I'm currently using 1&1 and they have a system for managing emails. I need to make sure I don't lose access to my business site's email addresses. What can I do?
When you have application running in Windows Azure and you want to access your application with real domain name i.e. yoururl.com you actually don't transfer your domain. Your domain stick with the same domain registrar whoever it is (in this case 1&1) however you just use DNS or CNAME setup in Windows Azure application so your domain name point to actual application running on Windows Azure.
As far as I know if you are just setting your domain name via DNS/CNAME, pointing to Windows Azure application, there is no changed to your domain and it will intact with your domain registrar and will not impact anything else.
At last, I do have a question what are you doing with Windows Azure as you don't have better understanding about how it is impacting your when you are making decision, so you may need little more info/knowledge about what and why you are using Windows Azure and how it is going to impact your current setup.
Azure has no email system equivalent to that bundled with web hosting by many entry level providers (including, presumably, 1&1). You are either going to need to continue hosting your email with your existing host, or transfer your email domain to someone who offers pure email hosting. Another option might be to run your own mail server on a Windows Azure VM, but according to this post, this isn't yet possible due to networking restrictions: http://social.msdn.microsoft.com/Forums/en/WAVirtualMachinesforWindows/thread/18da4da3-ebf3-48c7-9462-12fa4317175b
Related
I have a working postfix smtp server on my Ubuntu 20.04 cloud machine. I can send/receive emails using the standard command line "mail" client. I am now looking for a way to do the same via web browser. I already am running nginx on the server.
It seems there are various apps such as RoundCube and SquirrelMail that are available on Ubuntu. However, they seem to require additional pop3/imap server packages to be installed.
As the webmail client is intended to be on the same machine as my smtp server is, I do not see why additional pop3/imap packages need to be installed.
Wondering if there is a simpler way to look at emails via web browser. Regards.
You need to install a web server, PHP (or whatever is required to run the webmail app of your choosing), and an IMAP server.
mail is an email client that knows how to directly access your messages on the filesystem, something that a web app has no capability to do. Also note that it is executed from the context of you having already logged in to your server as a particular user.
It's a Very Bad Idea to give your web server read/write access to parts of the filesystem outside the directories where your web-related files are kept (write access can and should be even more strict).
It's technically feasible to create a webmail app that does what you want (I think there may have been some attempts in the distant past), but it would be limited to systems with a very specific mail system setup and require some questionable permission tweaking. IMAP is the layer that abstracts your particular mail system setup from any of the various mail clients you may want to use to access your messages. It also helps make sure users and apps are not able to access things they should not.
Wondering if there is a simpler way to look at emails via web browser
Not that I can think of. Fortunately, this will get you most of the way there:
apt-get install dovecot-imapd
Dovecot will need minimal configuration in your case, and more time will be spent installing and tweaking whatever webmail client you choose (or you can try Thunderbird). And remember that the IMAP server can be limited to local clients (webmail counts as such) and need not be exposed to the Internet.
I have a gadget[*] that connects to the user's WiFi network and responds to commands over a simple REST interface. The user uses a web app to control this gadget. The web app is currently served over http and the app's javascript does AJAX calls to the gadget's local IP address to control it. This scheme works well and I have no issues with it.
[*] By "gadget" I mean an actual, physical IoT device that the user buys and installs within their home, and configures to connect to their home WiFi network
Now, I want to serve this web app over https. I have no issue setting up https on the hosting side. The problem is, now the browser blocks access to the gadget (since the gadget's REST API is over http and not https).
The obvious solution is to have the gadget serve it's REST API over https. But how? It has a local IP address and no one will issue a certificate for it. (Even if they did, I'd have to buy a boatload of certificates for each possible local IP address.) I could round-trip via the cloud (by adding additional logic on my server side to accept commands from the web app and forward it to the gadget over another connection), but this will increase latencies.
