Gmail SMTP is Google’s outgoing mail server that lets any app, script, or email client send emails through your Gmail account. The server address is smtp.gmail.com. It supports two ports — 587 (STARTTLS) and 465 (SSL/TLS) — and requires authentication with your Google account credentials. Since Google stopped allowing plain passwords for third-party apps in 2022, you’ll need an App Password unless your app supports OAuth 2.0. This guide covers the exact settings, how to get that App Password, and working code examples in PHP, Python, and Node.js.
:::note[TL;DR]
- SMTP server:
smtp.gmail.com - Port 587 (STARTTLS) or 465 (SSL) — use 587 unless your client forces 465
- Authentication: your Gmail address + an App Password (not your regular password)
- 2FA must be enabled on your Google account to create App Passwords
- Daily sending limit: 500 recipients/day for personal accounts :::
What are the Gmail SMTP server settings?
Here’s the full settings table. Keep this bookmarked.
| Setting | Value |
|---|---|
| SMTP Server | smtp.gmail.com |
| Port (STARTTLS) | 587 |
| Port (SSL/TLS) | 465 |
| Encryption | STARTTLS (preferred) or SSL/TLS |
| Authentication | Required |
| Username | Your full Gmail address |
| Password | App Password (16-character code) |
Port 587 with STARTTLS is the current recommended standard. Port 465 is technically “deprecated” by the RFC, but most clients still support it and Google keeps it running. Port 25 is blocked by most ISPs and doesn’t work for Gmail SMTP authentication anyway — don’t bother.
How do I create an App Password for Gmail SMTP?
This is the part most people get stuck on. Google removed “less secure app access” in May 2022, so your regular Gmail password won’t work here. You need an App Password.
Requirements: You must have 2-Step Verification (2FA) turned on. If you don’t have it on, go to your Google Account settings and enable it first. It takes two minutes.
Steps:
- Go to your Google Account
- Click Security in the left sidebar
- Under “How you sign in to Google”, click 2-Step Verification
- Scroll down to the bottom — you’ll see App passwords
- Click it, then choose “Other (Custom name)” from the dropdown
- Name it something like “My App SMTP” and click Generate
- Google shows you a 16-character password like
abcd efgh ijkl mnop— copy it now, you won’t see it again
That 16-character code (spaces included or stripped, both work) is what you’ll use as the password in your SMTP config.
The Scenario: You built a contact form for a client’s website and tested it locally — it worked fine. You deploy to production and suddenly the “Send” button does nothing. The server logs say
535 Authentication Failed. You’re three hours into debugging. The fix is one App Password. It takes four minutes to generate.
How do I configure Gmail SMTP in an email client?
For Mozilla Thunderbird (or any standard email client):
- Account Settings → Outgoing Server (SMTP) → Add
- Server Name:
smtp.gmail.com - Port:
587 - Connection Security:
STARTTLS - Authentication Method:
Normal password - Username: your full Gmail address (
[email protected]) - Password: the 16-character App Password
The same values work for Apple Mail, Outlook desktop, and any other client that lets you manually enter SMTP settings.
How do I send email via Gmail SMTP in code?
PHP with PHPMailer
PHPMailer is the standard for PHP email sending. Install it via Composer:
composer require phpmailer/phpmailerHere’s a minimal working example. Replace the credentials with your own:
<?php
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
require 'vendor/autoload.php';
$mail = new PHPMailer(true);
$mail->isSMTP();
$mail->Host = 'smtp.gmail.com';
$mail->SMTPAuth = true;
$mail->Username = '[email protected]'; // Your Gmail address
$mail->Password = 'abcdefghijklmnop'; // App Password (no spaces)
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = 587;
$mail->setFrom('[email protected]', 'Your Name');
$mail->addAddress('[email protected]');
$mail->Subject = 'Test Email via Gmail SMTP';
$mail->Body = 'This is a test email sent through Gmail SMTP.';
$mail->send();
echo 'Message sent.';The SMTPSecure = ENCRYPTION_STARTTLS with Port = 587 is the combination that works reliably. If you’re on a legacy setup that forces SSL, swap to ENCRYPTION_SMTPS and port 465.
