News

Important Gmail-Oauth2 news

As of April 23, 2025, Gmail accounts accessed in POP Peeper will require you to use an app password instead of Oauth2. It is strongly recommended that you switch to app passwords as soon as possible (and before April 23); you can do this with your current version of POP Peeper. If your Google account already has two-factor authentication (2FA) enabled, creating an app password is a very simple process; but otherwise, you will need to setup 2FA which may take an extra 2-15 minutes. Google will make it seem like you must provide your phone number, but this is not mandatory as the guide will explain. The Esumsoft guide for setting up 2FA and app passwords is provided here:
https://www.esumsoft.com/pop-peeper/faq/?q=GmailAppPw

POP Peeper v5.6 will be released soon which has updates related to these changes (such as removing Oauth2 as an option for Gmail and providing in-app links to help guide you through creating app passwords). POP Peeper v5.6 will be able to use Oauth2 for your existing Gmail accounts and will continue to work until the deadline or if an account requires you to re-authenticate. New accounts added into POP Peeper will require you to use an app password.

To determine if your POP Peeper account is using Oauth2 or a password:
v5.5 or older: edit the account in POP Peeper; the dropdown to the right of your “Login name” will either be “Oauth2” or “Password”. You need to switch to “Password” if it’s currently “Oauth2”.
v5.6 or newer: edit the account in POP Peeper; if you see a disabled control that says “Password” to the right of your “Login name”, this means that Oauth2 is still being used and you need to enter a password. The disabled control will be removed after you save a password. The following image shows a case where Oauth2 is still being used because the “Password” dropdown is visible but disabled:

POP Peeper v5.6 – Oauth2 still in use

Why is this necessary?

POP Peeper first introduced Oauth2 support in v4.2 (June 20, 2016). Oauth2 is considered more secure for various reasons, such as the email client not needing to store your password. Over the last few years, Google started requiring a CASA review (“Cloud App Security Assessment”) for certain activities that used Oauth2, including access to Gmail. This review was first required for POP Peeper in 2024; it was an extremely stressful and time-consuming process, but POP Peeper passed the assessment and this is why Oauth2 was still available. This was mentioned in the POP Peeper v5.5 released announcement.

The need for the CASA review came around again this year, but this time Google required the use of 3rd party assessors which had fees of over $700 USD; this is a reduced rate from several thousands of dollars because of a partnership with Google. Based on the experience so far, it is reasonable to believe that the reduced rate will only be available for a limited time and will not be offered for future required assessments. The vast majority of people running POP Peeper use it for free and POP Peeper does not bring in enough money to absorb this fee on top of all the other expenditures (such as web hosting and code signing), especially considering that this is just one email service of thousands (albeit, probably the most popular one).

This was not an easy decision to make, but it came down to the resources (time and money) involved with the CASA review, especially with the alternative of using app passwords. Using Oauth2 does not provide any special privileges, it is only used to log into your email account. Google could (and, in my opinion, should) allow email clients to use Oauth2 without requiring the CASA review for this very reason. Considering that there is an alternative method that allows the same level of access to your email which Google claims is less secure, the necessity of the CASA review seems questionable, and that’s especially true for desktop apps like POP Peeper where your data goes directly between your computer and the server.

Recap

This only affects POP Peeper’s capability to login using Oauth2 for Gmail. It does not affect other services that use Oauth2 (Outlook, Yahoo, AOL). You can still use POP Peeper to access Gmail by using an app passwords

Outlook will require Oauth2

As of September 16, 2024, Outlook/Hotmail accounts will require you to use Oauth2, which they refer to as “modern authentication.” This replaces the login method that sends your password and is more secure. It is recommended that you switch to Oauth2 before the deadline so that you don’t have any downtime.

If you receive an email from Outlook that says you’re using “basic authentication”, this means that you need to switch to Oauth2; you shouldn’t receive this email if you’re already using Oauth2.

To verify that you’re using Oauth2 for Outlook in your POP Peeper accounts:

1) Edit the Outlook account in POP Peeper

2) On the right-side of your “Login name” is a dropdown box:
– If it currently says “password”, change it to “Oauth2”
– If it’s already Oauth2, you can cancel and proceed to step #4
– If you don’t see a dropdown, it’s because only certain types of accounts (Gmail, Yahoo, AOL, Outlook) support Oauth2

3) If you change the dropdown to Oauth2, follow the instructions to grant POP Peeper permission to access your email

4) Repeat if you have other Outlook accounts

Update: POP Peeper v5.5.2 added Outlook Oauth2 support for POP3 and Oauth2 is recommended when creating/editing Outlook accounts.

If you have any questions, send an email or post in the forum.


Outlook’s official announcement

POP Peeper v5.5.1 released

Download: https://www.esumsoft.com/download/

v5.5.1 is a maintenance update, which fixes a couple of bugs that won’t affect most people who are already running v5.5.

Primarily, this fixes a bug in v5.5 when using the -UpdateEncrypt command-line when an account is password-protected.

Secondly, several issues have been addressed when the SSL plugin isn’t available (including a bug that affected auto-updating the SSL plugin).

It is also recommended that you read the release notes for v5.5 if you are upgrading from a previous version.

POP Peeper v5.5 released

This update has several security updates as well as a lot of fixes and minor updates.

You can download POP Peeper v5.5 here: https://www.esumsoft.com/download/
The Version History is also available on the download page.

Important: Because of the security updates (improved encryption), data saved in this version is not backward-compatible with previous versions. What this means is that once you update to v5.5, you should not restore the program files of an older version (e.g. v5.4.6) without also restoring a backup of the data files.

OpenSSL has been updated to v3.0. v1.1 is no longer being updated. OpenSSL v3.0 was chosen because it will be supported until September 2026, whereas support for v3.1/v3.2 ends in 2025.

Sensitive data is now encrypted using a more powerful and standard algorithm. This includes your login information as well as message data.

Norton 360 users have reported some issues with v5.5; specifically with the ‘Data protector’ module in Norton. Norton may prevent the Installer from installing the program and there may be other issues once running (e.g. reporting problems when saving certain file attachments such as .pdf). It is recommended that you add POP Peeper and the installer to the white list / exclusion list in Norton. A report has been submitted to Norton.

Windows XP — it has been reported that OpenSSL v3 no longer works on Windows XP. v3 is required for POP Peeper v5.5+, so it is recommended that you stay on POP Peeper v5.4.6 if you have Windows XP.

Behind-the-scenes changes

Digital signature — since the last release, Esumsoft has obtained a new provider for the code signing/digital signature. This change took significant effort to replace the old procedure and this change may be why Norton360 is reporting potential issues. ie. Norton may think it’s suspicious that the provider has changed. The good news is that Esumsoft has paid for a 10-year subscription, so if that is the problem, it shouldn’t be a problem again anytime soon. I hope that it also shows my commitment to POP Peeper and all other existing and future Esumsoft products.

Google / CASA Tier 2 security assessment — Google now requires a rigorous security review for apps that access your email and login with Oauth2. This review process is why many apps (not just email) have chosen not to use Oauth2 or are using ways to circumvent it. I am pleased to announce that POP Peeper has recently passed the assessment and is verified. This means that POP Peeper is one of the limited, independent email clients that can continue to use OAuth2 when logging into your Gmail accounts.

Aeris Calendar v3

Aeris Calendar v3 is now available. Most importantly, this version updates the weather provider feeds, but also provides many other new options. Some of the new features in v3 are described below. If you’ve previously used Aeris Calendar v2, you may want to look through this list to discover some of these new features that you may find useful.

Download: https://www.esumsoft.com/download/?prod=aeriscalendar

Upgrade: If you have an existing v1/v2 license for Aeris Calendar, you can purchase an upgrade for v3:
https://www.esumsoft.com/aeris-calendar/upgrade-aeris-calendar-license/


Weather

Two new weather feeds have been added — the National Weather Service (NWS) serves USA-based locations and OpenWeather provides weather data for world-wide locations.

The new weather ‘Overview’ page shows current , forecast and hourly weather information on a single page. Click the “Weather” page on the left side of the main window and then “Overview” on the right to access this (overview is the default page after you click on “Weather”).

There is a new option to change the theme (background image) based on the current weather. So you’ll see a nice blue sky if the current conditions are “clear” or a rainy image if it’s raining. This option is under the main menu: Tools / Options / Calendar; set the “Theme” to “change theme based on current weather”. You can also set your Windows background to the same image here.


Reminders

Reminders have received many new improvements including a customizable preset list of snooze times so you can quickly snooze the alarm and get back to what you were doing. You can choose how the reminder behaves on an individual basis — windows notification, popup box, or no visual prompt. The new voice option will alert you to reminders using speech.

The list of “today’s reminders” has been improved by showing when the upcoming reminders will occur (e.g. in 32 minutes). This window also allows you to dismiss recurring reminders; for example, if you have a weekly reminder and you’ve already addressed the situation for this week, you can dismiss it before it happens and you won’t be reminded until the following week. Because this reminders list can be very useful, you can assign a global hotkey to access it with a keyboard combination (main menu: Tools / Options / Hotkeys: “Today’s Reminders”)


iCalendar support and Schedule

There is a new page on the main navigation screen called “Schedule”. This is primarily used for online calendars that you’ve added (main menu: Tools / Options / Schedule; these Schedule options can also be accessed on the ‘Schedule’ page by accessing the dropdown menu of the “quick set” button) and also shows native events that you’ve added into Aeris Calendar.

iCalendar is a format used by most online Calendars (such as google.calendar.com). iCalendar events can be set for specific times (e.g. a meeting) or an all-day event (e.g. holidays), or occur across multiple days (e.g. vacation). The ‘Agenda’ display will show these in chronological order while the other displays will display them as blocks of days.

To access your online calendars, refer to this faq.


Notes

You can now include a short description for your notes. The description will be displayed on the calendar instead of the full summary. Notes can now be searched under main menu: Notes / Show all notes; this window is now resizable so you can see more of the notes.


Desklet

The desklet has several new options, which can be accessed by right-clicking on the desklet. Instead of displaying the todo list, you can instead display a 3 day forecast. And if you don’t need to see today’s notes, you can display “bigger weather” so that the current temperature is larger.

If the desklet is hidden behind other windows and you want to access it, click once on the Aeris Calendar tray icon.


Updated graphics

Many of the graphics have been updated and there are several new high-resolution themes/background-images. Updated icons include the navigation icons, several new weather icon sets and the moon phases. The analog clock now uses a pre-rendered image and there are several clock faces to choose from (click on the clock to change them).


Miscellaneous

Unicode support
Calendar can start on other days of the week (main menu: Tools / Options / General)
Tray icon tooltip can display the next reminder (main menu: Tools / Options / Tray Icon – Tray Tips)
Performance improvement

Aeris Calendar – weather feed

The weather feed that Aeris Calendar uses has been disabled by AccuWeather without warning. AccuWeather provided a feed for Aeris to use back in 2008 (when weather.com decided to aggressively change their plans) and while I did receive one email from AccuWeather several years ago starting a conversation about a paid subscription, they continued to allow the weather feed. Unfortunately, Aeris does not generate enough revenue to pay for a weather subscription.

However, the good news is that I’ve been planning for this kind of event. While Aeris has not been the focus of my attention, there has been significant work made for v3.0 with many new features and also has the capability to support additional weather feeds. I am working hard to make v3 available as soon as possible.

If you have a license for Aeris Calendar v2 and you are interested in upgrading to v3, please send an email. There will be an upgrade fee, but this was planned regardless of the current situation. If you are sending from a different email address than the email address registered with your license, please let me know that email address (or your license key).

This post will be updated when more news is available.

Update (Aug 8): AccuWeather did not reply to my request for comment.

Update (Aug 8): Aeris v3.0 is ready and those that emailed me have been sent an email containing information to upgrade. This version supports NWS for USA-based locations and, because of this restriction, this version is not publicly available yet. An update which will support other countries will be available soon.

Update (Aug 31): Aeris v3.1 is now publicly available; more information

POP Peeper v5.4.5 released

Download POP Peeper

See what changed

Notable changes since the last official release:

  • Voice Notifier can now show additional voices: Enable “Additional voices” on the “General” page and then access the list on the “Notification” page (in Voice Notifier settings).
  • Fix for Yahoo IMAP issue showing empty headers for messages containing attachments (Yahoo server bug)
  • Fix for cases when messages were removed from the server externally and POP Peeper didn’t detect this

Voice Notifier — to add new voices, follow these basic steps:

1) Open the Windows start menu and type and open “Speech settings”
2) Click “Add voices” (bottom) and install whatever voices you want
3) In POP Peeper, go to main menu: Tools / Voice notifier -> settings
4) Enable “Include additional voices” on the General page
5) Go to the “Notification” page and you should now see the voices available that you installed on step #2