I’ve been downloading email from my Google account onto a local machine to do data analysis, using their IMAP interface. About an hour ago, I suddenly started getting failed connections with the message ‘Lockdown in sector 4 (Failure)’. After a bit of googling, I discovered that’s their whimsical way to indicate that they’ve detected something in your access patterns they dislike, and IMAP access to that account is dead for up to a day.
I’m assuming the algorithm that triggers this is related to the amount of downloads you attempt in a given period of time, and they’re trying to prevent overloading of their servers or hacking attempts. It’s unfortunate that the criteria they use are unpublished, my usage today seemed reasonable, and no different from other times I’ve done something similar.
I’d expect Google to have mechanisms like this in place to protect themselves but it highlights what a scary prospect basing a business on IMAP access is. Any service like Xoopit could trip over Google’s hidden rules, and even if they’ve reverse-engineered their current state, there’s no guarantee that the triggers won’t change. And that’s just assuming that Google don’t want to be evil, if they decide that they don’t like their users handing over their passwords to third-parties, it would be easy enough to block their services in just the same way.
The real answer would be a proper gmail interface for third-party applications, rather than reusing the IMAP transport protocol with its reliance on sharing passwords, but this doesn’t seem like a high priority for Google. Until then, I’m going to keep my main focus on the Exchange world. The APIs may be scary, but at least Microsoft offers unfettered access to the data once you’re installed as an add-on.
Pete Warden's blog 