Is there a way around this problem? One possibility that I have in mind is to:
Get a wildcard certificate (say, *.mydomain.com)
Run my own DNS that maps sub-domains to a local IP address following a pattern (For example, 192-168-1-123.mydomain.com would map to 192.168.1.123)
Use the wild-card certificate in all the gadgets
My web app could then make AJAX calls to https://192-168-1-123.mydomain.com instead of http://192.168.1.123 and latencies would remain unaffected aside from the initial DNS lookup
Would this work? It's an expensive experiment to try out (wildcard certificates cost ~$200) and running a DNS server seems like a lot of work. Plus I find myself under-qualified to think through the security implications.
Perhaps there's already a service out there that solves this problem?
While this is a pretty old question, it is still nothing that you find out-of-the-box solutions for today.
Just as #Jaffa-the-cake posted in a comment, you can lean on how Plex did it, which Filippo Valsorda explained in his blog:
https://blog.filippo.io/how-plex-is-doing-https-for-all-its-users/
This is very similar to what you proposed yourself. You don't even need a wildcard certificate, but you can generate certificates on-the-fly using Let's Encrypt. (You can still use wildcard certificates, if you want, which Let's Encrypt supports now, too.)
Just yesterday I did a manual proof-of-concept for that workflow, that can be automated with the following steps:
Write a Web Service that can create DNS entries for individual devices dynamically and generate matching certificates via Let's Encrypt - this is pretty easy using certbot and e.g. Google Cloud DNS. I guess Azure, AWS and others have similar offerings, too. When you use certbot's DNS plugins, you don't even need to have an actual web server running on port 80/443.
On you local device, contact that Web Service to generate a unique DNS entry (e.g. ..yourdns.com) and certificate for that domain
Use that certificate in your local HTTPS server
Browse to that domain instead of your local IP
Now you will have a HTTPS connection to your local server, using a local IP, but a publicly resolved DNS entry.
The downside is that this does not work offline from arbitrary clients. And you need to think of a good security concept to create trust between the client that requests a DNS and certificate, and your web service that will generate those.
BTW, do you mind sharing what kind of gadget it is that you are building?
If all you want is to access the device APIs through the web browser, A Simple solution would be to proxy all the requests to the device through your web server.this was even self signed certs for the devices wont be a problem. Only problem though is that the server would have to be on the same network as your devices.
If you are not on the same network, you can write a simple browser plugin (chrome) to send the api request to IoT device. but then the dependency on the app/plugin will be clumsy.
When messing around with different mail hosting options I noticed a very aggravating pattern with my Android phone. Neither the built-in mail app nor the gmail app supported email auto-configuration.
When using most mail services such as Namecheap, Zoho, Rackspace, etc. this became a real issue. I would enter my email address and password then instead of it just working like magic, it would invariably fail as it attempted to set the mail server to mail.example.com instead of mail.privateemail.com or smtp.zoho.com
I can configure a CNAME entry for my domain to redirect to these servers and successfully connect to mail.example.com.... up until I try to enable secure e-mail (STARTTLS or TLS wrapper). When I do this the domain name on the certificate does not match up to the domain name I am using to access and the whole thing fails.
Of course setting up my own mail server could be an option, but it could take months or years for my IP address to build up enough reputation to not get auto-blocked by major providers like Gmail or Yahoo. This whole past month DreamHost has been unable to send emails to any address owned by AT&T, which has been nightmarish to get resolved. Not wanting an issue like that, I would like to go with a big name for e-mail hosting.
While looking into Amazon SES to see if it would be easy to set up, I noticed this page on secure tunnels to AWS SES
I'm not super familiar with mail servers and I honestly have no idea what I'm reading on this page. Like I can follow the steps to install and configure this program and run it, but it doesn't accurately say what the purpose is of doing this. Am I right in believing that this might solve my SSL issue and allow me to send mail to mail.example.com without any issues? If so, is there any additional setup that I will require which is not adequately explained by this article?
I'll try to be clearest as possible as I think this is not a usual situation. If you need more details, please say it.
