I posted this question on webmasters.stackexchange.com but no reply, so I thought I'd try here. I have a feeling it's not appropriate for this site but I'd like some answers :)
I've got hosting services provided by FatCow. They use SquirrelMail for their email handler, which has an abysmal frontend, has a low mailbox storage limit, and apparently Fatcow doesn't allow remote access to change a password.
As a result, the webmaster has to change passwords explicitly for the user - ridiculous. Anyway, enough complaining.
What I'd like to do is use the same domain with a different provider, but I don't know the words to begin my search. Provider? Hosting? Client? How do I get started here?
I'd also accept a good recommendation for a provider (or whatever the word is) that solves the above problem description.
You are looking for an email provider. This provider needs to offer services for custom domains (i.e. not limited to their own #hotmail.com or whatever it happens to be). You need to sign up with them, configure that you would like them to handle email for your example.com domain, then change the DNS configuration for example.com and point the MX record at your new email provider. That means you need to have the authority/permission/possibility to change your DNS records. If you bought the domain through your host, they may not allow you to do that, in which case you may have to look into a domain transfer or into hosting your DNS elsewhere.
Google Apps for Business is a decent example of an email provider and is free for "small businesses". They offer the Gmail interface customized for your domain, among other things.
You don't have to do your email through your domain server. So just google 'email hosting.' For example, check out google business email. Google does all the heavy lifting and you create email addresses for whatever domain you own.
Related
This question is a follow-up question to this one.
The problem is that my current E-Mail provider does not natively support DKIM-signing, but I need that DKIM feature to make certain API integrations regarding my emails (like sending emails from my payment service provider through my own domain).
The solution I'm starting to see, as long as my host does not DKIM-sign their outgoing emails, is to watch out for an email providing service that allows you to send emails in the name of your own domain including the DKIM-signature feature. Does such a service exist, via API call? I've no experience whatsoever in this area, and would be happy to know if such a setup potentially has a bad influence on delivery rates / other problems.
If the mail server signs using your domain and not theirs, and you post the matching public key in your DNS, it will all work fine. You do need to find a provider that lets you do that though, which they may do via CNAME records. Such services will often allow you to configure what the mail server does with your messages using additional params in an HTTP API, or via custom headers over SMTP, e.g. it might allow you to set a header like:
Sign-with-selector: myselector
Recommendations for services are off-limits for SO though.
I'm currently running a SAAS application and mails are being sent from our application using Mailjet.
Some of the larger customers have been asking to allow the emails to be sent from their domain (e.g. info#largehotel.com) instead of our system (notifications#saasapp.com).
Are there any initial pointers I will need to look at? I'm guessing they will need to add our SPF records to their SPF records too and that they will need add a DKIM key that we generate for them to add to their records too? Then do some validation on them on the DNS level and mark them as validated?
I have some understanding to have customers run their own domain against our SAAS domain but a bit lost on the sending from their email domain requirement.
First, for the record, my SaaS platform does this (vía option 2b). It’s an e-commerce marketplace and I need the receipts to be sent from the email address of the product seller, not from me (the marketplace)
You have two(ish) options
Send email through your client’s mail servers (instead of mailjet)
Verify the client’s domain on your Mailjet (or similar email) service
option 1
With option 1, you’ll need to ask your client’s IT team to setup a username and password for you to access their SMTP server. This is essentially just like them creating an email account for you to use. This may seem like the easiest path available for you, but there are potential pitfalls and disadvantages:
Doing this, you will lose the mail open/click/bounce tracking functionality you get with mailjet; because you’ll be using the company’s SMTP server instead.
If you’re sending out as a fairly common email address (eg info#your-client.com) the client may already have that account active on their mail servers. That would allow them to receive replies into the existing infrastructure but make them wary of the security issues with sharing a password to their mail server with you.
You might find that they don’t even have the ability to give you a username and password. Modern mail services don’t allow for SMTP access (which is what your web app will need); and security conscious companies require 2 factor authentication on mail accounts (which your web app can’t answer)
Option 2
For this, you will need to ask their IT team to configure some DNS records to prove to mailjet, and to the email recipient, that you’re allowed to send on behalf of your client.
