1. Knowledge Base
  2. MDaemon® Email Server

How to setup MultiPOP for use with Google using OAuth

Google announced that it will begin blocking less secure authentication (LSA) methods. This includes MDaemon's original authentication method used for MultiPOP. MDaemon 23.0.0 supports OAuth for continued use MultiPOP for Google accounts.

HTTPS for MDaemon Webmail must be enabled with a valid certificate.  Self-signed certificates are not recommended. 

  • Go to the Google API console: https://console.developers.google.com/
  • Create a new project
  • Click OAuth consent screen
  • Select External
  • Click Create
  • Enter an App name, User support email address, and Developer contact address
  • Click Save and Continue
  • Click Add or remove scopes
  • Under Manually add scopes enter https://mail.google.com/
  • Click Add to Table
  • Click Update
  • Click Save and Continue
  • Click Add users under Test users
  • Enter the user(s)
    In most cases, this should be the google address.
  • Click Add
  • Click Save and Continue
  • Click Back to Dashboard
  • Select Credentials
  • Click + Create Credentials
  • Select OAuth client ID
  • Select Web application for Application type.
  • Enter Name
  • Enter the following in the Authorized redirect URIs section:
    https://mail.company.test/WorldClient.dll?View=OAuth&AuthRequest=GMail
    NOTE - Change mail.company.test to the FQDN of the MDaemon server
  • Click Create
  • Copy the Client ID and Client Secret to a secure location.

In MDaemon:

  • Open the MDaemon GUI
  • Select Setup
  • Select Server Settings
  • Select MultiPOP
  • Select Enable MultiPOP
  • Enter the Client ID and Client Secret under the Gmail section.
    mdaemon_gui_oauth_multipop_2
  • Click OK

To create a new MultiPOP profile for a user:

  • Open MDaemon 
  • Select Accounts
  • Select Edit Account
  • Double click on the account  to open the account in the Account Editor.
  • Select MultiPOP
  • Select Enable MultiPOP
  • Enter pop.gmail.com:995 for the Server text box.
  • Enter the Gmail address in the Logon text box. 
  • Enter the Gmail address password in the Password text box. 
  • Verify Enable this entry is checked.
  • Check the Leave a copy of message on POP server if desired. 
  • Select Use OAuth
  • Choose the number of days to delete messages older than. (0 = never delete)
  • Choose the maximum size of messages that MDaemon should download. (0 = no limit)

For existing MultiPOP profiles, administrators will need to enable OAuth for each MultiPOP profile. 

  • Open MDaemon
  • Select Accounts
  • Select Edit Account
  • Double click on the account  to open the account in the Account Editor.
  • Select MultiPOP in the Account Editor menu.
  • Select the MultiPOP account to modify.
  • Verify pop.gmail.com:995 is entered in the Server text box. 
  • Click Use OAuth
  • Click Replace
    oauth_gmail_mdaemon_multipop_2
  • Click OK

Alternatively, the MultiPOP profile can be created or edited in MDaemon's Remote Administration:

  1. Login to Remote Administration as a global or domain admin.
  2. Select Account Manager
  3. Double click the account to edit. 
  4. Select MultiPOP from the Account Settings
  5. Double Click on the host or select the host and click Edit to edit an existing profile or click New to create a new MutliPOP profile. 
  6. Check the Use OAuth checkbox.
    oauth_gmail_mdra_multipop
  7. Click Save and Close

End Users must have ...edit MultiPOP settings enabled in order to authorize the account with Google. 

  1. Open MDaemon
  2. Select Accounts
  3. Select Edit Account
  4. Double click on the account to edit to bring up the Account Editor. 
  5. Select Web Services
  6. Verify that ...edit MultiPOP settings is enabled.
  7. Click Ok

Once enabled, the end user will need to perform the steps below to authorize MDaemon to connect to the Google account.

  1. Log in to Webmail
  2. Select Settings (Gear Icon)
  3. Select Mailboxes
  4. Click the Authorize button for the Google account.
  5. Click Connect to Gmail
  6. Select your Gmail account and sign in.
  7. Click Accept on the Permissions requested page.
  8. Close the popup window after successful authorization.