I need to send mails with java mail from a webserver over an exchange account. the exchange account is registered with a domain owned by our company, which has the exchange account as its MX entry. I did some research on how to accomblish this, as I was not able to find out any plain information about some kind of smtp outlook might be using. Ive no idea which server I need to connect to and how to authenticate to it. I do not have any experience with any microsoft technology. I found some guides for .NET frameworks like Introducing the Exchange Web Services Managed API 1.0
But this seems to be very less helpfull!? I also found some Java frameworks like exJello which looks pretty good, but I didnt manage to configure it properly so far as I dunno any property values.
I would not like tu purchase any big framework, I do not have to manage any exchange related features, the only requirement to this connection would be to send mails.
My question is, how can I connect to my exchange account and send mails with it?
The simple answer is that you need to ask the network administrator for your company how to configure a mail client to use your company's mail server. They should be able to tell you what host name to use, etc.
After some time of research and lots of misleading information I found the information about the properties I needed in some option in my exchange admin webinterface. So the connection to the smtp is nothing different from a normal stmp service
Related
Laravel documentation discusses different mail packages which we can install through composer and use. I wanted to implement the mail functionality in a site so this question popped up in mind. Which one is the best option in smtp, phpmailer, mandrill and mailgun etc and why?
Thank you.
It matters for which kind of e-mail you are sending.
What you should aim is: have the best reputation/cost for your project.
Reputation means deliverability (not being flagged as spam)
If it is transactional like:
Password changes, account updates Mandril is not bad and has excellent deliverability. Be aware that Selling or newsletters are against mandrill TOS.
If you project has more a Seller side in order or reputation:
Mailgun and SendGrid
PHPmailer and local SMTP
Mailgun and Sendgrid permit mail campaigns having that the customers have opted-in for that.
PHPMailer and local SMTP will rely on the reputation of your Server IP. The more times passes by, the more your reputation grows.
All of these options have PHP SDK and libraries and Laravel is a Fantastic FrameWork.
In a nutshell, here is what I want to do:
Query a URL like www.mysite.com/?action=GetOnlineList&access_token=[Facebook Token]
Have that URL then return a list of all the user's Facebook friends online in JSON
I could then also do some other actions like "SendMessage" and "GetMessages" as well.
I've been reading up on this for a while and so far I've gathered that I will need XMPP/Jabber to do this, but I don't know exactly where to start.
Would creating an OpenFire server allow me to do this? I'm not familiar with XMPP at all, so I don't know how I'd be able to spit out JSON data from the server. Would I be able to setup queries like that on an OpenFire server?
You do not need to run a full XMPP server like Openfire, you want to connect to Facebook as a client (the same way users do).
There are two components you need; first you want some code in the browser to request the info from Facebook's XMPP server. However you can't connect directly to Facebook's XMPP direct from the browser (they only support XMPP over standard sockets), so you will also need something else: some kind of proxy on your server for your code to connect through.
There are some ready-made solutions for this, you can use Strophe.js with a BOSH connection manager running on your server. This allows you to log into the user's Facebook chat and fetch the info you need using XMPP. Make sure you use a standalone BOSH proxy, many XMPP servers (like Openfire, Prosody, ejabberd) have their own BOSH interfaces, but these won't allow you to connect to Facebook.
Since you say you require JSON, there are a couple of alternatives you might prefer to try, such as xmpp-ftw or stanza.io. Both of these let you deal with the XMPP server via JSON only, and xmpp-ftw is especially appropriate because it even includes the proxy part that you need (using node.js). It has well documented simple commands, the only thing you will need to learn are some XMPP basics, such as terminology (the "roster" is your contact list, and "presence" is someone's status, etc.).
I have two applications one is a business process management (BPM) & the other is a document management system (DMS) , both systems exposes web services to enable integration with other systems. Both system provide a master login username and password to provide JSON API Authentication. for example to start a process ("process1") inside the BPM ; the DMS can send the following API call
/jw/web/json/workflow/process/start/process1?master_username=BPMadmin&master_password=982716171717&loginAS=currentusername
and same apply for calling DMS web services.
The limitation in this security approach is that i am unable to call any of the DMS or the BPM web services using JavaScript and consume the returned JSON using javaScript, since if i follow the javaScript approach i will be exposing the master_username & master_password to the end users and they can manually modify the LoginAs parameter to other usernames and perform actions they are not authorized to do.
so my questions are:-
Can i make the web service calls secure using JavaScript?
second question what other security approaches i can follow to make the web services calls secure using javaScript? baring in mind that i can modify the webs service security to other approaches rather than using master login username and password, but this might require more time and effort from my side?