Python with smtplib
Python’s standard library has everything you need — no extra packages:
import smtplib
from email.mime.text import MIMEText
smtp_server = "smtp.gmail.com"
port = 587
sender = "[email protected]"
password = "abcdefghijklmnop" # App Password
msg = MIMEText("This is a test email sent through Gmail SMTP.")
msg["Subject"] = "Test Email via Gmail SMTP"
msg["From"] = sender
msg["To"] = "[email protected]"
# Connect, upgrade to TLS, login, send
with smtplib.SMTP(smtp_server, port) as server:
server.ehlo()
server.starttls() # Upgrade the connection to TLS
server.login(sender, password)
server.sendmail(sender, "[email protected]", msg.as_string())
print("Email sent.")The starttls() call is mandatory on port 587. Skip it and you’ll get a plain-text authentication error.
Node.js with Nodemailer
Install Nodemailer first:
npm install nodemailerconst nodemailer = require("nodemailer");
const transporter = nodemailer.createTransport({
host: "smtp.gmail.com",
port: 587,
secure: false, // false = STARTTLS; true = SSL on port 465
auth: {
user: "[email protected]",
pass: "abcdefghijklmnop", // App Password
},
});
async function sendMail() {
const info = await transporter.sendMail({
from: '"Your Name" <[email protected]>',
to: "[email protected]",
subject: "Test Email via Gmail SMTP",
text: "This is a test email sent through Gmail SMTP.",
});
console.log("Message sent:", info.messageId);
}
sendMail().catch(console.error);Note secure: false when using port 587 — Nodemailer uses STARTTLS automatically when secure is false and port is 587. Set secure: true only if you’re switching to port 465.
What are the Gmail SMTP sending limits?
Gmail imposes daily sending limits. If you hit them, emails silently fail or bounce:
| Account Type | Daily Limit |
|---|---|
Free Gmail (@gmail.com) | 500 recipients/day |
| Google Workspace (paid) | 2,000 recipients/day |
If you’re sending marketing emails, newsletters, or transactional notifications at volume, Gmail SMTP isn’t the right tool — you’ll hit the cap fast. Use a dedicated service like SendGrid or Amazon SES instead.
Common Gmail SMTP errors and how to fix them
535-5.7.8 Username and Password not accepted You used your regular Gmail password instead of an App Password. Generate one (steps above) and try again. Also check that 2FA is actually enabled — App Passwords don’t appear in Security settings until it is.
534-5.7.9 Application-specific password required Same root cause. App Password is missing.
Connection timeout / can’t connect on port 587 Your server or ISP is blocking outbound port 587. Try port 465 with SSL instead. Some cloud hosts (AWS EC2, for example) block port 25 and 587 by default — check your security group or firewall rules.
530 5.7.0 Must issue a STARTTLS command first
Your code connected on port 587 but didn’t call STARTTLS. Check that the starttls() or ENCRYPTION_STARTTLS setting is actually being applied.
For managing the emails arriving in Gmail, check out how Gmail aliases work — useful for filtering replies from your SMTP-sent messages.
FAQ
Can I use Gmail SMTP without 2FA?
No. Google removed “less secure app access” in 2022. You must enable 2-Step Verification to create App Passwords. There’s no way around this for third-party SMTP authentication.
Does Gmail SMTP work for sending from a custom domain?
Not directly. Gmail SMTP sends from your @gmail.com address. If you want to send from [email protected] through Gmail, you need to configure it under Gmail Settings > Accounts > Send mail as, and that requires your domain’s own SMTP server or a relay. For custom domains, Zoho SMTP or Outlook SMTP are better fits.
Is there a free alternative to Gmail SMTP for high-volume sending?
Yes. SendGrid offers 100 emails/day free. Amazon SES offers 62,000 emails/month free if you’re sending from an EC2 instance. Both are built for transactional email at scale.
Can I use Gmail SMTP on port 25?
No. Google blocks outbound connections on port 25 for Gmail SMTP. Use port 587 (STARTTLS) or 465 (SSL).
Does Gmail SMTP work with OAuth 2.0?
Yes, and it’s the more secure option if you’re building a production app. Instead of an App Password, you use OAuth tokens. It’s more complex to implement but removes the credential storage problem. For simple scripts and personal projects, App Passwords are fine.
What to Read Next
- How to Use Outlook SMTP Server for Sending Email — Microsoft’s SMTP setup, including the SMTP AUTH gotcha for Microsoft 365
- How to Use Zoho Mail SMTP Server for Sending Email — good for custom domain email with a free tier
- The Gmail Secret: Unlimited Email Addresses from One Account — use Plus addressing to track which services leak your email
