Backing up GMAIL with GMvault

Posted on Tags ,

For the past twenty years or so I have been using Google Mail, or Gmail, at various times both the consumer version (addresses and what used to be called Google Apps, G Suite, and now is called Google Workspace (addresses with your own domain name).  When Google Apps was introduced many years ago there was a paid edition for larger businesses, a special edition for educational institutions and non-profits, as well as a free edition for small organizations and families; I signed up for the free edition with my domain and have been using it for both my non-profit consulting and for my family.

In 2012 Google stopped offering the free edition to new users but existing users continued as before, and then in January this year Google announced that the free edition would be discontinued and users would have to decide by May 1 which alternative they would like to purchase before the service would definitely be turned off by July 1, 2022. They offer to upgrade users to one of their business editions based on the services used in the free edition, at a cost of a minimum of $6/month per user. They have however hinted at a cheaper (but not free) alternative for people who use the free edition for personal and family use (i.e. not for business) only.

For this reason I have been encouraging my children to switch from using their address to some other e-mail provider and address; an obvious choice would be a standard consumer Gmail address, and I was looking for a way to transfer their content (i.e. old mails) from their account to their new account.[1]

Another reason for investigating Gmail backup solutions is the fact that while I find Gmail as well as other cloud offerings extremely useful, I do not like to rely entirely on them, and prefer to have a local copy as well.

Google Takeout was created in 2011 as a mechanism for folks who cancel their Google account to take their stuff with them. It is cumbersome and does not store the data in a very accessible way; and there seems little point to having all your e-mail data available locally if you cannot access it in a convenient, mail-like manner.

A few years ago I came across GMvault, a Python script for synchronizing Gmail data to a local repository, and exporting it to a number of different formats compatible with various e-mail clients, and started using it; but after a while it stopped working due to changes in the way Google handles authentication.

Due to the need to migrate our data from the Google Workspace Free Edition I looked at it again, and they have caught up with Google’s authentication and now it works with application-specific passwords[2]. So I set up all my GMail accounts with two-factor authentication and an application password for GMvault, and am almost finished doing an initial backup of all my accounts. Once that is done I will get started on exporting the kids’ e-mail data, ready to export into their new accounts.

Here is how to install GMvault on your Windows computer; if you are a Linux or Mac user you probably are savvy enough to figure that out yourself or to read the instructions at the GMvault website:

  1. Go to the GMvault website and click on the  Download GMvault  button.
  2. You may have to confim downloading (or “keeping”) the file.
  3. When it has finished downloading, double-click it to start the installation. By default it installs in your personal profile; you can change the install path to C:\Program Files\GMvault if you want to install for all users.
  4. When the installation has finished you should have a GMvault folder in your Start Menu’s “All Apps” section; click on it and then on “gmvault-shell“.
  5. You are now in a Powershell window with all paths and other environment variables set correctly for GMvault; once we have set up your GMail account to work with GMvault we will come back to this.

Here is how to set up your GMail account for backup via GMvault; this works both for the consumer GMail accounts and for Google Workspace accounts:

  1. Using your web browser, log into your GMail account at If you have more than one GMail account, it is best to log out of all accounts and then log back into the account you want to set up.
  2. Click on the Google Account icon in the top right corner of the browser window (it will either have your picture if you have set one in your Google account, or else an icon with the first letter of your name), then click on “Manage your Google account” below your name and e-mail address.
  3. On the next page click “Security” in the sidebar on the left.
  4. Scroll down to “Signing in to Google“, click on “2-Step Verification“, and then click on “Get Started“. Sign in again with your password when prompted and click on “Next“.
  5. Provide your mobile phone number and check “Text message“, then click “Next“. Check your phone for a SMS text message from Google and enter the Google verification code starting with “G-” in the field provided and click on “Next“.
  6. Finally, click the blue TURN ON button.
  7. Now that you have enabled Two-Factor Authentication, every time you log into your Google account on a new device/browser combination you will have to provide a verification code sent to you per SMS in addition to your acount password. Depending on the phone you have, and whether that Google account is set up on your phone, you may also be prompted to confirm the login attempt on your phone instead.
  8. Click the arrow pointing left at the top of your browser window  to get back to the “Security” section of the “Manage your Google Account” page.
  9. In the “Signing on to Google” section, click on “App Passwords“. Verify your password again when prompted, then click on “Select app” and choose “Other (Custom name)“.  Enter “GMvault” in the field provided, then click on “Generate“.
  10. Select and copy the password displayed in the yellow field (four groups of four characters) and paste it into an empty Notepad document to have it handy for the next step((There is no way to retrieve this password if you forget it before providing it to GMvault, but no worry: you can simply delete the app password and generate a new one in the “Signing in to Google” section by starting from point 10 above.
  11. You can now close that browser window or tab.

