I am creating a service in which services can upload files from different methods.
One of them is by sending the file to a specific email address that is linked to the app.
I have managed to do so with a unique email address that is the same for all the users (generic#mail.com), but I would like that have a different address for every user (like user_specific_email#mail.com).
I am using MailBox on rails.
Do you know if it is possible ? And if so, is it more secured and generates less risks of bottleneck if a lot of mails are processed at the same time ?
Best
Related
With my rails application, I'm supposed to provide following features:
There a limited number of users interacting with my system (in order of 10 to 20)
Like any normal mail client users should be able to have an inbox page showing received message, response to individual email and etc....
The mail client part cannot be an external application, they want everything packaged into a single application!
Normally These emails should be stored for future use
In order to send a receive email, we do not need to setup a mail server. They will provide the server and we will fetch the message with POP3 or something else. Same goes for sending emails.
The application itself often needs to look into these message as well, so it should be able to access corresponding email objects.
Separate part of these applications can be handled with individual gems such as Mailman, ActionMailer, and etc...
But what would be your suggestions to get this done?
I suggestion customizing an open source solution according to your needs. This is a gem/project that you should look at https://github.com/mailboxer/mailboxer It has all the features that you mentioned and its straightforward in its customizations.
tl;dr What's the "right" way to get my data off an iPad such that only a researcher can receive and read it?
Full Explanation:
In my app, I've got to get the data from a database off the app and to a researcher. This will consist (most likely) of two separate files. The first will be table of identifying information:
ID FirstName ... etc.
This is sensitive identifying information that has to be sent so that only the researcher can get it.
The other will be de-identified info that uses ID numbers and the like, and it doesn't necessarily have to be secure, but I would like to only have it go to the researcher, obviously.
So far, I've only ever worked with data that can just be emailed, but there are some problems with this implementation. You can't just up and send an email; you can only present an email composition view ready to send, and then the user can edit the email before sending it. So a user could send this data to someone else.
Another wrench in the works: this researcher doesn't have access to a server, so I can't do SFTP uploads that way. It's also not guaranteed that the app will have internet access all the time.
The best idea I've got so far is to have a button to compose an email that attaches an encrypted file, protected by a password whose hash is hard-coded, I mean, compile-time provisioned, into the app.
EDIT: Here's what I'm going to do for the time being: use some personal server space so I can implement SFTP uploading, and then I will work with the researcher to get some server space they can use. Thanks for your answers.
Email is not particularly "safe" but if you just want to send email to one specific address, without the possibility of user intervening, you can use SMTP protocol yourself.
In one of my old apps I used skpsmtpmessage - I don't know if it still works, but if not there should be more solutions like it.
What it does is basically send email messages programatically, without using the composer dialog.
I have a project with an single API key in Mandrill. It has three sub-accounts: production, staging, development. I have created a rule that rejects all requests that don't match a small list of domains and I want to apply that rule to both the staging and development sub accounts. The idea is to not accidentally spam clients while we are testing.
I don't see how I can apply the rule to different sub accounts. Is it possible? If not, and I need to create different APIs for each environment, can someone explain when to use sub-account vs when to create different API keys.
As a bonus, when an email matches a rule, is it possible to reroute it to a specified address instead of rejecting it?
I would use separate sub accounts for tracking different systems in a multi-tenant environment (eg you are acting as a service provider for multiple customers or departments via the same Mandrill account).
In your case, I would definitely use separate API keys for each each environment. The main feature you would potentially want to take advantage of is to be able to set one of those keys (eg staging) as a "test key" such that the emails don't ever get sent, they just get tracked in Mandrill so you can verify that they are working.
The last thing you want to have happen is that emails from your non-production environments actually get sent to real users.
The way I typically do things is to have my development system use a non-test key, but only have dummy users whose email addresses all come back to me so I can test things. Then in my staging system, I use a test key with real users (a copy of the production user database) so that any emails that get sent are captured by Mandrill for verification that they are working, but don't ever get forwarded on to the actual user.
I'm assuming that your rejection rule based on a list of domains is intended to achieve the same result that using a test key does - in which case, go with the test keys and forget the rules.
You can't apply a rule to a specific sub account - only to a specific API key.
And no, you can't reroute an email to a different address based on the outcome of a rule - the best you could so is to wire a webhook to somehow notify your system that the rule was triggered so that your system can re-send the email - but that requires custom development work.
Again, if this is actually just an attempt to avoid sending emails to real users when testing, this is what test keys are for.
I'm creating an iOS app which uses django as my backend. I need to have a chat functionality between users.
I heard that XMPP is good for real time communication, and I have successfully set up ejabberd as the XMPP server. But still I'm having hard time to deal with the details:
I created the app first and then the chat feature, so before I setup ejabberd, there are already users in my django DB. I need ejabberd to authenticate users against my existing DB and I have almost solved this by using external authentication. There is only one small problem, as ejabberd seems to require the jabber ID like username#abc.com, and here abc means the virtual host of ejabberd. I don't know maybe I could only use one virtual host on my server(which is the domain name)? But then at the beginning I asked the user to register using emails which are from different domains of course, e.g. gmail.com, yahoo.com, but username#gmail.com#abc.com is not a valid jabber ID, so maybe one small trick I can do here is to convert first # to # and handle it properly in the python script in the backend. But maybe I did it totally wrong?
Another issue is about user profile. I stored the user information as well in my django DB, e.g. display name, avatar url, etc. I learnt that I could use the vCard module if I want to get those information from XMPP server. So maybe I need to have duplicated information in two places? And still I haven't figured out how to synchronize the user information from DB to ejabberd. Or maybe I just need to have only one source, which is my DB, and the iOS client could then query the information from the backend whenever needed?
I feel that XMPP is not easy to setup, is it really popular to use it in your Apps? Especially if chatting is not the main functionality of your App and you are not expecting to have huge messages from big number of users?
You wrote:
but username#gmail.com#abc.com is not a valid jabber ID
You are supposed to escape the user id (i.e "username#gmail").
XEP 106 explains how you should escape the node part of a JID.
In python, it would look something like this:
def escape_node(node):
""" """
node.strip()
node = node.replace('\\', "\\5c")
node = node.replace(' ', "\\20")
node = node.replace('\"', "\\22")
node = node.replace('\&', "\\26")
node = node.replace('\'', "\\27")
node = node.replace('\/', "\\2f")
node = node.replace(':', "\\3a")
node = node.replace('<', "\\3c")
node = node.replace('>', "\\3e")
node = node.replace('#', "\\40")
return node
With regards to storing your users' details in Django. When you register your Django users in XMPP, just make sure that you also register valid vCards for them.
When a Django user changes his details, update the vCard as well.
I'm considering adding email addresses to a marketing web app. Currently users are able to sign up and get a subdomain address that they can choose (theychoose.domain.com). So I'm thinking of also offering theychoose#domain.com for an email address they can use.
I've pretty much decided on sendgrid.com for sending email through the web interface which takes care of a ton of sending headaches. I'd also like to avoid setting up an email server if I could so I'm looking for services that allow me to set up an account and then programmatically create addresses when a user signs up. I want to find a service that will deal with all the spam filtering etc.
Also, this probably makes no difference but it's a Rails app.
One possibility is to use Google Apps Premier Edition. The API description can be found at http://code.google.com/apis/apps/gdata_provisioning_api_v2.0_reference.html.
Keep in mind though, that each user will cost $50/year. However, if you make significantly more than that per registered user, then it may be worth it.