Client Area
cPanel HostingDirectAdmin HostingWebuzo HostingWindows HostingReseller HostingApp PlatformNewCompare All Plans →
VPS HostingPopularLXC ContainersCloud ServersBare MetalServer ManagementDevOps ServicesCompare All Servers →
Domain RegistrationDomain Transfer.IN RegistrarBharat DomainsDomain PricingSearch Domains →
Website DevelopmentWeb ApplicationsSaaS DevelopmentMobile AppsE-CommerceAPI DevelopmentSEO ServicesDigital MarketingView All Services →
All SolutionsWebsite BuilderProfessional EmailE-CommerceDevelopersEnterpriseBrand Protection
Support CenterSubmit a TicketTrack TicketKnowledge BaseFAQ
About UsContact UsAffiliate ProgramBlog
Free ConsultationClient Area
Email Client Setup (Outlook, Mobile)Intermediate

Google Workspace Email Settings: Ports, Servers, SSL & Client Configuration Guide

8 min readPublished 4 Mar 2026Updated 14 Apr 20264,312 views

In this article

  • 1Table of Contents
  • 21. Google Workspace Server Settings & Port Numbers
  • 3Incoming Mail (IMAP & POP3)
  • 4Outgoing Mail (SMTP)
  • 5SMTP Relay (for Printers, Servers & Applications)

Secure. Reliable. Scalable. Whether you're setting up your business email on Outlook, Apple Mail, Thunderbird, or a mobile device -- this guide delivers everything you need for a smooth and secure email experience with Google Workspace (G Suite).

Table of Contents

  1. Google Workspace Email Server Settings

  2. Step-by-Step Setup for Popular Clients

  3. SMTP Relay Setup for Devices & Apps

  4. Authentication Methods & Security

  5. Admin Tips & Security Best Practices

  6. Common Troubleshooting Tips

  7. Final Thoughts

1. Google Workspace Server Settings & Port Numbers

To ensure seamless email delivery and secure access, Google Workspace provides industry-standard mail server settings compatible with all modern email clients. Below is a comprehensive breakdown of each service, its purpose, configuration details, and recommended usage.

Incoming Mail (IMAP & POP3)

Service Server Address Port Encryption Authentication
IMAP (Recommended) imap.gmail.com 993 SSL/TLS (Always ON) Yes
POP3 pop.gmail.com 995 SSL/TLS (Always ON) Yes

IMAP (Internet Message Access Protocol)

  • Recommended for all modern clients

  • Keeps emails synced across devices (webmail, desktop, mobile)

  • Perfect for accessing emails from multiple locations

Use case: Ideal for professionals who access email from laptops, phones, and tablets interchangeably.

POP3 (Post Office Protocol)

  • Downloads email to a single device and removes it from the server (unless configured otherwise)

  • Useful in limited-storage or offline environments

Use case: Best for legacy systems or single-device configurations where email archiving is done locally.

Outgoing Mail (SMTP)

Service Server Address Port Options Encryption Authentication
SMTP (Standard) smtp.gmail.com 465 (SSL)
587 (STARTTLS)		 SSL / STARTTLS Yes

SMTP (Simple Mail Transfer Protocol)

  • Required for sending emails from any client (Outlook, Thunderbird, Apple Mail)

  • Supports both implicit SSL (465) and explicit STARTTLS (587) encryption

  • Compatible with OAuth2 and App Passwords

Recommendation:

  • Use Port 587 (STARTTLS) for most modern email clients

  • Use Port 465 (SSL) if your device doesn't support STARTTLS

SMTP Relay (for Printers, Servers & Applications)

Service Server Address Port Options Encryption Authentication
SMTP Relay smtp-relay.gmail.com 25, 465, 587 SSL / STARTTLS IP-based or OAuth2

What is SMTP Relay

SMTP Relay is used for automated systems and devices that need to send emails, like:

  • Multifunction printers (MFDs)

  • ERP/CRM systems

  • Alerting/monitoring tools (e.g., Nagios, Zabbix)

Configuration Notes:

  • You can restrict relay access by IP address via Google Admin Console.

  • Email must originate from a domain you own.

  • Google enforces SPF checks, so ensure your domain's DNS includes:

    include:_spf.google.com

  • Authentication Methods: Secure Access to Google Workspace Mail

    Starting May 2025, Google Workspace has permanently disabled Basic Authentication (username + password) for third-party email clients. This change enhances security and requires users to switch to modern, token-based login methods like OAuth 2.0 or App Passwords.

