cfmail using Gmail SMTP

I wanted to have a cfmail tag use my Gmail SMTP to send mail, which was relatively straightforward, but there is some vague language in the Google help doc that didn't immediately translate to cfmail attribute settings. I did find plenty of search results on the topic, but most threads were a little confusing and noted differing experiences between developers. So I've taken a little time to experiment and thought I'd share the results.

From both my gmail.com account and my Google Apps for Your Domain mail (gmail for custom domain name) accounts I was able to find the same help doc for standard POP/SMTP configuration.

We can quickly deduce that the username attribute should be your full e-mail address (including @gmail.com or @your_domain.com), and the password is of course your Gmail password.

The help doc provides the following information for the outgoing/SMTP server configuration:

smtp.gmail.com (use authentication)
Use Authentication: Yes
Use STARTTLS: Yes (some clients call this SSL)
Port: 465 or 587

So, how does the above information translate to relevant cfmail tag attributes (server, port, username, password, useSSL, useTLS)? It's a bit more specific than the Gmail help doc suggests...

Well, the server attribute is easy, that should be: smtp.gmail.com

"Use Authentication: Yes" suggests we need to set either useSSL or useTLS to true, right? It also looks like we can set the port attribute to either 465 or 587, right? Well, these inferences are both half correct, but there is a dependency between the three attributes. By the way, I did notice the mention of "requires TLS" in the Gmail help doc, but the "some clients call this SSL" confuses the issue a bit. In any case, I've performed some thorough testing and learned that port 465 will work with SSL only enabled or with both SSL and TLS enabled; port 587 will work with TLS only enabled. Here are examples of all three variations that worked in my testing:

So, which one should I use? I can only claim to know as much about SSL vs. TLS as I recently read on Wikipedia (http://en.wikipedia.org/wiki/Secure_Sockets_Layer). Since TLS appears to be the successor to SSL, I guess I'll go with that for now. I'm not sure exactly what happens when both useSSL and useTLS are true, but I'm guessing that one of them is being ignored? Is it possible to implement both in one request? I'd love to hear feedback if anyone has more knowledge/experience or a reason for a strong preference here.

For what it's worth, I also confirmed that you can leave off "@gmail.com" in the username attribute, but you must include the domain name for custom domains (Apps for Your Domain accounts).

Finally, I should also note that the useSSL and useTLS attributes were introduced to cfmail in ColdFusion 8. I don't believe it's possible to use Gmail SMTP for cfmail in ColdFusion MX7 or earlier.

UPDATE (2009-05-07): I have also tested this with the Railo 3.1.0.012 CFML engine, and all three examples above work well with Railo. When configuring the mail server settings in the Railo Server/Web Admin, I was only able to get a successful verification when using TLS and port 587 -- when I tried SSL and port 465, it just hung (probably would have timed out trying to verify, but I waited a good minute before giving up).

UPDATE (2009-10-02): It's important to note that there are daily sending limits when using Gmail SMTP, as noted in this Gmail Help page and in this Google Apps forum answer. It's also important to keep in mind all points outlined in Google's Bulk Senders Guidelines.