Tag: email

Heroku email server custom domain

I am hosting a webapp on heroku using the free plan. I have also bought a domain name from godaddy.com. My webapp and godaddy are linked through the cloudflare service in order to protect against DOS and so that I can provide a secure connection. I would like to be able to send emails from ____@mydomain.com but I don’t want to have to buy an expensive email plan on godaddy. Is there any way that I can host my own email server on heroku or something so that I can use my own domain to send emails?

Get real e-mail sender to circumvent spoofing

I’ve posted this originally on SO, but it may as well be for here.

As you know, with many e-mail services, you can get tricked into believing an e-mail has been sent from a different address.

Using smtplib in Python, you can easily do the trick by manipulating the From argument.

gmail is not prone to that as they print the via argument which shows the original server.

However, what I cannot find anywhere is how do you retrieve the original (not manipulated) server name, the same as gmail does with their via functionality?

I’ve tried Python and its imaplib and email libraries, but there I can only access the already manipulated sender.

Any ideas?

Is that solely linked to the configuration of a particular provider (e.g. Google, Outlook, hotmail, etc.), or can something be done regardless of that – not only in Python, but perhaps in other languages, or in Kali?

Here is part of the code I’m currently using in Python (no success):

import imaplib import email  obj = imaplib.IMAP4('imap', portn) obj.login('username', 'password')  obj.select('INBOX')  uidl_list = [68720]  resp, data = obj.uid('FETCH', ','.join(map(str, uidl_list)) , '(BODY.PEEK[HEADER.FIELDS (From Subject)] RFC822.SIZE)')

I’m aware that this may be considered a duplicate, however in no other spoofing-related topics have I seen any discussion about how to tackle this.

That’s perhaps because it is not possible, and it completely depends on the provider, but any clarification is nevertheless welcome.

How does the optional “e-mail password reset” at sync.com work?

Sync.com proudly advertise that the company can’t access your data but they do provide an optional email-based password reset.

Most cloud storage providers differ from Sync because they can access, scan and read your files. Sync’s end-to-end encrypted storage platform and apps ensure that only you can access your data in the cloud. We can’t read your files and no one else can either.

When activating or using the password reset function they state that their system has temporary access to your encryption keys. What does temporary mean here and how does it work?

This feature does not expose your password to Sync, however it does give Sync’s automated systems temporary access to your encryption keys when the feature is enabled or used. We cannot enable or disable the feature on your behalf.

Does this mean that while having this function activated they could actually access my data? I don’t see how it could work any other way but I find it a bit dishonest then to have zero-knowledge as their main selling point while still recommending people to use this “feature”.

Password management

Validação email e senha usando Keyup

Bom vamos lá, sou muito iniciante em JS, estou usando o código que me diga se ambos emails são idênticos, se ambas senhas são idênticas e se elas tem no minimo 8 e no máximo 10 caracteres.
E somente se os emails foram iguais, senhas iguais e no tamanho correto que o botão de cadastrar do formulário aparece. Porém como consegui usar apenas o keyup no email2 e senha2, se o usuario voltar e digitar algo na senha ou email, não muda para erro o input. O que queria era saber como por o mesmo evento com as mesma regras do KeyUp email e senha 2 também no Email e Senha, para que fosse validado em ambos os campos de confirmação. E note que nem consegui ainda restringir e validar o email, só se é ou não idênticos

 <script> $  ('#email2').on('keyup', function () { var email = $  ("#email").val(); var email2 = $  ("#email2").val();  if (email != email2) { $  ("#message").html("Os email não são identicos").css('color', 'red'); $  ('#validator').prop('disabled' , true); } else {   $  ("#message").html("Os email são identicos").css('color', 'green');   $  ('#validator').prop('disabled' , true); } $  ('#validator').prop('disabled' , true); $  ('#senha2').on('keyup', function (){ var password = $  ("#senha").val(); var confirmPassword = $  ("#senha2").val(); if (password.length < 8 || password.length  > 16) {    $  ("#divCheckPassword2").html("As senhas precisam ter no minimo 8 caracteres   e no máximo 16").css('color', 'red');   $  ('#validator').prop('disabled' , true);    } else {     $  ("#divCheckPassword2").html("").css('color', 'green');     $  ('#validator').prop('disabled' , true);  }    if (password != confirmPassword) {      $  ("#divCheckPassword").html("As senhas não são").css('color', 'red');      $  ('#validator').prop('disabled' , true);  } else {     $  ("#divCheckPassword").html("Senhas identicas").css('color', 'green');     $  ('#validator').prop('disabled' , true);  }       if  (password != confirmPassword ||  password.length < 8 ||    password.length  > 16 || email != email2){    $  ('#validator').prop('disabled' , true);   }else {    $  ('#validator').prop('disabled' , false);    }    })    });  </script>

