Gmail SMTP settings let you send email through Google’s servers using any application, website, or email client that supports the Simple Mail Transfer Protocol.
The configuration requires the server address smtp.gmail.com, port 587, TLS encryption, and authentication with your Gmail credentials (or an app password if two-factor authentication is enabled).
SMTP handles outgoing email only — the sending side of your email infrastructure. Whether you’re connecting a WordPress site, configuring a CRM, or setting up a desktop email client, the correct settings determine whether messages are transmitted successfully.
Standard Gmail SMTP configuration settings:
- Encryption: Required
- Authentication: Required
- Username: Full Gmail address
- Password: App password (with 2FA) or account password
- Port: 587 (TLS) or 465 (SSL)
- Server: smtp.gmail.com
What are the correct Gmail SMTP server settings?
The correct Gmail SMTP settings use smtp.gmail.com as the server address with port 587 for TLS encryption or port 465 for SSL. Both ports require authentication — Google doesn’t allow anonymous sending through their servers.
| Setting | Value |
| SMTP server | smtp.gmail.com |
| Port (recommended) | 587 |
| Port (alternative) | 465 |
| Encryption | TLS (587) or SSL (465) |
| Authentication | Required |
| Username | Full email address |
Port selection
Port 587 represents the modern standard for email submission. The connection starts unencrypted and “upgrades” to TLS through the STARTTLS command — a process that works reliably across different software configurations.
Port 465 encrypts immediately from the first byte (implicit SSL). While technically older, many applications still support it. Choose 587 unless your software specifically requires 465 or you encounter connection issues.
Workspace options
Google Workspace subscribers have additional SMTP options beyond the standard server.
| Service | Server | Daily limit | Best for |
| Standard SMTP | smtp.gmail.com | 500-2,000 | Personal/basic business |
| Workspace Relay | smtp-relay.gmail.com | 10,000 | High-volume business |
| Restricted SMTP | aspmx.l.google.com | Internal only | Organization-only sending |
The relay service supports IP whitelisting — useful when specific servers need authorization to send on your domain’s behalf.
How do you authenticate Gmail SMTP connections?
Gmail SMTP requires authentication for every connection, but the method depends on your account’s security configuration. Accounts with two-factor authentication (2FA) need app passwords instead of regular credentials.
Standard login
Accounts without 2FA can authenticate using the regular Gmail password. Enter your full email address as your username and your account password.
However, Google strongly encourages 2FA for all accounts. If you enable it later, existing SMTP configurations break until you generate app passwords (a detail that catches many users off guard).
App passwords
Two-factor authentication blocks standard SMTP login because the client can’t complete verification prompts. App passwords solve the problem with a 16-character code that bypasses 2FA for specific applications.
To generate an app password:
- Sign in at myaccount.google.com
- Navigate to Security → 2-Step Verification
- Scroll to App passwords and click the arrow
- Select “Other” and name the application
- Copy the 16-character code immediately
The code appears only once. Use it in place of your regular password. Each application should have its own app password — if you need to revoke access later, delete individual passwords without affecting other integrations.
OAuth 2.0
Modern applications increasingly support OAuth 2.0, which authenticates through a browser-based flow rather than stored passwords. OAuth never stores credentials in the application and works naturally with 2FA.
The Gmail API with OAuth requires creating a project in Google Cloud Console, enabling the Gmail API, and generating Client ID and Client Secret credentials. The process takes 30-60 minutes but provides the most secure connection method.
How do you configure Gmail SMTP for WordPress?
WordPress needs SMTP configuration because the default PHP mail function lacks authentication and frequently triggers spam filters. The WP Mail SMTP plugin handles Gmail connections through either standard SMTP or the more secure Gmail API method.
SMTP setup
For standard SMTP, install WP Mail SMTP and navigate to Settings. Select “Other SMTP” as your mailer.
| Field | Value |
| SMTP Host | smtp.gmail.com |
| Encryption | TLS |
| SMTP Port | 587 |
| Authentication | On |
| Username | Full Gmail address |
| Password | App password |
The “From Email” must match your Gmail address exactly — mismatched addresses cause authentication failures.
API setup
The Gmail API approach (labeled “Google / Gmail” in the plugin) provides better security through OAuth 2.0. Two paths exist:
- One-Click Setup (Pro license) takes under 2 minutes
- Manual Setup requires Google Cloud Console configuration (30-60 minutes)
Manual setup involves creating a Google Cloud project, enabling the Gmail API, configuring an OAuth consent screen, and generating credentials. The complexity pays off — authentication survives password changes and doesn’t require storing sensitive credentials.
Testing
After configuration, use the plugin’s Email Test feature. Failed tests typically indicate:
- Mismatched “From Email” address
- Host blocking outbound SMTP connections
- Wrong password (missing app password with 2FA enabled)
Some shared hosting environments block port 587 entirely. If your host restricts SMTP, you may need their built-in relay or a dedicated transactional email provider.
What are Gmail’s sending limits?
