Are the emailR and gmailR packages secure for sending automated email`s?

Hey, Iam new to this Forum and pretty new to the R/R-Studio World. My Question relates to the mailR and gmailR (in general all email-) packages. I was happy finding packages like this and wanted to start as i read, that the smtp-protocol is used. I googled and saw that it isntt secure . No wonder, because it wasnt meant to be.... So i searched around to find out if the packages are safe or if the used email clients secure it.
So as far as i understand (I am not a software engineer...) does the email get encrypted by the email provider. But does the way from the code to the email provider get encrypted? And i read that you shouldnt store youre password in the code itself. I usually wouldnt do it of course but you can only get to the code if you hack the Pc or Server?
You see i got a couple of questions which maybe can be awnsered easy by you.
Thanks forwarding.

There are (at least) two ways to make email secure.

  1. Make the system handling the messages secure so that people can't sneak in and listen to the message

  2. Encrypt the actual message.

If you are sending an email from someone@gmail.com to someother.person@gmail.com the. 1 becomes possible. If you are sending from someone@gmail.com to me@myinsecure-server.com then nothing Gmail can do is secure.

So the alternative is to encrypt the email rather than the SMTP connection, Which might mean having a encrypted attachment that is attached to a normal email or in theory you can encrypt the email (but that's depending on a recipient being able to unencrypt)

So if Iam sending an email from a gmail to a gmail adress, it is secure?

That's probably a question for Gmail.

But if you are asking:

  • if I either SMTP or use the API is the inbound transmission secure?
    -- Gmail insists on a SSL/TLS connection from SMTP. So it should be difficult to snif the data in transit. The API uses SSL (like a padlock website would)

  • once in Gmail server do I need to worry about security?

-- difficult to definitely answer. But probably fine for most things. If you were an Enemy of the state you might worry what can be accessed with special power...

  • if the end recipient uses a 'less secure' client couldthe email.becoke insecure.

-- two issues here. Can the client use IMAP/POP to read the email with no encryption AND does it let you save attachments etc to the (?insecure) desktop?

--- IMAP and POP security is enabled, so that bit should be fine. But... The client is always the challenge. But you are now waay beyond anything that R should need to factor in.

1 Like

Thanks for the nice replies.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

If you have a query related to it or one of the replies, start a new topic and refer back with a link.