This is a really great article! It would have helped me a lot when I started writing an IMAP library. I initially underestimated the headaches that come with the IMAP server being able to send responses at (mostly) any time.
> Note: If you want to connect to Gmail through IMAP, you need AUTH=XOAUTH2 or AUTH=OAUTH2. This requires registering an App with Google to create the necessary tokens. It’s not trivial and took me an hour to do using a Python script I downloaded from the Internet.
> Unfortunately, you can’t speak IMAP with Google by any other means. It’s good for security but complicates testing.
I don’t think this is true (although Google definitely pushes you to use OAuth). If you make an app-specific password in Google’s settings, you can login using the app-specific password, e.g. `a000 login “[email protected]” “appspecificpasswordhere”`. Unfortunately this wasn’t super well-documented and may not be something Google supports forever.
If you have an email client that doesn't speak OAuth and you can't/won't set up 2FA then this proxy of mine lets you use any IMAP (or POP/SMTP) client with an OAuth email provider, regardless of whether it supports OAuth 2.0 natively: https://github.com/simonrob/email-oauth2-proxy. No need for your client to know about OAuth at all.