Print commerce pricing attributes to email receipt

Users cannot see what size or color shirt they purchased in the email receipt because tokens won’t print the attribute fields provided by Commerce Product Attributes / Commerce Pricing Attributes / Commerce Product Option combo.

  1. User selects shirt size: XL and color: Green
  2. Both fields can be previewed during checkout.
  3. Email receipt received doesn’t show any attributes, user cannot check what size/color they ordered. (All this can be achieved using default CCK fields under product type, but we’re using the combination mentioned above for multiple reasons, many products got different option sets to chose from and certain attributes selected adds extra price to total, like eg size: XXXL costs extra $ 3+ and this cannot be achieved with default fields).

One of the tokens I found is like eg. [commerce-order:commerce-line-items:0:commerce-pricing-attributes] and email on checkout prints it like this:

Product: BK Test  a:1:{s:9:"coveralls";a:8:{s:25:"field_coverall_embroidery";N;s:25:"field_coverall_text_color";N;s:10:"field_font";N;s:16:"field_shirt_name";N;s:16:"field_patch_side";N;s:12:"field_length";s:1:"2";s:21:"field_coveralls_color";s:1:"4";s:19:"field_coverall_size";s:2:"16";}}

Also more tokens available at admin/help/token like eg.: Attributes [commerce-line-item:commerce-product:field_attributes] Pricing Attributes field. and combining them with [commerce-order:commerce-line-items:0:commerce-product] won’t work, already tried dozens of variations.

E.g. in Order’s view page I addded the view Commerce Line Item: Product Attributes and it displays correctly.

enter image description here

How to print this in the email receipt?

Why do 2019-era email clients [(+/-) a few years] often allow you to delete or enter new destination addresses, but not fully edit them?

Suppose that you are writing an email. You mistype someone’s address in the “To” field. For example, maybe you write, “john.reed@blah.com.” Before sending the email, you remember that that person spells their name in a funny way. You want to delete the letter “H” in “john.” The correct email address is “jon.reed@blah.com”

In a significant number of present-day email clients you cannot edit an email address already entered into the “To” field. Once you press enter or shift the keyboard focus to the body of the email, the “To”-address changes. The user interface changes what you have typed into something which can be deleted/removed, but not edited. This is also true of the carbon-copy fields. If you mistype someone’s email, you have to delete the address completely, and re-type it. For many email clients, left-clicking on the email address might delete it, but it does not enable text editing.

I am talking about the front-end of the interface, not what’s under the hood. What is weird is that in the years from 2000 to 2010, editing a destination email address was trivial. In most email clients, the “To” field was a text-box. You could click anywhere inside of the “To” field and type almost anything you liked. The backspace key worked fine; the delete key worked fine; anything.

Features do not become popular in multiple competing companies user-interfaces, unless those features are an improvement over the old way of doing things. There must be a rationale for disallowing users from editing email addresses previously typed into the “to” field. Technically, you can edit them by deleting and re-typing from scratch, but hopefully my meaning is apparent. What is the thinking behind this? Is it a matter of making “the common case” fast? Which user-cases are faster/easier using the (new or delete) style of design instead of the old (edit text) style of design?

SPF record permerror showed in an email header, but no reason for it

Our customers are complaining about the spam issue,which means our SPF record does not work. We have set up the SPF record in our DNS record and we have used some SPF checker tools to check the validity of our SPF record, but no problem was reported in the check results. I have checked an email of our customer and find that there is an item “X-Bordeaux-SPF: PermError” in the email header, but no more detail was presented in the email header. I have read many resources about permerror in SPF, but I still did not find the answer which can explain the reason in this case. Now I have no idea what’s the problem with our SPF record. What could be the cause for this kind of permerror?