Google has announced that as of May 30, apps that previously were able to send SMTP mail through a Google mail server (smtp.google.com, along with the client's credentials) would no longer work unless connecting using OAuth2 (even when "allow less secure apps" is on).
Our website currently sends out various emails (welcome to the site, order confirmations, etc) through our Google GSuite mail server using PHPMailer. But it does not connect to the mail server with OAuth or any advanced security login.
I believe Google considers our website's connecting to our gmail server to be an "app" since the connection previously would not work unless we went into our GSuite account and set "Allow less secure apps" (or whatever the specific wording is for allowing less secure apps to connect).
So given all of the above, I assume our site will be affected when Google enforces their directive on May 30.
However, in the admin.google.com section of our account, there is a checkbox that states: "Trust internal domain-owned apps" that is currently set. Further, it also states for this checkbox: "Internal domain-owned apps will be exempt from accessing OAth scopes that are restricted or blocked".
So my question (finally! :) is: given that checkbox is set, do I need to modify the PHPMailer sending of email from our own website to use OAuth2 before May 30? Or does that checkbox allow our site to continue to connect to our gmail server and send emails as before? (both the website's domain name and our google account name are identical).