Thanks in advance for any help
Best Regards
First of all JS is client side and does not include any special security/magic/irreversible functions, like browser aided crypto engine, high grate SPRNG for key generation and so forth. So long story short anything you do with js is not secure it can be obfuscated but it will be NOT SECURE. That is the point you already made. Another more approach is to use your server as 'proxy'. So lets say You are designing an JS aided gui and show some documents ro so, then you make an AJAX request to your app server (not BPM nor DMS) and it acts as proxy that will do the authentication against DMS and call WS and then return the result back to your JS :) So your setup would look like JS (session)-> App (ws auth)-> DMS -> App (sesion)-> JS (I assume you have authenticated user and we'll use users session as JS <-> server secure channel, if not you will have to incorporate some other js auth mechanism maybe one time pass or something but it will be easy because it is your system). And voila. Only security consideration is to not allow anyone to call your servers proxy site :)
I am trying to design a system that will catch emails that are submitted to a server and process them. The processing will probably mean parsing metadata such as ip addresses, the email body and subject etc., and submitting these details to a web service.
I'd like to know what software (SMTP servers or similar) can either be integrated with, to perform arbitrary processing, or which servers will support forwarding to a web service (with queuing and retrying) out of the box.
Exchange is not a preferred option, as I'd like to keep that off the live servers.
It's probably easiest to just use any mail server and just process messages by pulling them directly out of the mailbox of the email user(s) on the system via IMAP or POP3 or something similar. Some mail servers are built with 3rd party access in mind where can register for events on new mail arriving so you don't have to poll for new messages. Different mail servers have different native access protocols and APIs. Exchange has IMAP and Exchange Web Services (EWS), Domino has C++/COM APIs, GroupWise a web service. And all are going to support some kind of default client access protocols like IMAP and POP3. The native protocols will give more features (like notifications), but for your purposes IMAP or POP3 may be enough.
There are a ton of ways to do this. A lot of this can also depend upon price, client, and the tech environment.
If this is a MS environment, and cost is a factor, one way you can do this is to use the built in IIS SMTP Service. The IIS SMTP service is most commonly used for sending emails, however, it can be configured to actually accept email. If you configure the service for a domain, all incoming email for that domain is placed in the mailroot/drop directory. It's placed as a text file ({guid}.eml format).
You can just use a Mime parser to parse these files, and then perform any business rules you want to on them. Since this is done at the filesystem level, you won't have to worry about intercepting any network calls. Just grab a file, parse it, and move to the next file. Then, have your app sleep for X seconds, and then check to see if any new emails have come in.
PS: shameless plug -- you can use aspNetMime for parsing these files, and extracting the data.
It might be worth your while to implement a simple lexing/parser to parse the header and look out for a specific header information. If it is an IP address, you may get away with it by using a regex parser.
Ideally, you should connect to the POP3 port of the server where the emails are stored and do a quick scan of the information, if the subject line or the message contains a specific string indicating that it is the email or even the IP address within the header, then you can retrieve that email and process it, this is where I think the lexing/parsing of the email would be done initially prior to pulling it down based on the criteria.
Bear in mind, you do not want to pull down an email that is not relevant, then how would you deal with it.
Maybe DotNetOpenMail might help, as it does not necessarily pull down all emails...
Hope this helps,
Best regards,
Tom.
C# 2008
I have developed an application that need to connect to a web server in order to work. If the web server goes offline. The the app will have to be notified so that the user using the app can know what happened.
This application will be downloaded from the internet from our clients web site. So hundreds or thousands of users could have it.
I was thinking about pinging the web server maybe every 5 seconds. However, with 100's or 1000's apps would overload the web server.
Someone has told me about ESB would be right for this problem. The way I am thinking to use this, and I am not totally sure. Is to have every app to subscribe to the ESB. If the web server goes offline it will send a message to all the apps.
However, I understand that ESB is very big and complex and maybe this is overkill for my problem.
Am I understanding correctly.
If ESB is not the correct choice is there another design pattern I could use?
Many thanks
It sounds inappropriately out of scope to spec an ESB for this simple purpose. Why not just have the client machines figure it out as they periodically need to access the website? Instead of pinging the web server over and over, in the course of their normal activities they will need to access the web server for any normal reason, if they get an error response they can branch down the "web server is down" code path.
An ESB sounds like the wrong solution.
Two possibilities come to mind:
(1) If the user doesn't need to know they're offline in real-time, defer detection to usual error handling when you try and access the server.
(2) If you must know real time, use a small proxy at each client site so that only the proxies need to ping your server, not every desktop.