Setting Up Email
The Email destination sends a submitted Xenocept session as an email message — with the annotated screenshot inline or attached, and the comment / bubble / note text rendered into the body. It’s a built-in destination plugin identified by pluginID: org.aeor.xenocept.email.
This section walks you through configuring that destination for the email providers most users have. The mechanics are the same across providers — Xenocept connects to the provider’s SMTP server, authenticates, and submits a message. What changes is how you authenticate.
The Big Picture
Every major mail provider has retired the use of a regular account password for SMTP. Today you need one of the following:
| Auth style | Used by | How it works |
|---|---|---|
| App Password (a 16-character one-off password generated in your account) | Gmail, Outlook.com (consumer), iCloud, Yahoo, Fastmail | Enable 2FA on your account, generate an app password, use that as your SMTP password. Plain-text-looking but scoped and revocable. |
| OAuth 2.0 | Microsoft 365 (organizational), advanced Gmail | Register an OAuth application in the provider’s developer console, grant it the right scopes, and the email plugin uses a bearer token. More work to set up but the right answer for hardened environments. |
| Bridge / Local Relay | Proton Mail | Run a small companion app on your machine that exposes a local SMTP endpoint. Xenocept talks to localhost; the bridge handles encryption and submission to the provider. |
| Local Relay (Postfix) | Anyone wanting a “send via my Mac” workflow | Your Mac’s built-in Postfix relays messages out to whatever real SMTP provider you choose. |
The Email destination’s pluginConfig always asks for the same set of fields — host, port, security mode, username, password — and the only thing that varies is what value you put in each field.
Common Fields
When you add an Email destination in the Xenocept Settings UI, you’ll be asked for:
| Field | What it is |
|---|---|
| SMTP Host | The provider’s outgoing mail server (e.g. smtp.gmail.com) |
| SMTP Port | Almost always 587 (STARTTLS) or 465 (implicit TLS) |
| Security | STARTTLS for port 587, SSL/TLS for port 465 |
| Username | Your full email address |
| Password | The app password generated in your account (or your Bridge password for Proton, or your OAuth token for the OAuth flow) |
| From | The address that appears in the message’s From: header. Usually matches your username. |
| To | The recipient — yourself, a teammate, a shared inbox, etc. |
Pick Your Provider
| Provider | Page | Notes |
|---|---|---|
| Gmail / Google Workspace | Gmail | App Password (consumer) or OAuth2 (advanced) |
| Microsoft 365 / Outlook | Microsoft | Consumer Outlook.com uses App Password; organizational M365 requires OAuth2 (basic auth is being retired in 2026) |
| iCloud / Apple | iCloud | App-specific password required |
| Yahoo Mail | Yahoo | App password required |
| Proton Mail | Proton Mail | Requires running Proton Mail Bridge locally |
| Fastmail | Fastmail | App password required |
| Self-hosted on a Mac | macOS Postfix Relay | Use the Postfix that ships with macOS to relay messages through any of the above |
A Note on App Passwords
Across every provider, the same general advice applies:
- Always enable 2-Step Verification first. App passwords are usually only available once 2FA is on.
- The app password is shown once. Copy it the moment it appears; you can’t re-display it.
- Name each app password. “Xenocept” or “Xenocept Desktop” is fine. The label helps you revoke just that one later.
- Revoke when you stop using it. If you uninstall Xenocept or change machines, head back to your account’s app-password page and delete the entry.
The pages that follow are concrete walkthroughs — open the one for your provider.