I am looking at users signing up and granting authorisation to my app. My app will have read access to their calendar. But depending on their email address (at least the domain part), I want to know which provider I query. I.e. Microsoft, apple, Google, other. Its obvious if its Gmail.com but many will use a unique domain or may use a smtp provider such as trend to safeguard mail before it it's microsoft etc.
If you have user's credentials, you can try to retrieve autodiscover XML for the given SMTP address. Start at https://learn.microsoft.com/en-us/exchange/architecture/client-access/autodiscover?view=exchserver-2019 and play with Outlook connectivity analyzer at https://testconnectivity.microsoft.com/tests/Ola/input
Related
My organization has own email id and can be accessed through web-browser. Now I want to setup IMAP in Gmail app in android. This requires specific incoming/outgoing server ip, port, security certificate. However, to my surprise "Mail.ru" app automatically recognizes everything (I just need to provide my email id and pass) and works perfectly (both in the organization network or outside world). These informations are also required to setup email in thunderbird. Is there any way to know this, like tracing packet, or any other way?
N.B: Nadmin don't want to share these info. This page does not help much.
Many email clients support some kind of Autodiscovery, where based on the domain name certain well-known URLs are tried in an attempt to download an XML document containing information about the SMTP and IMAP settings applicable for that domain.
Here is some Microsoft documentation about it:
https://technet.microsoft.com/en-us/library/cc511507.aspx
See also:
https://serverfault.com/questions/172326/how-to-configure-email-autoconfiguration-for-a-domain
How could I use Google Compute Engine (or a similar service, like AWS) to send email on behalf of users via their SMTP server?
I am interested in building an online email client which allows users to enter their SMTP and POP servers and send/receive email, like they would with their desktop clients. GCE blocks all SMTP ports to prevent abuse and recommends using a mail service like SendGrid instead. However, after researching dozens of these services, they all seem to only support transactional email using their own SMTP servers, or possibly a pre-cleared smtp server. I simply want to send email using the user's SMTP server (ex smtp.mail.yahoo.com), just like they would if they were using a desktop client.
I realize I could host my own servers but I am not interested in maintaining the infrastructure. I would like to host everything on a cloud service. Is there any way I can work around Google's restrictions with an existing service?
As I'm sure you are aware, you would have to have the user enter their SMTP server information and account credentials. You would then use that information to connect to their SMTP server.
By default AWS EC2 instances have SMTP traffic on port 25 rate limited. To remove this limitation, you would need to fill out and submit the following form:
https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
If you're looking to send mail as a Gmail, Hotmail, or Yahoo user, you'll probably want to call the service's API to have the server send mail on the user's behalf. There are several benefits of this:
You'll need to get authorization from users (usually via an OAuth flow)
in order to access their mail. This means that users shouldn't be
surprised that you're sending mail from their accounts, and they'll
have some control over your access.
The mail will be signed and come from the appropriate IP addresses to
comply with the various spam-control mechanisms set up by those
companies. Without this, it's likely that the mail you send will end
up in the bit-bucket of the recipient.
By using the API, the service should be able to keep a copy of the
sent mail in the user's outgoing mail folder. This will let the user
see and search for the original message sent if they want.
Unfortunately, this may also mean that each mail service you want to send from will need separate integration, and that you may not be able to send as the user's email address from smaller providers.
Note that the App Engine mail API allows you to send mail as the currently logged-in user (when logging in, users have a similar consent screen to the OAuth process mentioned above).
I have a domain which uses Google Apps for Business to handle email. I already have it mostly set up--MX records point to the correct location and my domain is verified.
I'm now writing a python app (with Django) that will need to serve mail from my domain. What's the correct way to do this with Google? Should I create a Google Apps "user" for the organization as a whole, and then authenticate via SMTP as that user and send mail from there?
The Gmail API says that it
is the best choice for authorized access to a user's Gmail data.
and that
Automated or programmatic message sending
is a typical use case. However, I'm not trying to access a user's data or send mail on behalf of a user, but on behalf of my domain. What's the correct way to proceed?
Any help much appreciated!
You could use SMTP or the Gmail API based on your description. In both cases, you'll need some sort of service account to send mail from. With SMTP, as you mentioned, you'll be authorizing via the instructions you linked.
If you choose to use the Gmail API route, you'll be authorizing the API usage with the account. The Gmail API has many other use cases (e.g. to access user's data) but you're only using it to send emails on behalf of a service account you control.
I have a web application that allows registration and authentication through Facebook, Google and Windows Live. Each OAuth request has the required scope to retrieve associated e-mail addresses from the authentication provider.
The current situation is that an account is created based on the provider and the provided identifier. This means that if a user has logged in with multiple providers the user will have multiple accounts on the web application.
I want to have the ideal situation of having a single acccount even when using multiple providers. I was thinking about using the e-mail addresses to see if an account exists for the user. If it exists, use the account based on the e-mail address.
How safe/reliable is this? Do all OAuth providers mentioned validate e-mail addresses? Better ways?
EDIT: Ran a tests and came up with this. Still looking for further advice :)
FaceBook: Cannot authenticate with unvalidated e-mail. Additional e-mail will not appear until validated.
Google: Provides `verified_email`. Additional e-mail will not appear until validated.
Windows Live: Cannot authenticate with unvalidated e-mail. Additional e-mail will not appear until validated.
Interesting question. You could try to use e-mail to check if user exists, but the problem is, user could be using different e-mail addresses for different providers.
My suggestion would be asking user (once he/she logs into your application using one of the methods) to attach other providers to to this account, so he/she can use them as well to log into your application.
It doesn't completely solve your problem (I'm not sure if solution exists), but user will have more control that way and you'll reduce the amount of accounts per user.
I posted this question on webmasters.stackexchange.com but no reply, so I thought I'd try here. I have a feeling it's not appropriate for this site but I'd like some answers :)
I've got hosting services provided by FatCow. They use SquirrelMail for their email handler, which has an abysmal frontend, has a low mailbox storage limit, and apparently Fatcow doesn't allow remote access to change a password.
As a result, the webmaster has to change passwords explicitly for the user - ridiculous. Anyway, enough complaining.
What I'd like to do is use the same domain with a different provider, but I don't know the words to begin my search. Provider? Hosting? Client? How do I get started here?
I'd also accept a good recommendation for a provider (or whatever the word is) that solves the above problem description.
You are looking for an email provider. This provider needs to offer services for custom domains (i.e. not limited to their own #hotmail.com or whatever it happens to be). You need to sign up with them, configure that you would like them to handle email for your example.com domain, then change the DNS configuration for example.com and point the MX record at your new email provider. That means you need to have the authority/permission/possibility to change your DNS records. If you bought the domain through your host, they may not allow you to do that, in which case you may have to look into a domain transfer or into hosting your DNS elsewhere.
Google Apps for Business is a decent example of an email provider and is free for "small businesses". They offer the Gmail interface customized for your domain, among other things.
You don't have to do your email through your domain server. So just google 'email hosting.' For example, check out google business email. Google does all the heavy lifting and you create email addresses for whatever domain you own.