    Deprecated: Basic Authentication (No Longer Supported)

    Method Details
    Basic Auth (Username + Password) Login using only email and password
    Status: Blocked As of May 2025, all connections using Basic Auth are rejected

    Why was it deprecated

    • Vulnerable to brute-force attacks and phishing

    • Lacks token lifecycle management

    • Insecure over non-encrypted channels

    Impact: If your email client still prompts for a basic password login, it will fail to authenticate.

    Authentication Type Best For Supported Clients
    OAuth 2.0 Most modern apps (secure & automatic) Gmail App, Outlook 2016+, Thunderbird, Apple Mail (Google method)
    App Passwords Older apps that don't support OAuth Outlook 2013, iOS Mail (manual), older Thunderbird, ERP/CRM integrations

    Method 1: OAuth 2.0 - The Gold Standard for Email Security

    OAuth 2.0 uses secure tokens instead of passwords and offers seamless integration with Google login.

    How it works:

    1. You add your Google Workspace email in the client.

    2. A browser pop-up appears asking you to sign in with Google.

    3. After approval, a token is issued to the app - no password is stored.

    Advantages:

    • Highly secure & phishing-resistant

    • Revokable tokens from Google Security settings

    • Native support in modern clients like:

      • Gmail App (Android/iOS)

      • Microsoft Outlook (2016, 2019, 365)

      • Apple Mail (via "Add Google Account")

      • Mozilla Thunderbird (v78+)

    Admin Tip: Enforce OAuth-only access in Google Admin Console Security Access and data control API controls

    Method 2: App Passwords - For Legacy Email Clients

    An App Password is a special 16-digit password generated by Google for apps that do not support OAuth 2.0. It works only after enabling 2-Step Verification on your account.

    Use Cases:

    • Sending email via Outlook 2013

    • Accessing email via iOS Mail (manual config)

    • Connecting older MFDs, CRM systems, ERP alerts

    How to Generate and Use an App Password:

    Step-by-Step Instructions:

    1. Visit: https://myaccount.google.com

    2. Go to Security Signing in to Google

    3. Enable 2-Step Verification (if not done already)

    4. Once enabled, return to Security App Passwords

    5. Select the app type (e.g., Mail) and device (e.g., Windows Computer)

    6. Click Generate

    7. Copy the 16-character password

    8. Use this password in your email client in place of your regular Google password

    Where to use:

    • During IMAP or SMTP setup in older email apps

    • In devices with no browser-based OAuth login support

    Note: App Passwords do not work without enabling 2FA.

    Pro Tip for Admins:

    If you're managing a team:

    • Require 2-Step Verification in Admin Console

    • Review token access under Admin Console Security OAuth App Access Control

    • Monitor user login methods via Reports Audit Login Log

    By enforcing these modern authentication methods, you:

    • Eliminate legacy risks

    • Secure your business email system

    • Comply with industry-standard security practices

      Authentication Methods

    Best Practice Checklist:

    • Always use your full email address (e.g., [email protected]) as the username.

    • Enable 2-Step Verification on your Google account to generate App Passwords.

    • For teams: Set IMAP and SMTP access policies in the Google Admin Console for better control and security.

    Microsoft Outlook (2016 - 365): Secure Setup with IMAP & OAuth/App Password

    Outlook remains one of the most widely used desktop email clients for professionals. Here's how to configure your Google Workspace email securely using IMAP and either OAuth 2.0 or an App Password.

    Steps to Add Your Google Workspace Email to Outlook:

    Open Outlook Click on File (Top Menu)
    Select Add Account

    Configuration Mode:

    • Choose: Manual Setup or Additional Server Types

    • Select: IMAP

    Incoming Mail (IMAP) Settings:

    Field Value
    Server imap.gmail.com
    Port 993
    Encryption Method SSL/TLS
    Authentication Full email address (e.g., [email protected])

    Outgoing Mail (SMTP) Settings:

    Field Value
    Server smtp.gmail.com
    Port 587
    Encryption Method STARTTLS
    Authentication Same as incoming (full email address)

    Authentication Options:

    1. After entering the server settings, Outlook will open a Google sign-in pop-up window.

    2. Enter your full Google Workspace email address and click Next.

    3. Sign in with your Google credentials.

    4. If prompted, complete 2-Step Verification.

    5. Grant Outlook permission to access your mailbox.

    6. You're done - tokens are securely stored, and no password is saved locally.

    Option 2: App Password (for non-OAuth capable versions)

    1. Enable 2-Step Verification at: https://myaccount.google.com/security

    2. Go to "App Passwords" and generate a 16-character key.

    3. When Outlook prompts for your password, use this generated App Password instead of your main Google password.

    Pro Tips:

    • Before setup, remove any previously failed Gmail account entries in Outlook.

