Currently in our application admin of a company invite multiple users to system. Our design is:
take admin chosen separated email addresses, check user if exist and member of current company do nothing. if exist but not member of current company do some setup and add to company and send welcome email. if not not exist set user account add to company and send invitation email. But there is a hard roadblock. Admins want to invite up to 5000 emails. Because of currently we invite in web application and send email one by one (we have to, because of uniqueness and activation code) admin can't invite more than 20-30 emails at same time, because of timeout.
I thought to take email to another table and do operation with timer?
What is the best practice for this ?
Enviorenment
ASP.NET MVC2 on amazon-ec2 server. Also we have timer quartz.net
I come from a linux/PHP background but it seems to me your problem can be solved with a queue?
You basically get all the emails you need sending add them to the queue and have another process take a few emails off the head of the queue and send. Rise, repeat until queue is empty.
Since you are on EC2, have you taken a look at how Amazon SQS might be able to help? If you want a readymade component, I googled and found this email queue component for asp.net that seems to solve the exact problem you are having (although will cost you $)
Related
I'm working on a product where we use SendGrid.com so send system e-mails to our customers end users. These e-mails origniate from our own domain - let's call it ourdomain.com. This is done by going through SendGrids' authenticated domain flow to set up DNS-records to validate the domain.
Several of our customers have asked if we can send the system e-mails from their own domain. E.g. they would like if e-mails sent from the system was sent on behalf of #customerdomain.com.
The question is - how do I set this up in SendGrid so that we can deliver DNS-settings to the customers?
I really don't want this to be a manuel proces as we might have hundreds of customers who wants to use their own domain. I've tried reaching out to SendGrid support, but they basically keeps linking to this page: https://docs.sendgrid.com/ui/account-and-settings/how-to-set-up-domain-authentication. This is what we've done for our own domain, but this isn't really a viable solution if we need to handle hundreds of domains from different customers.
Does anyone know if the process can be automated via the SendGrid API? Something like this perhaps:
The customer creates an account with us (domain: customerdomain.com)
We call SendGrids API saying "create domain validation for domain customerdomain.com"
We get back the DNS entries the customer (owner of customerdomain.com) needs to enter into their DNS setup
We start sending e-mails with the FROM-address set to something#customerdomain.com
Maybe I'm looking in all the wrong places, but I simply can't figure out how to do this the right way.
Any help will be greatly appreciated!
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
In Cuba, web access is extremely censored, so I created a tool that allows more than 50,000 people to browse the Internet through email. Cubans send me an email with an URL in the subject line, and I email them back with the response. Read more at https://apretaste.com.
It was working like a charm, till the communist government of Cuba started blocking my emails. My solution was rotation.
I started with Amazon SES, and I was changing the domain each time it was blocked, but Amazon adds a header to all emails, and once they blocked the header no email from SES was able to reach Cuba any more. The same happened with Mailgun and others, they all add headers.
Currently I am creating Gmail accounts and sending via SMTP, but Google blocks me for no reason and only allows to send 100 emails a day per account. Also I can only create few emails using the same IP address/phone, so I was forced to use anonymous proxies and fake Chinese phones. Now I am fighting a war on two fronts.
An email can be blocked by three parameters: IP address, domain, and email address.
It will be terrific if I can set up my own Postfix server at a VPS that auto-rotates the IP address. Even better if I can simulate "gmail.com", to avoid purchasing a new domain every day.
All the intents to create what I call "the ultimate sender" just either reach the spam folder or add unwanted headers making it too easy to block. I feel exhausted. I hit a knowledge barrier here.
I know I am crossing to the dark side, but this is for a very good cause. Thousands count on this service as their only source of unbiased news, social network and to feel part of the 21st century.
Can you please help me implementing "the ultimate sender", or pointing to another solution that I may be missing?
I have a few suggestions for you.
The first one relies on The Onion Router also known as Tor.
Since you are crossing to the dark side, why not also take a look into the darknet?
Take a look at this list of Tor email providers. If you have your own email server that can be accessed through Tor, it becomes much harder for anybody to stop people from using this service. After all, Tor was developed to offer people uncensored access to the web.
You can read about Tor in detail here, it uses Onion Routing and this is how you would set up your server to use Tor.
Here is an example how you could use it:
The steps that involve the setup, receiving an URL request and sending back the reply are as follows:
Set up an email server.
Configure your email server to use Tor.
Publish the public service name. (e.g. "duskgytldkxiuqc6.onion")
Deploy a client that takes the service name and a URL, and let it send an email with a request to your server.
The client now waits for a reply.
You send a reply and the client receives it.
You can change your service name on a regular basis, but you need to make it accessible to those who will use this service.
Having an own email server means being able to control the email header.
Here is one example how you could make use of it:
Configure your email server so that it receives and recognizes
emails which contain the requested URLs.
Before you send a reply modify the email header so that it shows a random IP address and a random sender email address including a random domain name.
Send your reply.
Sending an email that way means that you cannot be replied back to. But since your reply already contains the requested information there is no need to.
I hope this helps.
Crowd source it.
Find a way that volunteers can send some emails for you. This is the only long term approach that I can think of. A simple web interface with mail to links would be be enough to get started although there are other potential problems with this approach too.
Because you are talking about low numbers of users, you could also use crowdsourcing to create the single email address per person approach. They can create an account on a specific set of email providers and give you the credentials. This would allow the single email per user approach or could be used to rotate through a large set of email accounts to send emails.
The simplest solution is perhaps to set up a local SMTP server on your own computer. You don't even need a server per se.
https://sourceforge.net/projects/winsmtpserver/
There are many other such applications. They are usually used to test SMTP functions during local development, but there is nothing against actually sending spam through them.
I know this would be quite a large task, but how about pairing the users with one or just a few emails so they always receive an email from that email.
I'd assume people wouldn't have more than 100 queries per day, if so they could start receiving them from a backup email
I'd imagine it would look less suspicious for them to appear to be in constant contact with one unique email rather than 50,000 being in contact with one
I know this would be a huge undertaking, but I feel like it solves your issue.
Since the users are willing to receive emails form you then your shouldn't be blocked.
When you mentioned you are getting block does it mean your mail is going in spam or is getting lost in between sending and receiving or it is getting bounced back??
My suggestion would be to setup your own mail server and follow as below:
-Get approx 25 or more ip to rotate. (IP is the most imp part which is tracked and is accountable for the reputation of your mail server)
Don't start sending emails in bulk from the word go it is better to gradullay increase the email volume so that mail server reputation nicely built
keep changing the format of the email often
encourage user to add yourself to there contact list
your best part is user are willing to receive emails from you and you would reply to revived email is the USP of yours but still i will recommend you to register for FBL so that you would know which user is reporting you as spam and you can remove him from your list and never send him email again.
using best practice to send emails like dkim, SPF, dmarc are also vital.
Hope my answer was of some help to you. If you need step by step guide to step up mail server let me know.
My friend, do you remember what made Hillary Clinton lose the last elections to Trump?
It was the "mail" affair. And what was it? People discovered she shared confidential information through a non-official, non-governmental email account (i.e., she used some Gmail, Yahoo or another of a kind). Until here, nothing new with direct relation to your matters. But there is an small particularity on this history, and this can put, maybe not a solution, but maybe a light on a new path you could follow: Clinton actually never sent those emails; the email account she used had the password shared and the communication between people (Clinton-someone) occurred only using the drafts of the account.
How? One side logs in and accesses the drafts folder. There he/she reads the last message and edits it, cutting and writing new data - then save the draft message. On the next turn, the other side of the communication line logs in and do the same. And so forth, so never really sending those messages, but instead just updating the drafts (this "Hillary" method does schooled people... Dilma Rousseff, impeached ex-president of Brazil, actually did this method down there in Brazil too).
So, maybe if you could establish a pact with your user that he/she doesn't delete the account's password, you could pass those information by this method - without "really" exchanging emails. Maybe a "parent" email account (some that could reset a lost password) could be useful too.
Alternative: aren't you able to contract a regular HTTP webserver? You could rely on FTP to publish data to your user, he/she asks for it and you publish a page with that content.
Salvi, have you tried something with Telnet? OK, we are talking here about a text-only environment, but if nothing more would rest in the future, this could be better than nothing. Maybe you could implement a podcast-like, or push-like service based on it. Look what people do with it with references to your walk on the dark side...
If in Windows, open your command prompt.
Type telnet and press Enter.
Type "o" without quotes and press Enter.
Type "towel.blinkenlights.nl" without the quotes and press Enter.
Here is the reason for my peculiar question:
I am working on a mortgage application for a mortgage broker where each mortgage application is a record. Now this broker will take each of the applications he has received and enter this application (in an up line lender's system) and during the life of this mortgage application, he receives notification emails about updates from the up line lender.
It is required that in this application, all emails pertaining to a particular mortgage application are visible under that record.
My plan is to have all emails collect in a single inbox, and give that inbox an alias corresponding to the record id of the mortgage record. The alias remains active as long as the mortgage application is active and the broker cares for receiving these updates. Once the mortgage application record is dead, that alias is removed.
