Please post a followup if you have additional info, questions, additional suggestions, or find errors.

LINKS:
https://support.mozilla.org/en-US/questions/1369823
https://www.ghacks.net/2022/04/06/thunderbird-91-8-0-makes-important-changes-to-google-mail-accounts/
https://support.google.com/mail/thread/153536397/can-t-pop-emails-via-thunderbird-with-2fa-set-in-google-accounts?hl=en

Thunderbird Anti-Virus Add-ons may cause problems:
https://support.mozilla.org/en-US/questions/1369790
(possibly fixed by doing the Password to OAuth2 change with Extensions/Add-Ons turned off or launching Thunderbird in Safe Mode)

2 Likes