    • Always choose IMAP instead of POP for cross-device syncing.

    • Restart Outlook after configuration to ensure full sync.

    Result:

    You now have a secure, fully synchronized, professionally configured email setup in Outlook using Google Workspace -- ready to send and receive emails with encryption and peace of mind.

Apple Mail (macOS/iOS)

  • Go to: Settings Internet Accounts Add Account Google

  • Automatically sets IMAP + Contacts + Calendar via OAuth

  • Manual Setup (if needed):

    • IMAP: imap.gmail.com (SSL 993)

    • SMTP: smtp.gmail.com (SSL 465)

Mozilla Thunderbird

  • Open Setup Wizard Enter Email Auto-detects IMAP/SMTP with OAuth

  • Manual Mode:

    • IMAP: imap.gmail.com:993 (SSL)

    • SMTP: smtp.gmail.com:587 (STARTTLS)

Android / Gmail App

  • Gmail App Add Account Google

  • Sign in using your Workspace credentials OAuth login

iOS Mail (Manual Method)

  • Settings Mail Accounts Add Account Other IMAP

  • Use full email address + App Password

  • Servers:

    • IMAP: imap.gmail.com (993, SSL)

    • SMTP: smtp.gmail.com (465, SSL)

3. Google SMTP Relay for Copiers, Printers & Applications

When to Use:

  • Legacy devices that can't support OAuth

  • Applications needing to send alerts or transactional emails

Configuration:

Field Value
SMTP Server smtp-relay.gmail.com
Port 25, 465, or 587
Encryption SSL / STARTTLS
Auth Type IP-based or OAuth

Admin Console Gmail Routing Configure SMTP relay
SPF: Add include:_spf.google.com to your domain DNS

4. Authentication Options: Secure Your Login

App Passwords (for Basic Mail Clients)

  1. Enable 2-Step Verification in Google Account

  2. Navigate to: Security App Passwords

  3. Generate and use the 16-digit App Password during setup

  • Default for Outlook, Gmail App, Apple Mail (when "Google" option is selected)

  • Seamless login with consent screen and token authentication

  • No password saved locally

5. Google Workspace Admin Configuration Tips

Enable IMAP access
Admin Console Gmail End User Access Enable IMAP

Disable "Less Secure Apps"
Already enforced - use only OAuth or SMTP relay

Use SMTP Relay for devices
Restrict by IP or domain
Enforce TLS connections (1.2 or higher)

SPF, DKIM, and DMARC setup
Use email-auth tools to ensure deliverability and avoid spoofing

6. Troubleshooting Common Issues

Issue Cause Fix
Login error / auth failed Using old password method Use OAuth or App Password
"Server not responding" Port blocked Use SSL ports: 465 / 587
Device can't send email Doesn't support OAuth Use SMTP relay with IP authentication
POP/IMAP unavailable Not enabled in admin settings Enable under Admin Console Gmail Access settings

Pro Tip: Use telnet smtp.gmail.com 587 or openssl s_client -connect smtp.gmail.com:465 to test connectivity

Final Thoughts

With these verified settings and step-by-step setup guides, you can ensure:

  • Secure access via OAuth2 or App Passwords

  • Smooth configuration across all major clients

  • Reliable SMTP relay for scanners, alerts, and applications

  • Higher deliverability with SPF, DKIM, DMARC in place

Was this article helpful?

Your feedback helps us improve our documentation

Still need help? Submit a support ticket

Related Articles

How do I create Domain Email Accounts95701
Email Accounts86555
How do I set up a new mailing list78719
Email Client Settings for Popular Email Clients77983
How to Use App Passwords and OAuth 2.0 in Google Workspace: A Complete Setup Guide14713

Still need help?

Our support team can assist you directly.

Submit Ticket
Need Help?
New TicketTrack TicketKnowledge BaseContact UsWhatsApp