I had some problems connecting to gmail until I enabled “less secure apps” to access my account at https://www.google.com/settings/security/lesssecureapps. Also, Gmail automatically blocked my first access, so I recieved an email that I had to respond to (click a link and verify that it actually was me that tried to access my email – good feature).
Also, OfflineIMAP might complain about unknown certificate fingerprints and print them out. I just added them to the servers that needed them and hoped nobody had manipulated them.
Here is a template for migrating for future reference.
# Offlineimap sample configuration file [general] metadata = ~/.offlineimap accounts = migration ui = TTYUI [Account migration] localrepository = gmail-trg remoterepository = imap-src # use sqlite backend rather than plain text status_backend = sqlite [Repository imap-src] type = IMAP remotehost = imap.yourdomain.com ssl = yes remoteport = 993 remoteuser = imap.username remotepass = imap.password usecompression = no maxconnections = 1 # don't write any changes to the imap server readonly = True # you might need to fill this in if you use SSL #cert_fingerprint = [Repository gmail-trg] # You can use Gmail as type, by I had some problems connecting. type = IMAP remotehost = imap.gmail.com ssl = yes remoteport = 993 remoteuser = gmail.username remotepass = gmail.password usecompression = no maxconnections = 1 readonly = False # Set cert_fingerprint to whatever you need #cert_fingerprint = # Do not sync [Gmail]/All mail etc folders folderfilter = lambda foldername: not re.search('^\[Gmail\]', foldername)