Now we can start using GMvault to back up this GMail account.

  1. Determine where exactly you want to store your GMail backup. By default it will get stored in your Windows profile directory (i.e. C:\Users\yourname) in a folder called gmvault-db. I put mine in D:\GMvault\xxxxx where xxxxx is a short form of the account name (since I have multiple accounts), because I have more space on D: than on C:.
  2. Assuming that your GMail account is called, and that you have decided to store your GMail data in D:\GMvault\johndoe, go back to the GMvault Powershell window and type in this commandline to get started backing up your GMail data to your local hard disk:

    gmvault.bat sync -p –store-passwd -d D:\GMvault\johndoe   

    You will be prompted to enter your GMail password; do not use your normal password, but type in (or paste) the app password which you generated earlier and pasted into Notepad for safekeeping.

  3. GMVault will start backing up your GMail data; this may take a very long time depending on how many months or years of e-mails you have in your account. You can stop the backup at any time by pressing Ctrl-C; in order to restart it later you will need to use a slightly different commandline, like this:

    gmvault.bat sync -p –resume -d D:\GMvault\johndoe

    Note that we have replaced –store-passwd with –resume: the password has already been stored, and we want to resume where we stopped last time, not restart again from the beginning.

  4. I would recommend creating a batch file (gmailbackup.bat or gmailbackup.cmd) with that second commandline in it, and running it either every evening, or once a week, however often you want to update your GMail backup with new mails.

Feel free to get in touch with any questions about this process; I cannot promise an answer but will do my best to help. Please note that I am not interested in a discussion of the wisdom or morality or ethics of using Google’s services; I have no illusions about Google but they have served me well, and if you are of a different opinion, feel free to not use them.

  1. Another reason for making that switch is the fact that none of my kids, and certainly not my wife, are interested in computers and technology to the extent I am, and if anything happened to me the domain will sooner or later go away. So encouraging my family members to switch to e-mail solutions that don’t depend on me seems to be a wise idea anyway.[]
  2. Application-specific passwords are specific separate passwords for different third-party (i.e. non-Google) applications. They can be set up in the Security section of the “Manage your Google Account” page; they require two-factor authentication to be enabled[]
I do not permit comments on this blog. The reason for this and further information can be found on the page Privacy Policy.

Windows Support?

Posted on Tags

Twice this morning I got a phone call from an unknown number, once from Germany, and once from an Austrian mobile number, both claiming to be from “Windows Support”. I hung up on the first call and blocked the number, and on the second call I decided to have some fun. So here is a re-constructed transcript of my conversation.

I should probably confess that I was sitting in front of my Windows 11 computer the whole time, with a couple terminal windows open on a few Linux servers; but then, I don’t think I owe scammers facts and honesty.


Hello sir, my name is Stephen, I am from Windows Support. How are you  this morning?

I am fine, how can I help you?

We are receiving error signals from your computer in our technical server, for many days, there is a virus in your computer and your computer is unsecured.

Hm, that’s strange. Why would my computer send error signals to your server?

Because your computer is registered with our server in Austria, the license ID. I will prove it to you. Write it down and tell me when you are ready.

OK, I’m ready.

OK, 00





Ah, can you repeat that?


OK, got it

Now go to your keyboard, in the bottom left corner, do you see a STRG button?


Do you see a CTRL button?

Yes, I see that.

What do you see next to it?

A Windows button …

Correct, a Windows button. Now press that Windows button with one finger, and keep your finger on it.


Now with another finger press R, as in Red


What do you see?


What do you mean, Nothing?

Well, nothing changes.

What did you do?

I am holding the Windows button and pressing the R button, and nothing happens.

(He runs me through this a couple more times, without success, then:)

I am going to transfer you to my senior technician, he will help you get this done.


(New voice)

Hello sir, this is David. How are you?

I am fine

OK. On your keyboard, hold down the Windows button, next to the CTRL button on the bottom left, and then press the letter R, as in Red.

OK, I am doing that.

What do you see?

My normal desktop.

No, what happens?


OK, open Google.


Open Google Chrome.

I don’t have Google Chrome.

