We're building a service that sends emails for Office365 users using EWS (or REST API) with OAuth2. For some reason when testing email sending using our _.onmicrosoft.com accounts we get the following errors:
Your message wasn't delivered because the recipient's email provider rejected it.
Remote Server returned '550 5.7.501 Access denied, spam abuse detected.
Noticed that DKIM signature is missing when emails are sent via EWS/API.
Authentication-Results: target-domain; dkim=none (message not signed)
header.d=none;target-domain; dmarc=none action=none
header.from=sender-domain.onmicrosoft.com;
Received: from DM3PR1201MB1039.namprd12.prod.outlook.com (10.164.197.149) by DM3PR1201MB1039.namprd12.prod.outlook.com (10.164.197.149) with Microsoft SMTP Server (TLS) id 15.1.534.14; Wed, 6 Jul 2016 16:42:03 +0000
Received: from DM3PR1201MB1039.namprd12.prod.outlook.com ([10.164.197.149]) by DM3PR1201MB1039.namprd12.prod.outlook.com ([10.164.197.149]) with mapi id 15.01.0534.020; Wed, 6 Jul 2016 16:42:03 +0000
Emails are delivered just fine if we send them manually from our Office365 UI.
Any idea why this may be happening?
Related
I am looking for a way to test the email sending feature of our app. I have configured namshi/smtp docker image to act as an smtp server and our app is using this smtp server to send emails. We currently have a system that reads the email on the client side once its delivered, to verify we are formatting the email correctly. This is a bit unreliable since it involves an actual email being delivered.
So, I wanted to see if there is a way to intercept or read emails being delivered through this local smtp server. I checked the logs of the smtp server but as expected, it doesn't have any details of the email body or subject. Anyone knows anyway I could intercept these smtp requests somehow?
Or if there is a better way to verify email formatting as part of integration testing?
Heres a good source on how to use smtpd library in python to mock an SMTP server https://pymotw.com/2/smtpd/. Mock SMTP server and process emails through smtpd.SMTPServer.process_message
For context: I already have a regex for format validation and MX check, and would like to add a layer of SMTP validation. I have tried 2 gems: email_verifier and Truemail, none of which seem to perform well. For example, Truemail gem: tested on 1081 valid emails (verified by sending a link and have the users click), 171 came out invalid => ~15% fail rate for various reasons: the mail server blocks SMTP call resulting in an error code, timeout (when I already configured the timeout limit to be 10s), some emails need to be verified twice to return true, etc.
I was wondering if there's a way to appropriately do emails SMTP validation in RoR, or should I resolve to other paid services (Snov , Truemail , etc) ?
It is likely that trying to connect directly to the smtp servers of the destination email domains from your Rails web server resulted in those servers rejecting your connection attempt as spam.
How were the 1081 valid emails sent originally? Most web applications don't send email directly from the Rails application server connecting to an SMTP server, but rather relaying through an SMTP relay or service such as AWS SES, Sendgrid, Mailchimp, etc. Those services would be configured better with correct SPF and DKIM DNS records for the IP addresses sending on behalf of the origin address and also likely have better reputations for the IP addresses they are originating from.
I am using Twilio programmable Fax api to send fax messages from my application.
I am not facing any issue while sending faxes when I provide a public url with out any authentication as mediaUrl for sending the fax. But when I pass a url secured with basic authentication as the mediaUrl for the send fax api, the fax sending is getting failed.
"status": "failed",
I have debugged the code on the server on which the mediaUrl accesses, and could find that Twilio is not at all sending a request with "Authorization" header.
As per Twilio documentation,
You may provide a username and password via the following URL format.
https://username:password#www.myserver.com/my_secure_document
Twilio will authenticate to your web server using the provided
username and password and will remain logged in for the duration of
the call. We highly recommend that you use HTTP Authentication in
conjunction with encryption. For more information on Basic and Digest
Authentication, refer to your web server documentation.
If you specify a password-protected URL, Twilio will first send a
request with no Authorization header. After your server responds with
a 401 Unauthorized status code, a WWW-Authenticate header and a realm
in the response, Twilio will make the same request with an
Authorization header
I am giving the mediaUrl in the same format as required by Twilio. But the fax is getting response as failed. Kindly provide your valuable suggestions to help me resolve the issue.