You did this for your own domain when you first setup mailjet. See https://app.mailjet.com/support/how-to-add-a-sender-address,96.htm for what this involves, but it’s a case of asking the client to configure a DNS record.
That tells mailjet that you’re allowed to send on behalf of that domain; but you’ll also want the client to adjust their SPF and DKIM records so as the recipient of the emails knows to trust Mailjet’s servers with emails sent from your client’s domain name. Normally, recipients only trust email sent from your client’s mail server (which you have as option 1) and distrust email sent from SAAS providers.
You will (or should) have done this on mailjet for your own domain already as well. https://app.mailjet.com/docs/spf-dkim-guide
So for this, you’ll need your client to setup 3 DNS records.
If you go this way, you could setup a separate Mailjet account which they and you have access to. That way they ca see their dashboard directly and feel a sense of ownership and security around it. But you won’t be able to markup the price of it 😜
Conclusion
How important is the tracking? If you can’t lose that you need to go with option 2.
How technically savvy is the client? Are they going to be able to have those DNS records changed? Are they going to be (rightly) security conscious around giving you an account on their main mail sever.
Option 2 would be my preference. You might need to hold their hand through the DNS setup so get it configured on Mailjet (And ask about SPF in here to make sure you get it right) so you can provide them with clear instructions of the specific 3 DNS records to create/update.
Whatever approach you take make sure you’re talking to the right people at your clients side soon. Their marketing team may be keen to do this with you, but if their IT feels left out of the conversation they will be difficult to get on board when you need them to make the changes. Us IT folk can be grumpy and obstinate 😀
your web app
This is going to need some adjustment. You probably already store your Mailjet credentials in a file or environment variables; these might need to move these to a dB table so you can relate credentials with specific accounts. But we’d need more info on the web app to be able to speak more to that side of the challenge.
option 2b
just as a note instead of a real suggestion. Be aware that some email service provers allow the sending verification part to be done by sending an email to someone on that domain (eg admin#yourclient.com) and then allowing sending vía the API if the recipient clicks on the approve link on that email. But, even with that setup you still need the client to configure SPF and DKIM on their DNS, so the extra one record isn’t a big ask. AWS’s SES allows for this. This works for me; but I have different requirements around deliver ability, and a large number of non-tech users (as opposed to your one or two big clients)
you can ask your client to generate programmatic(app key/password) user for email need to use for example info#largehotel.com and some other info like (host:gmail, protocol: smtp,...) all basic info needed then in your saas retrieve all this info to create object with client info that you stored before to send email for the target (from developer prospective non network engineering )
The SPF is the most important think to do. In most cases you have to be very careful about the IP reputation, but since you are using Mailjet it's up to them to manage this part.
Be attentive to the overall quality of the email, text/image ratio... Also offers a text body version of the content and dont forget the unsubscribe link. Since you already send emails with your service, I guess it's points are already correct.
We are building a system that is, effectively, an email/calendar/contact client.
Users will provide us with their email address password (or other auth, eg oauth) and we will connect to their underlying email system.
"underlying systems" include:
Microsoft Exchange / Office365
GMail
Yahoo Mail
Apple email
Generic IMAP
Each of these systems have subtle (and not so subtle) differences in their APIs, especially to access calendar & contact data. Thus we need to know what provider the user is using.
But we would rather not ASK the user. We would like to figure it out (and at, least reduce the choices) automatically.
I've looked around for something that already implements this but have not found anything. I know it's mostly possible because Windows Phone does it pretty well (just enter username/pw and it does the right thing).
Before I dive in and start writing my own I want to ensure I'm not wasting my time if someone's already done it in an excellent way.
Know of anything like this? For this project prefer C#/.NET.
[EDIT: Adding potential algo]
Potential Algorithm:
Given email address & password
Extract domain name from email address
Try Exchange autodiscover. If successful done.
Use DNS MX records to find smtp host.
Do SMTP EHLO
Gmail responds with "250-mx.google.com at your service"
So if we see a "google.com" we are done.
