Search code examples
ssl-certificategmail-imapmu

Synchronise and read Gmail offline, using isync OR offlineimap

My goal is to sync my emails from a Gmail account and index them to search and read within Emacs. The latter is not yet relevant as I cannot get the emails to sync to my laptop.

I am running Mavericks and so working in Mac Terminal.

I have followed SO accepted answer and the answer in the same thread trying to use offlineimap, as well as a second method in this (more promising) tutorial on using isync (and so mbsync). Both ways end up using mu and the interface for Emacs: mu4e.

The certificates are not being read/interpreted correctly. I do not know why as I do not understand the error messages. Here is the one from offlineimap :

> OfflineIMAP 6.5.7
  Licensed under the GNU GPL v2 or any later version (with an OpenSSL exception)
Account sync Gmail:
 *** Processing account Gmail
 Establishing connection to imap.gmail.com:993
 PLAIN authentication failed: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
 LOGIN authentication failed: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
 ERROR: All authentication types failed:
    PLAIN: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
    LOGIN: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
 *** Finished account 'Gmail' in 0:01
ERROR: Exceptions occurred during the run!
ERROR: All authentication types failed:
    PLAIN: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
    LOGIN: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
> 
> Traceback:   File
> "/usr/local/Cellar/offline-imap/6.5.7/libexec/offlineimap/accounts.py",
> line 263, in syncrunner
>     self.__sync()   File "/usr/local/Cellar/offline-imap/6.5.7/libexec/offlineimap/accounts.py",
> line 326, in __sync
>     remoterepos.getfolders()   File "/usr/local/Cellar/offline-imap/6.5.7/libexec/offlineimap/repository/IMAP.py",
> line 351, in getfolders
>     imapobj = self.imapserver.acquireconnection()   File "/usr/local/Cellar/offline-imap/6.5.7/libexec/offlineimap/imapserver.py",
> line 451, in acquireconnection
>     self.__authn_helper(imapobj)   File "/usr/local/Cellar/offline-imap/6.5.7/libexec/offlineimap/imapserver.py",
> line 366, in __authn_helper
>     "failed:\n\t%s"% msg, OfflineImapError.ERROR.REPO)

Here is the one from mbsync:

> C: 0/3  B: 0/2  M: +0/0 *0/0 #0/0  S: +0/0 *0/0 #0/0
Error while loading certificate file '/usr/local/etc/openssl/certs/Equifax.crt': error:00000000:lib(0):func(0):reason(0)
C: 3/3  B: 0/2  M: +0/0 *0/0 #0/0  S: +0/0 *0/0 #0/0

I have installed everything with Homebrew and am using the folders as per the tutorials. The problem is coming from the certificates, but I don't know what the problem could be. I have the setting within Gmail to allow IMAP and also allowed connection for less secure apps.

How might I deal with the certificates differently?

Solution

  • For the offlineimap error, Google is complaining that you aren't using Oauth2. I got past the same offlineimap issue following the explanation here: https://github.com/OfflineIMAP/offlineimap/issues/228

    You need to configure your .offlineimaprc to use Oauth2 instead of specifying a username/password. Here's the template and instructions on how to generate the tokens: https://github.com/OfflineIMAP/offlineimap/blob/master/offlineimap.conf#L764

    Here's the important settings:

    auth_mechanisms = GSSAPI, CRAM-MD5, XOAUTH2, PLAIN, LOGIN
oauth2_client_secret = ...
oauth2_client_id = ...
oauth2_refresh_token = ...