fbpx

Securely Send Mail from Code with Python

Share This!

Facebook
LinkedIn
Twitter
Email

Securely send mail from code: Sending mail with Python is very easy. just a few lines of code. But what that password that you are writing in your source code?

Let’s talk about sending emails with Python first.

Send mail in 4 Lines of Code with Python

I cover this in my free course on Monitoring Online Store Prices. You can sign-up and see how to send mail along with topics like web scrapping and CSV. Here is the simple code:

with smtplib.SMTP("smtp.gmail.com",587) as smtp:
    smtp.starttls()
    smtp.login(USER, PASS)
    smtp.sendmail(from_address, to_address, message_text)

Note that I have not used ehlo()— read as “Hello”. This is optional here as it is sent anyway in the background. Your code would work without it but include if you get errors. See my free course for the working example.

The above will not send a subject. If you want to send Subjet too, create a string with this syntax where xxx is your subject line yyy is your mail body – Subject:xxx\n\nyyy

subject_and_message = f"Subject:{subject}\n\n{body}"
smtp.sendmail(from_address, to_address, subject_and_message)

Wait! This code will not work until you turn on this setting in Google account

Turn on Less Secure Apps

Note that for this code to work, you would need to turn on Less Secure Apps in Google Account settings. More on this later. Let’s talk about the security loopholes here.

Security Loophole – Password in your code!

The biggest loophole in this code is that USER and PASS need to be stored in the code somewhere. This obviously is a huge security loophole.

You can remove it from the code by:

  • Save it in a separate file and add to .gitignore so that it is not saved in the code repository
  • Better yet, create an environment variable on the machine where the code is running and in the source code, just read this.
import os

# Print all variables as key-value pairs
print(os.environ) 

# Returns value of variable PASS. Raises KeyError if not found
os.environ['PASS']

# Returns value of variable PASS. Returns None if not found
os.environ.get('PASS') 

# Returns value of variable PASS. Returns DEFAULT if not found
os.environ.get('PASS','DEFAULT') 

This should take care of the loophole one.

Now about to Less secure apps. Without turning it on, Google will not allow you to send mail programmatically without it and turning it on will “make it easier for hackers to get into your account.”

So what is the best way to secure your account? The answer is two-factor authentication. So you would need your password AND a second temporary password, like a code from SMS, to log into your account.

The problem is that if you can’t use two-factor authentication programmatically.

Does it sound like catch-22? Actually, Google has an answer:

Meet App Passwords

Securely send mail from code is possible with App Passwords.

These are special 16 character passwords, generated by Google to be used by apps only. These will bypass two-factor authentication, but cannot be used to login to your Google account directly.

Go to https://myaccount.google.com/apppasswords to create one and use that for your programming needs!

learn Web Scraping with Python in ONE HOUR?

Sign-up now for our Free Course!

Leave a Reply

Your email address will not be published. Required fields are marked *

More To Explore

Ready To

Say bye to the boring courses that put you to sleep immediately.

Learn how to monitor online store prices, save data to CSV file, and even send mail alerts—all of this in less than 1 hour!

Enter your details to receive your invite for FREE.

learning Python Can be fun!

Most Python courses are dull and boring. They talk for hours theory that you would probably never use. For many hours, you just talk about is not relatable because all they teach you is just printing 1 to 10 in different ways

No more boring theory

Learn a skill that can be used right now!

Take FREE Course

Monitor Price with Python in ONE Hour

This course will begin with installing Python and end with a program that would monitor prices of your favorite product at your favorite online store.
You would learn:
    Basics of Python
    Web scraping
    Working with CSV files
    Sending emails