Yahoo responds with 250-mta1257.mail.sk1.yahoo.com
So if we see a "yahoo.com" in the response we are done.
Apple responds with 250-xxxxxx-mac.com
So if we see a "mac.com" in the response we are done.
If none of the above
IMAP?
...
[EDIT: 5/18]
I built a prototype that uses methods that don't require auth (e.g. just MX/SMTP sluthing). Give it a try: http://bit.ly/KLZKxD
Algorithm seems reasonable. You will get best results running from unfiltered server (meaning it has direct SMTP outbound / doesn't run through a proxy). If running from client (mobile/tablet/desktop), then no guarantees as some ISP's pass SMTP through a proxy relay hence EHLO response is only for proxy.
You may want to do a port check for servers to verify expected protocol support (just a TCP connect may be sufficient but protocol handshake is preferable). Additionally, best to build up a database of verified SMTP and IMAP server mappings as there can be split names (e.g. smtp.domain.com and mail.domain.com) - discovering SMTP is easy, discovering outbound server(s) which usually also means calendar/contacts server, not so much (except for Exchange but only if autodiscovery is configured correctly).
If you can get your users to approve and assuming you have their username/password, you could try connecting to SMTP via MX record and sending an email back to your own address then checking through headers for useful info about the server (needs to be authenticated to relay). Users could alternatively reply to an email you generate in order to get the same server info.
Also ensure that you do your own DNS query and try each MX record or all primaries -- if the principal MX is down or DNS is poorly configured for equal weighting, you could end up hitting a smarthost / backup which may just be a dumb SMTP relay / store-and-forward and not give you the correct response.
TL;DR: No quick solution but a cascaded algorithm that trys and fails different solutions until one works / gives an expected result should work.
Most devices can auto detect the service by parsing the Whole e-mail address. Xyz#gmail.com would obviously be a gmail account. So for Apple, Gmail, Yahoo, Live, Hotmail etc you can easily program for.
For other domains, including custom, you can try this: http://www.exclamationsoft.com/exclamationsoft/netmailbot/help/website/HowToFindTheSMTPMailServerForAnEmailAddress.html
You can detect Google Apps For Your Domain accounts by examining the domain's MX records. If the primary MX record is ASPMX.L.GOOGLE.com, then it's GMail.
I created an implementation of this that has been used widely with some success: https://github.com/tig/Email2Calendar
This is used by both milelogr.com and freebusy.io.
For an application we are building, it is required to give certain registered accounts the ability to send emails to other registered accounts.
As part of the registration, we obviously collect the real email address of every user.
I do not want to expose any of my users' email addresses so I would like to have the ability to proxy them through fake email address that basically forward to the real email address.
For example, if someone want's to email John Doe, they would send an email to abcdefg12345#mysite.com which would then forward the email to john#johndoe.com.
In case its not obvious, the purpose of this is to protect the end user from spam and keeps their real email address private. Since my application acts as the proxy, I could easily block certain email's from going through.
The most famous example of this is Facebook's email proxy for Facebook Apps.
My Question: Are there any patterns, servers, 3rd party services, or libraries that provide such a feature? Does anyone have any suggestions for how this could be built?
I've never seen a service that offers this directly. The hardest part here is the receiving of the emails and wiring things up to your app for the authentication. You could use a service like http://cloudmailin.com in order to receive the email and then forward it on or even use some sort of custom install. Another option would be to create a script that modifies a server such as postfix's configuration.
Finally although I wouldn't recommend it you could try and create your own mail server to do this. I would read up a little more on SMTP/IMAP and see what options you have.
It looks like there is no 3rd party service or tool\library to accomplish this. It is going to be a bigger task than I was hoping for so I will be putting it off until I have the time to implement it.
I think the solution is to use a mail daemon that has an API or at least allows you to manipulate the users\emails\aliases in it such that you can create new mailboxes on demand and set them to forward from someuser#proxy.mysite.com to user#theirdomain.com
I found out that there are services that provide this type of functionality as part of their offerings:
http://mailgun.net/
http://www.sendgrid.com
Both of these services are very cool and offer quite a bit for sending and analyzing emails including the ability to create forwarding\proxy emails.