My server is sending the 401 response as given below when Twilio accesses the mediaUrl without Authorization header,
Http response header for 401
Status Code: 401 Unauthorized
Content-Length: 34
Content-Type: application/xml
Date: Wed, 30 Aug 2017 12:38:41 GMT
Server: Apache-Coyote/1.1
WWW-Authenticate: Basic realm="My Realm"
Response body
<message>Invalid credentials</message>
Update
Good news! Media URLs in Twilio Programmable Fax now support basic authentication. This has been implemented and deployed, so this should no longer be an issue.
Original answer
Twilio developer evangelist here.
After some internal investigation I've found out that this is a known issue.
It was in fact raised by your support ticket that you sent in. Good news is that since this is known it will be getting some attention and the team will contact you once it is sorted.
To answer this question differently, I'm just using Signed URLs on Google Cloud, which provide a long token that grants temporary access for a specific file. You can set this to grant access for 10 minutes, which should be more than enough time.
AWS appears to offer a similar solution.
Document endpoint
https://developer.uber.com/docs/ride-requests/references/api/v1-requests-request_id-receipt-get
My application already has FULL ACCESS for request_receipt
However, in my Rails application, when I request to endpoint API at: /v1/requests/my-request-id-here/receipt I receive the full message like this:
#<HTTParty::Response:0x7f8738f833f8 parsed_response={"message"=>"Forbidden", "code"=>"forbidden"}, #response=#<Net::HTTPForbidden 403 Forbidden readbody=true>, #headers={"server"=>["nginx"], "date"=>["Wed
, 02 Nov 2016 14:31:37 GMT"], "content-type"=>["application/json"], "content-length"=>["42"], "connection"=>["close"], "x-uber-app"=>["uberex-nonsandbox", "migrator-uberex-optimus"], "strict-transport-sec
urity"=>["max-age=0"], "x-content-type-options"=>["nosniff"], "x-xss-protection"=>["1; mode=block"]}>
Do you have any suggestion? The Uber API for developer is poor!
The issue is most likely you did not request the new scope when you authorized the user and got the access token. Access tokens are limited to the scopes approved by the user (so even though it is enabled in the dashboard) you need to pass the 'request_receipt' scope when authenticating the user.
See more details in the authentication guide: https://developer.uber.com/docs/ride-requests/guides/authentication/introduction#step-one-authorize
If you create a new access token with the scope all should work as expected.
Java Server is receiving DEVICE_UNREGISTERED GCM nack message when it is sending downstream message to iOS client. The same iOS client app was working earlier with development push certificate.
But now I have created iOS client build with in house enterprise certificate. This production app is able to send the upstream message to java server. However, when server try to send downstream message, server is getting DEVICE_UNREGISTERED nack message from GCM.
But our iOS client app is successfully registered and connected to GCM. It has also received the GCM registration token.
We have android client app.Downstream/upstream messages are working properly for android.
Any help is appreciated to resolve this issue..
GCM Request from the java server:
<message>
<gcm xmlns='google:mobile:data'>{"to":"l9qEErT1AFE:APA91bEjR4R-eETscNQ7Nw-WeqAIzyisDsY79a_EkKhUACXGAzDoYnRyL7Ge6ca9MSfgZ-fGc7NDevTtI7NozOn126CN5AhpbaZDfuZoWFccqF2ibsdKptFGgxbZpIIK5eVK0DILrCsR","delivery_receipt_requested":true,"priority":"high","data":{"toolconfig":"{\n \"ecb\" : \"app.onNotificationGCM\",\n \"action\" : \"ping\",\n \"senderID\" : \"152585324066\"\n}","action":"com.XXX.XXX.XXXX.ECHO"},"notification":{"sound":"default"},"message_id":"1026274672"}</gcm>
</message>
NACK Response from the GCM:
<message>
<gcm xmlns='google:mobile:data'>{"message_type":"nack","from":"l9qEErT1AFE:APA91bEjR4R-eETscNQ7Nw-WeqAIzyisDsY79a_EkKhUACXGAzDoYnRyL7Ge6ca9MSfgZ-fGc7NDevTtI7NozOn126CN5AhpbaZDfuZoWFccqF2ibsdKptFGgxbZpIIK5eVK0DILrCsR","message_id":"1026274672","error":"DEVICE_UNREGISTERED","error_description":""}</gcm>
</message>