I work on a company that has an Exchange Server. They provide a laptop which is on company domain and I can connect in Outlook just fine with my company e-mail. If I go home with my company laptop I can connect via VPN to company domain and connect to Outlook just fine as well.
We have a webmail which we can use in ANY untrusted computer on browser, something like webmail.mycompany.com and I just need to put my username and password to connect.
I also have an Android smartphone which is not on domain as well and I can configure it to connect to my company Exchange mail.
However I work on a remote server which is not on company domain (I can't change the domain on the remote server) and I'm trying to configure Outlook on the remote server unsuccessfully...
I'm very confused and wondering:
If I can connect via VPN to my company Exchange mail on Outlook anywhere as long as I have internet access on my company laptop
I can connect to my company Exchange mail on a webmail on browser on any computer (not on company domain) providing username and password.
I can connect to my company Exchange mail on my Android smartphone (not on company domain) by providing the Exchange mail server, username, domain and password.
Question: Is it possible to connect to Outlook in a different domain on a remote server with the information I have?
Thank you!
If an Exchange server is published correctly with ActiveSync enabled, then an device that supports ActiveSync should be able to connect to it. I am contracted out to 4 partner organisations during the week, 1 orgs email is Exchange Online, the others are local exchanges, one each of 2007, 2010, 2013.
I can easily hook up my email accounts to each of these from my phones, outlook 2010 at home (not connected to the domain or VPN) and outlook 2013 in the office (that is domain connected). (For 2 of these orgs my first job was to correctly publish their exchange farm for their employees)
You mentioned a VPN tunnel, if you have to establish a VPN to connect to the exchange then it sounds like it has not been correctly published externally, possibly by design.
The first thing you should do is talk to your Exchange Admin and ask them to confirm or publish the Autodiscover and ActiveSync related services for the exchange you wish to connect to externally, it's quite secure by default and has been designed to be used in this way so you shouldn't get much resistance on this front.
If you are the admin, or just playing along at home, then your next stop should be the Microsoft Connectivity Analyzer https://testconnectivity.microsoft.com , previously testexchangeconnectivity.com... that uses the same protocols that outlook and mobile devices use to connect to MS Exchange, this includes Exchange Online.
If the connectivity analyzer can connect, but your client can't then download the client analyzer from the "client" tab in the connectivity analyzer site. The error prompts are really informative and help to improve your understanding of how the Exchange platform works
Outlook 2010 can only add one domain connected Exchange service at a time, but it can have many activeSync compatible services connected no worries at all. Follow the test results on the connectivity analyzer site described above for guidance, the two most common issues that I come across are:
You primary email alias may not match the autodiscover service. For instance user#email.com might belong to an exchange that is published as 'electronicemail.com' In this case you need to make sure you connect to the exchange service as 'user#electronicemail.com' your default replay to address as configured in exchange will still work as user#email.com, but outlook doesn't know about these details untile after it has established a connection to the exchange server via the autodiscover service.
The other common issue is that the autodiscover service is not contactable externally or does not resolve correctly when you are external. (this happens a lot with Small Business Server and Essential Business server) In these cases you can sometimes make some quick edits to your c:\windows\system32\drivers\etc\hosts file to direct outlook to the right server IPaddress to configure the account. If you add a hosts entry for autodiscover.yourEmailDomainName.whateveritis into your hosts file this can often get around issues caused by the organisations public DNS not being configured for exchange.
Note that the hosts solution above can work in many instances for both of these issues
I am building a web application that will also allow my users to register/transfer a domain and manage email addresses through my application. However, I'm not exactly sure how to do that yet. I think there are services with APIs that will allow me to register domain names. However, working with DNS, MX records, email addresses and running an email server is something I've never done before. What do I need to know about automating this process of managing email accounts, and what sorts of solutions already exist?
for the email address part, have a look at How to communicate with a mail server through a web application
the dns part is pretty much the same, but you need a dns authoritative server with a database backend, such as powerdns (database configuration docs)
if you don't want to run the dns servers yourself, powerdns also offers hosting with API access