I've noticed that the domain
contoso.com
is often used in documentation when a sample is needed. I always figured this was a dummy domain, used like the telephone prefix "555" to route spam into some kind of telecommunicative void (although contoso.com appears to be a real site).
Is there a domain I can safely use when I have to, say, test a registration form 20 times with a unique email address and I don't care what happens to the message, yet I don't want it going to a real person?
You can use example.com. According to the Wikipedia article:
example.com, example.net, and example.org are second-level domain names reserved by the Internet Engineering Task Force through RFC 2606, Section 3,1 for use in documentation and examples. They are not available for registration.
By implementing the reservation, the Internet Assigned Numbers Authority (IANA) made available domains to use in manuals and sample software configurations. Thus, documentation writers can be sure to select a domain name without creating naming conflicts if end-users try to use the sample configurations or examples verbatim.
When an address such as "yourusername#example.com" is used to demonstrate the sign-up process on a website, it indicates to the user they should fill in an actual e-mail address at which they receive mail. "example.com" is used in a generic and vendor-neutral manner.
These domain names resolve to a server managed by ICANN.
I started using whatever#example.com for this purpose, but then I began getting responses back from my outgoing email server saying delivery to that address had been delayed. I don't know about the OP, but I want something that I can send to and completely forget about it.
Now I'm changing over to whatever#mailinator.com -- I know that it gets delivered to their catchall (so I'm not getting any junk back about delivery errors), and if I like, I can even go check at http://mailinator.com/ to see if the email went through as planned. (But it's not clogging up my inbox if I don't care about it.)
http://www.faqs.org/rfcs/rfc2606.html has all the standard reserved names. Notably, example.com and the like started resolving a few years ago. Before that they were truly reserved names, not even found in DNS. But they are still useful "fake" domains.
A simple way of testing email delivery is to use Gmail with the "plus" rule. We use this when registering our shared email account with some services that use unique email addresses as the username. This enables us to use a single inbox for all of the incoming registrations and filter the messages to all go to the same folder.
http://fieldguide.gizmodo.com/how-to-use-the-infinite-number-of-email-addresses-gmail-1609458192
One trick you may or may not have picked up about Gmail is that you
can add in periods anywhere in the front part of your address and it
makes no difference whatsoever: john.smith#gmail.com works just the
same as johnsmith#gmail.com. What's more, you can add a plus sign and
any word before the # sign (e.g. johnsmith+hello#gmail.com) and
messages will still reach you. If these tweaks make no difference,
then why use them? One major reason: filters.
how about example.com?
It is a valid domain, but reserved by RFC to be used for documentation.
Contoso.com is a dummy domain that can be used for testing.
It's used by Microsoft as an example whenever they need an example company or domain. They're the ones who registered it, and they use it frequently in their examples, so I doubt they care if you use it for testing. They likely ignore anything that goes it seeing as how its posted all over the web and a likely target for spam.
Frankly, I utilize an email address from my own testing email server for this because part of the testing is to ensure that the form information actually gets to the email address, and since checking it is outside of my normal work-flow, that means I have to actively do so.
We are using .local domains for that.
For testing purposes I like to have e-mail addresses that really do not exist and cannot be registered. Even access by IANA like for example.com is a no-go for security reasons. Accidently sent e-mails to max.mustermann#example.com maybe be delivered to servers controlled by IANA. This maybe an privacy issue for Max Mustermann and so on ...
Do not treat me wrong: This is just for additional security minimizing the risks whereever possible.
guerillamail.com for example is blocked by several blacklists (like http://www.block-disposable-email.com). So maybe it's better to use contoso.com.
you could configure your in house MTA to discard all example.com/net/org emails. you can be sure that no one would expect them to be delivered. and that would save your server from using resources and wasting bandwidth.
If it's email you want to test, why not use a disposable email address, such as GuerrilaMail? You can send an email to anyone#guerrillamail.com, or set your own user name, for a limited amount of time.BTW, Contoso is a Microsoft dummy site they've been using to demo .Net technologies for a couple of years now.