Google imposes daily sending limits that constrain high-volume applications. The limits prevent spam abuse but also affect legitimate bulk sending.
| Account type | Daily limit | Recipients per message |
| Free Gmail | 500 emails | 100 |
| Google Workspace | 2,000 emails | 500 |
| Workspace Relay | 10,000 emails | — |
You can learn more about Gmail sending limits in our detailed guide.
Why do Gmail SMTP connections fail?
Gmail SMTP failures typically trace to authentication problems, security settings, or network restrictions. Understanding common failure modes speeds up troubleshooting.
Authentication errors
The most frequent failures involve credentials:
- App password revoked or expired
- Username missing the full @gmail.com address
- 2FA enabled without generating an app password
- Password changed without updating SMTP settings
Google’s error messages are often vague (“Authentication unsuccessful”), so systematic credential checking proves fastest.
Security blocks
Google may block connections appearing suspicious:
- Multiple failed authentication attempts
- Account temporarily locked due to unusual activity
- Sign-in from unfamiliar location triggers security alert
Check your Gmail inbox for security notifications when connections fail unexpectedly.
Network issues
Some networks block outbound SMTP ports:
- Port 465 may work when 587 fails
- Port 25 blocked by most ISPs (spam prevention)
- Port 587 occasionally blocked by corporate firewalls
Testing from a different network (mobile hotspot) quickly identifies port blocking as the cause.
API errors
OAuth connections through the Gmail API have unique failure modes:
- Error 401/400: Client ID or Secret copied incorrectly
- Error 403: Google Cloud app still in “Testing” mode
- Invalid_grant: Token invalidated by password change
- Redirect URI mismatch: Console URI doesn’t match plugin settings
Moving your Google Cloud app from “Testing” to “Production” status resolves most Error 403 issues.
How do you improve Gmail SMTP deliverability?
Correct SMTP settings get emails out the door, but email deliverability — whether messages reach inboxes — depends on authentication records and sender reputation. Gmail’s servers handle sending; recipient providers make filtering decisions.
DNS records
Custom domains sending through Gmail need proper DNS authentication:
- SPF record authorizes Google’s servers for your domain
- DMARC tells providers how to handle failures
- DKIM cryptographically signs messages
Missing records cause “deliverability should be improved” warnings and increase spam-folder placement.
Reputation
New sending domains need reputation building before high-volume campaigns. The email warmup process gradually establishes a positive sending history with major providers.
Gmail SMTP shares IP addresses with millions of senders. If shared IPs accumulate spam complaints, your legitimate emails may suffer email filtering even when you follow best practices. Dedicated transactional services offer better reputation isolation.
Testing
A deliverability test can reveal where messages actually land across different providers. The SMTP transaction might succeed while recipients never see your email — testing catches invisible failures.
Settings alone don’t guarantee delivery
Gmail SMTP settings control whether emails leave your application successfully. Inbox placement depends on authentication, reputation, and sending patterns beyond basic configuration.
Organizations sending significant volume through Gmail often discover correct settings don’t prevent spam-folder placement. DNS records need proper configuration. New domains need a gradual warmup. Sending patterns need consistency rather than sudden bursts.
EmailWarmup.com helps senders build a reputation that determines deliverability:
- Inbox rates up to 98% on Pro accounts
- Free deliverability test across 50+ providers
- 24/7 support from email deliverability consultants
- Personalized email warmup matching your sending patterns
Correct SMTP configuration is the foundation — reputation gets you into inboxes.
Schedule a free consultation with an email deliverability expert today.
Frequently asked questions
Here are some commonly asked questions about Gmail configuration settings:
The Gmail SMTP server address is smtp.gmail.com for both free Gmail accounts and Google Workspace subscriptions. Use port 587 with TLS encryption (recommended) or port 465 with SSL. Authentication is always required using your full email address and either your account password or an app password if two-factor authentication is enabled.
Gmail requires app passwords when two-factor authentication (2FA) is enabled because SMTP clients can’t complete the second verification step. App passwords are 16-character codes generated in your Google account security settings that bypass 2FA for specific applications. Without 2FA enabled, you can use your regular Gmail password.
Not effectively. Free Gmail accounts limit sending to 500 emails daily, Google Workspace allows 2,000, and even the relay service caps at 10,000. Bulk campaigns require dedicated transactional email services designed for scale — SendGrid, Mailgun, or Amazon SES handle higher volumes without Gmail’s restrictions.
Port 587 uses STARTTLS encryption, starting unencrypted and upgrading to TLS after the initial handshake. Port 465 uses implicit SSL, encrypting from the first byte. Port 587 is the modern standard with better compatibility. Use 465 if your application specifically requires it or if 587 connections fail.
Authentication failures typically indicate credential problems. Verify your username includes the full @gmail.com address, confirm you’re using an app password if 2FA is enabled, and check that passwords haven’t changed since configuration. Also, verify your Google account hasn’t been locked — check Gmail for security alert notifications.