Eh, can you open Microsoft Edge?

Yes, I can do that.

OK. Now open Google


Now type “S” as in signal, “U” as in umbrella, “P” as in papa, “R” as in Red, “E” as in edge, “M” as in mother, “O” as in orange. What do you see?

I see the word supremo

OK press ENTER, What do you see?

I see “Supremo the best remote desktop”

OK, what else do you see?

I see a download button.

OK, klick on the Download button. What do you see?

It’s downloading a file.

It’s downloading a file?

Actually it is done. It downloaded a file called supremo.exe.

OK, click on it.

It says “Don’t know how to open this file.”

No, click on it.

I did. It says “Don’t know how to open this file”

I should probably tell you that I am not using a Windows computer, I am using a Linux computer.

Go f*ck yourself!

(Hangs up)

A few minutes later, another call from the same number.

Hello …

Hello sir, why did you hang up?

(Ah, the first voice is back …)

*I* didn’t hang up, your colleague hung up on me after saying “Go f*ck yourself” …

Oh, I am very sorry to hear that. That technician, he is a bit crazy. I am apologizing for him.

Well, I should probably tell you what I told him: I am not using a Windows computer, I am using a Linux computer.

A Linux Computer? Ah …

(hangs up)

At least he did not repeat his colleagues instruction to me …

I do not permit comments on this blog. The reason for this and further information can be found on the page Privacy Policy.

Hermit: A Web App Wrapper for Android

Posted on Tags ,

One feature I really like about the Chromium-based Browsers (Google Chrome, Chromium/Iron, Microsoft Edge, Brave; haven’t found it in Opera) is the possibility to save a website as a shortcut. All four of these browses save these shortcuts in a folder in the “All Programs” menu (“Brave Apps”, “Chrome Apps”, “Chromium Apps”, from where they can be pinned to the taskbar, to the Windows 10/11 start menu, or to whichever “classic” startmenu you are using.

One can customize these shortcuts by adding the commandline option “–profile-directory=xxxxx”, then they will start a separate browser profile for saving all sorts of browsing data (cookies, passwords, etc).

I find this a very useful feature, but unfortunately the Android versions of these same browsers do not support this feature. I have tried a number of different apps which promised to provide this feature; the one which worked best was called “Anker”, but unfortunately the developer stopped maintaining it and thus it no longer works as of Android 10.

Now I have come across another app, called “Hermit”, available in the Play Store, which works even better than Anker. Among other features it permits one to backup all the defined web apps to a file, which one can then restore on a different device, thus avoiding the need to separately set up one’s favorite web apps on each device.

I do not permit comments on this blog. The reason for this and further information can be found on the page Privacy Policy.

What does “FTP” stand for?

Posted on Tags , , , ,

In my reading in recent months I have come across a lot of new acronyms such as, for example, “BLM“. One that recently caught my attention, because I use it a lot, is “FTP“. This is, apparently, a ruder and more comprehensive variant of “Defund the Police“, being shorthand for “f*ck the police“.

This puts me in a quandary, because, as I said, I use this acronym a lot, in its original meaning of “file transfer protocol“, a venerable part of the standard UNIX/Linux networking tools.

So I wish to make it very clear, lest anyone misunderstands:

Whenever I use the acronym “FTP” in a neutral or approving manner, I am referring to the File Transfer Protocol, its various implementations across different operating systems, and the action of using such implementations to transfer files. Sometimes, because there are actually more convenient ways of transferring files, I may even use the acronym in a negative or disapproving manner to refer to the file transfer protocol and the apps implementing it.

Only very rarely will I use the acronym FTP in its contemporary “political” sense because I am opposed to abusing words in this fashion, and I am opposed to abusing the police. When acts of police brutality or other illegal actions by police officers happen (and I have no doubt that they do because policing involves the exercise of power and that attracts people with a pathological desire for dominating others), there are more effective and suitable means of dealing with it than the obscene suggestion implied by “FTP”.


I do not permit comments on this blog. The reason for this and further information can be found on the page Privacy Policy.

Using Let’s Encrypt Certificates in the Private Lan

Posted on Tags

I find it increasingly irritating that modern browsers insist on complaining more or less annoyingly about http:// URLS or websites with self-signed certificates, and that there is no easy way of turning these complaints off. Continue reading Using Let’s Encrypt Certificates in the Private Lan

I do not permit comments on this blog. The reason for this and further information can be found on the page Privacy Policy.