Sending email safely

So I’ve been using the code below

//Start sending the email
        MailMessage mail = new MailMessage();

        //My email
        mail.From = new MailAddress("MyEmail");
        //Their Email
        mail.To.Add(email);
        mail.Subject = "SecureCode Do not respond";
        randomValueCheck = UnityEngine.Random.Range(1000,10000);
        mail.Body = "Your secure code is: "+ randomValueCheck +". Please enter this into the app and do not respond to this email.";

        SmtpClient smtpServer = new SmtpClient();
        smtpServer.Host = "smtp.gmail.com";
        smtpServer.Port = 587;
        smtpServer.DeliveryMethod = SmtpDeliveryMethod.Network;
        smtpServer.Credentials = new NetworkCredential("MyEmail", "MyPassword") as ICredentialsByHost;
        smtpServer.EnableSsl = true;
        ServicePointManager.ServerCertificateValidationCallback =
            delegate (object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
            { return true; };
        smtpServer.Send(mail);

Now the interesting thing was that google blocked the app from logging in to my email. What I’m basically trying to do is ensure that the email (User Email) exists by sending them a random number, but I’m using my email to send that code.

Is it OK to use my email considering the fact the password is in the code and it can be reverse engineered? Is there a better way to do it?

Extra Info: After they enter the code, all of their details gets sent to a php script and put into a database.

So back to my question, is this safe and is there a better way to do it? Please ask questions if you are confused

Edit: I’m thinking it may be better to have the php script send the email. Would this be better?

First of all, I would question the need to verify a users email - isn’t that more or less the users responsibility when creating an account with you? Most larger websites do no verification apart from basic pattern matching.

Which is why I would suggest pattern matching for initial verification. I.e a regex that looks for something@something.something.

If you really (!) need strong verification you could also consider some APIs. Not affiliated btw, there could be better / cheaper options:

Point being - you should not be doing this yourself :wink: