Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 months ago.
Improve this question
I received 30+ emails in all languages (often eastern European) that always say the same thing :
"hello
We received a request to access project-0000000000 with this email address. If you want to sign in with your (your email) account, click this link:
Access to project-0000000000
If you didn't request this connection, ignore the email.
With respect,
project-0000000000 team"
I have received 30+ of these, without any prior action on my side. They generally have an URL "leading to the project". The URL seems based on firebase as well (xxxxxxx.page.link/?link=https://0000000000.firebase.com/...), but I wonder if it could be malicious, depending on what comes at the end of the URL, I guess.
If it's an attack, I guess the vector attack is the URL, because I cannot see any other option.
If it's not an attack, I wonder why on earth I receive all the emails, and what I can do about it.
The strangest thing, for me, is that I once received an email in Turkish thanking me for my contribution to one project. This email had no URL, so no obvious attack vector. I don't know if it was a case of social engineering, or if someone is impersonating my email address to use firebase.
Do someone know what could be going on ?
It's spam, I've been getting those emails on different languages lately. Do not click any links in them!
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 days ago.
Improve this question
I'm building a web app with firebase (fire storage, functions, hosting).
The location of the project is eur3.
I will not use google analytics. I will not use google fonts.
Do I have to inform the user that I'm using firebase?
Is user data sent to the US (or US Google servers) even though my project location is eur3?
Does firebase set cookies through the iframe on the user device with unique identifiers?
if yes, is that identifier used to track the user elsewhere?
I want to set one cookie to check if the user visits for the first time. Do I have to inform the user?
Is there a flowchart by google to make my web app EU ready?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 months ago.
Improve this question
Currently google single sign-on gives your real email address to everyone. Instead it could give each party a different identifier for you, such that these third parties wouldn't be able to correlate your data.
Moreover spam could be more easily identified and stopped. Google could manage a fleet of "salted" email addresses for each user, tracking which third parties send spam. Signin/gmail synergy.
My question: Does this exist already? Why does this not already exist? Do any other auth vendors do this?
Followup: Why is my email address even used as my primary id? I'd rather keep it private.
Your email is not used as a primary identifier at least not by Google. When a website such as Airbnb does an open ID connect dance with Google, Google replies with a unique identifier to Airbnb. That identifier does not mean anything to Airbnb as to what your email first name last name are. What also happens is that Airbnb can ask Google for your email and that is how they end up having your email.
Note that Apple have a privacy preserving mechanism where instead of returning your real email address they will return an Apple email address that points to your email. That gives you one level of indirection and more privacy.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
I've just been informed by my boss that I will be taking over our company's CRM application. It is a web-based, .NET MVC, single-code-base, multi-tenant application. As the product was explained to me, it became clear that the email feature is a nightmare to maintain. I'm looking for alternatives to doing it in-house. I'll explain:
The app logs and track all forms of contact with prospective customers... phone calls, emails, etc. Thus, one feature is the ability to send emails from within the product, and then to have any reply emails also be stored in the CRM's sql database as well.
The problems with this kind of email system built into our web-based, self-hosted CRM product are abundant, but the largest of the problems is the work we need to do to prevent our IP from being black listed. It's a nightmare. There has got to be a better way.
I asked my boss if he had looked into outsourcing the email management. He said yes, but he didn't find anything that had the features we need and still allow us the control we want.
I'll explain the features we need, and I'm hoping somebody knows of a service that might work for us.
What we need...
I envision a vendor which offers a service-based product which we can consume via some sort of API or POST. When our client sends an email from within our CRM product, we would toss over the wall (in a secure manner) to the vendor the following:
Body of the email
Sender's name, email, userid & password
SMTP address of our client
Recipient's name and email
Some sort of unique id that identifies this email, so that threads and conversations can be tracked.
The service would then validate the sender's email against their SMTP server, and send the email on his behalf.
The kicker would be being able to also track reply emails, and to get them back into our CRM product. The vendor could perhaps push them to us, or, every x minutes, would could query them to see if there are any replies waiting to be sucked up.
So, does any such service exist? If so, have you used it, and what has been your experience?
MailGun and SendGrid are two transactional email service options that you might want to consider. They offer API-based email at scale.
I know that with MailGun you can use their API to validate email addresses before attempting to use them. This may help with your blacklisting problem. Check out the API here: documentation.mailgun.com/api-email-validation.html
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I've heard it's good to use third party SMTP providers to send your bulk emails because they have a higher trust rate and can avoid the pitfalls of being blacklisted.
Does this still apply for emails to a single user? I.E I need 100% guarentees my:
Registration, activation, forgot my password emails e.t.c (which only go to on person) will arrive at the recipient. Can I just use SMTP from my own server?
Using Azure hosting and ASP.NET
The assumption often repeated by Azure folks, is that Azure will eventually get blacklisted as a platform for sending out emails, because of its potential to be a spam platform.
Because spammers may abuse it and get it black-listed with email servers worldwide, it is suggested by Azure folks, that you utilize a "better" email sending system than your own SMTP servers.
It doesn't matter how many people you send your emails to. The worry is, that Microsoft is not doing anything to stop spammers from sending emails from Azure and thus the risk exists that in a few months or years from now (or maybe it's already happening), your registration emails to your users as well as emails from anyone else running on Azure will go directly into recipients' spam folders .
There are no 100% guarantees in email delivery. Each email provider has their own internal methods on decided whether or not to deliver an email.
The IP of your SMTP server is one criteria, and yes your reputation matters... and once you abuse that privilege it is a hard thing to recover from. There are a number of other criteria that email providers use when deciding to mark your message as SPAM or not. This can include if you send email too fast or perhaps if too many of your emails bounce due to invalid addresses. Domain reputation and the activity of your email recipients matters too (does everyone just delete your message without opening, or is everyone flagging you as SPAM?).
Sending email from your own SMTP server should be safe as long as you haven't participated in bad email practices in the past. I have personally seen to negative effects of attempting to do mass-email from your own server, and that will impact even transactional emails that your website may generate.
Depending on your 3rd party SMTP server, yes they could be more successful than you. If you have not done any bad email practices in the past, though, your own should be fine as well. It does help to use a service though where they specialize in email delivery and maintaining your sending reputation. Either way, nothing will guarantee 100% delivery.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
I'm looking for a simple service/software that will convert emails into HTTP POST requests so I don't have to code in separate code paths for email handling. Does such a thing exist?
Google app engine converts incoming email into a POST to your app:
http://code.google.com/appengine/docs/python/mail/receivingmail.html
You could either handle the emails directly on app engine, or write a handler which calls back to your other site:
http://code.google.com/appengine/docs/python/urlfetch/overview.html
There are a couple services you might be interested in:
http://mailhooks.com is a good free solution for this, but there may be a delay in the time to post, and I don't believe they include attachments.
You might also look at http://mailnuggets.com which is a paid service, but posts are quicker and it includes attachments.
Bit late but I was looking for something similar and came across http://www.email2http.net - they allow you to send your email to a web script via HTTP POST or GET and it includes attachments. If you only need 1 email address and script it's free.
You could run Postfix or another mail server, configure it to accept the appropriate email, and then pipe the mail to a command which POSTs the data (using CURL or another framework).
Speaking SMTP correctly as a server isn't trivial. Access control is even harder. I'd say to use a real SMTP server.
I have needed to do this several times and always rolled my own Postfix solution. I finally made a docker container and open sourced it https://github.com/thingless/mailglove.