When displaying the particular mortgage record, I can query the mail server for the emails where the to address is the alias of that particular record.
My key requirements are:
The email server or email service should allow for about 400-500 aliases at a time.
Should have an API interface for creating and deleting an alias.
As far as the creating/deleting API is concerned, Google Apps (https://developers.google.com/admin-sdk/directory/v1/guides/manage-user-aliases) really fits the requirement, but has a 30 alias limit.
Does Microsoft Outlook online mail support this kind of API and ability to create mailbox alias?
If we went in the direction of having a Microsoft Exchange Server 2010/2013, would it allow programmatic access to create aliases? What would be the license cost?
Thanks in advance for looking this up.
With update from #mti2935, I am considering a catch-all solution rather then deal with creating aliases.
So, now I think all I need is to be able to process the emails. What's the best means of processing emails (in my case, I will simply have to look at the "to" field and put the emails in different buckets).
I have found a third party service that can help me parse emails. Definitely going to try that out and provide an update here.
Service: https://postmarkapp.com/inbound
Referenced by a post on: How to setup a mail server?
One option to consider is to setup a mail server using qmail, configured as a catch-all for your domain, such that all mail to *#yourdomain.tld forwards to a script which parses each incoming message, scrapes the to, from, subject, etc. logs the messages in your database, etc. It's easier than it sounds to setup. See How to setup a mail server?. This can be done fairly inexpensively on a Rackspace or AWS cloud server.
I'm making a quick Google App Engine program that presents a publicly available form that users can fill out with their name and email address, then can enter a friend's name and e-mail address. The application pulls in the data via POST, then sends a pre-formatted e-mail like 'Hi, , your friend wants to invite you...'
What should I be doing to prevent spammers from exploiting this publicly facing e-mail sending program? Is there a good resource for best-practices in this field? I've spent a few hours searching, but I haven't really found anything definitive...
Principally creating a publicly available form that anyone can use to send[s] a pre-formatted e-mail is another name for creating a spam machine.
You can mitigate by making it harder for non-humans to use it, recaptcha is the typical way to achieve this.
You could send a confirmation email to the sender and require a secondary action (like clicking a link) before sending the email. Or, if you expect your users to return, ask them to sign up (with a similar confirmation) before allowing them to send email.
I would first impose some limit to the # of email addresses a specific user/IP can send. This won't solve the problem but will limit the damage in case someone does try to send spam to 1000 emails.
Second, you could try sending the emails in small batches if an user puts in a lot of email addresses. Send 5 at a time, and monitor to see if there's any spam complaints (you can probably automate this somehow). If no complaints after 2 days, keep sending the rest.
With regards an OMS, what is the best method to send a confirmation email? The 2 options I have so far are;
A script on the order page sends an email once the record is written to the database.
A scheduled task on the server, send the email, polling the database every-so-often to find new entries.
Which method do systems currently use?
For e-commerce websites, it might be better to think about the best user experience.
Given that, you would want to send the email as soon as the order is received so the user knows that they have purchased the item. The sooner it gets into their inbox, the sooner they will be happy that they have made their purchase.
I agree with Digbyswift that sending the confirmation email once the record is written to the database is the least scalable. But I would argue that if your system has gotten to the point that you are taking so many orders that your system cannot keep up, you have a wonderful problem on your hands that you now probably have resources to handle.
At PostageApp, we handle the emails of a few e-commerce websites, so perhaps you would benefit from an arrangement with an email service provider to off-load this task so that all of your resources can be spent on keeping your site up and your databases running.
Here are some great alternatives if PostageApp is not your style:
Sendgrid
Postmark
Mailjet
This is a question of scalability. Sending a confirmation email once the record is written to the database is the least scalable. The more orders that are taken , the more emails are sent potentially tying up resources.
A scheduled task is certainly better as emails can be queued up and can be sent in a separate process.
A further option which you could consider is using neither and delegating the responsibility of sending emails to a 3rd party dedicated emailing service, i.e. via an API. This is much better since your hosting does not have to consider the load and you can utilise any reporting offered by the 3rd party. Plus many services offer a free quota up to a certain threshold. This will allow you OMS and business to scale appropriately.
If you apply a message based architecture; you could just publish an order created message and have any number of subscribers respond to that event. You could create a listener that sends the email in house (bespoke option) or another listener that called the API of a 3rd party emailer to send the email on your behalf (as per #Digbyswift)
What I've always liked about this approach is
You can have any number of listeners live at any one time.
You can create a new listener and change how you send the email without needing to change/redeploy the OMS application itself.
You can take the listener(s) off line and stop / delay the sending of the email without losing any notifications or affecting the OMS itself.