Support » Plugin: WP Mail SMTP by WPForms » granting access – really?

  • Resolved rapidasia

    (@rapidasia)


    Hi – thanks for your plugin, but I have a concern

    when verifying gmail for smtp it requires

    Select what wpmailsmtp.com can access
    Read, compose, send, and permanently delete all your email from Gmail.

    is that really what we’re required to do? grant complete access to swpmailsmtp.com? is it just me or does that sound insane?

    please explain a little, thanks

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Darshana

    (@darshanaw)

    Hi @rapidasia,

    Thanks for reaching out! The WP Mail SMTP plugin uses various scopes of API to perform different tasks. For example, to send emails there’s one scope and to retrieve basic user info (like your optional Gmail alias addresses), there’s another scope.

    As I have checked with our developers, we use the global scope to connect with Gmail / Google Workspace email platforms. In this way, if we push an update for a different scope, it will still be backward compatible. So the existing users won’t have to recreate Google connection every time when there’s an API scope change.

    Within the WP Mail SMTP Gmail mailer, we don’t delete emails, though it falls under the global API scope.

    I hope this helps.

    Thread Starter rapidasia

    (@rapidasia)

    thanks for the detailed reply.

    there is a certain risk we need to accept here.

    unfortunately I use my own personal primary gmail account to also go with some of my websites… which raises some security risks — even as low a risk as they might be, they do exist

    I’ll need to put in the work to separate my gmail accounts. uggh

    Thanks —

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.