Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I want to transfer Full amount of data(All subfolders) from one imap server to another ,
without any data loss.
I'm not sure what you mean by 'PHP Email Migration', as I don't see how PHP fits into the equation.
That said, there are a few MAP migration tools that can accomplish what you are describing. I'm the cofounder of a product called YippieMove that can do this, but there are also other open source alternatives, like imapsync. If you spend some time on Google, you'll find more options.
As vpetersson mentioned, it doesn't quite fit with the PHP part as migrating emails from one Imap to another Imap server can be done so easily with ANY imap client software as well, for examle, microsoft outlook, Mozilla Thunderbird, Apple Mail client and so on.
How can you do it is simple.
If the number of email accounts that you need to migrate are limited, here is the sample workflow for Mozilla Thunderbird and you can follow same process on any other client too.
Make a new Imap account, and name it Source. [make sure you select
IMAP as protocol and NOT POP]
Configure it in a way that it can connect to the current source Imap
server and depending on the volume of your emails in that account
and speed of your net, it may take a while to synch all emails.
Once synch is complete, create a new account for the target server,
name it let say Target and configure it as IMAP too.
Target account will be empty obviously, now simply copy all folders
from Source account to Target account.
Thunderbird will handle all the copy process and also it will upload
all mails to new server automatically(as its the default behavior
for IMAP account)
Once done you will have a complete clone of your email account on both servers.
Alternately if you have to do it in PHP, maybe because you have hundreds of email accounts and going with the above mentioned method is not practical, then follow the below steps.
You can use PHP_Imap library too but if you have a control over your server, I will recommend using PEAR's Net_IMAP library, which has some features missing in php statdard IMAP library.
Write a for loop for all your accounts and for each account
connect to the server
$imapServer = new Net_IMAP($emailHost, 143);
$loggedIn = $imapServer->login($loginName , $password);
if($loggedIn == true){
//code goes here
}
find all folders
$mBoxes = $imapServer->getMailboxes('', 0, true);
for each folder
$mBox = $imapServer->selectMailbox($folderName);
find all messages
$msgsList = $imapServer->getMessagesList();
get rawmessage.
foreach($msgUid){
$fullRawMail = $imapServer->getMessages($msgUid,false);
}
connect to target server
check if target server has the same folder as source, if it doesn't then create a folder
upload raw message to target server [specific folder]. you can use php's imap_append function for that.
imap_append($ImapStream, $folderName, $fullRawMail , "\Seen");
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I joined a Slack team and now I want to play with the bots there. But there seem to be lots of different ways and they all involve some server with API.
Isn't there an easy way to write a script (is that a bot) for end users? I write a file, load it into the slack app and it works?
My first idea (just to try it out) was to respond to certain keywords automatically from my own account.
There are four types of custom Slack integrations:
Incoming webhooks: your code sends an HTTP POST to Slack to post a message
Custom slash commands: Slack sends your code an HTTP POST when someone says /<whatever>
Outgoing webhooks: roughly the same as slash commands, but they can respond to any word at the beginning of a message
Bot users: your code connects to Slack via a WebSocket and sends and receives events
In all of these cases, you need code running somewhere to actually do the work. (In the case of the bot, that code can run anywhere with network connectivity. In the other cases, you'll need a server that's listening on the internet for incoming HTTP/HTTPS requests.)
Slack itself never hosts/runs custom code. I'd say https://beepboophq.com/ is the closest thing to what you're looking for, since they provide hosting specifically for Slack bots.
Another option for things like slash commands is https://www.webscript.io (which I own). E.g., here's the entirety of a slash command running on Webscript that flips a coin:
return {
response_type = 'in_channel',
text = (math.random(2) == 1 and 'Heads!' or 'Tails!')
}
If you want to do something really basic, you may consider this service
https://hook.io/
you can set up a webhook there using the provided url + you token (you can pass it as env variable) and code simple logic
I hope it helps
There are plenty of solutions for that.
You can use premade solutions like:
https://hook.io
https://www.zapier.com
https://www.skriptex.io (disclaimer: that's my app)
Or you can setup a hubot instance, and host it by yourself.
Their API is also good, and you can just create a Slack app, bind it to some commands, and it will interact with one of your servers.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I am currently building a crowdfunding web application with Rails and in order to send registration confirmations, password resets or just newsletters I need a mail service.
Currently I am using a regular Gmail account, is doing so advisable? And to which service should I switch once business gets going?
It's fine as long as you don't have too many mails to send out. Gmail has limits on the amount of mail that you can send and receive.
You can find it here: https://support.google.com/a/answer/166852?hl=en
Other than the limits, there is not much of a problem using Gmail. I can't answer the next part of your question unfortunately as I don't have much of an experience in that area.
I've found using GMail to be fairly reliable. But you do need to be aware of throttling. This probably won't be a problem for your registration confirmations or password resets... but may be someday for your newsletters. I forget the specifics, but if you send out more than about one thousand emails per hour (see link in #Vinay's answer for specifics) they start to get throttled -- which lasts for a period of tiem during which any emails sent simply don't get sent.
Despite GMail's decent reliability, you should consider using a resque, skidekiq, or delayed-job service for the actual sending of the emails. This is jsut a good policy for all external services and GMail is no different, in the end. Using a background job for your mail sender allows you to retry an email send until it works. This helps when either the Gmail SMTP service goes down or when you have a bug in your email sending code.
The question about what service to switch to when you outgrow GMail is very much a matter of opinion. Which is the type of question we try to avoid on Stack Overflow (and the reason why your question has a close vote on it already).
I am a big fan of SendGrid, especially if you are are running on heroku. It is simple to add to a rails app on heroku. https://addons.heroku.com/sendgrid
It will most likely be free when you launch, the free version supports up to 200 emails/day (if you get beyond that, then you are doing well and can afford to pay for it). It also some nice tools that help you identify which emails aren't being delivered and why.
I'm trying to implement a webmail in PHP. I would like to write a PHP CLI script which is run on every email arrival to store some parts of (not all of) incoming email into database for search purposes. Then when the user finished searching and chose an email to show, a connection is made to mail server to retrieve the complete email. In order to implement this scenario I need to make some sort of connection among emails within database and mail server.
Since my knowledge of working with mail servers is limited to Zend Framework's API, what I believe I need in order to retrieve an email from an IMAP server is a message number or a message unique id (this later one seems not to be supported by all mail servers).
To this point, I've managed to find .forward (and some other ways) to introduce my PHP CLI script to MTAs to be run on every email arrival. This way I can store emails to database. But this won't do since message unique id is created by MDA so MTA do not know of it and they can not provide it to me. This means I can not find emails later when I want to retrieve them from mail server.
At last, here's my question: Is there a way to introduce a PHP CLI script to a MDA for emails' arrival? If this is dependent on the mail server, which servers do support this and how? My personal choice would be Dovecot or Courier, but any other mail server would do as well.
This is tricky -- there are many ways on how to setup delivery. Some of them work with the underlying mail store directly, bypassing your IMAP server altogether, while others use e.g. Dovecot's facilities.
Have you considered building on top of the notify plugin which ships with Dovecot?
It seems like it's impossible to introduce such a PHP CLI script to IMAP server (at least I'm sure of Dovecot). Anyway, the work around I found for this problem is to use my own PHP script to insert the new mails into IMAP server and retrieve their id's and then store the id in database for future references. To be clear, email are given to my PHP CLI script by MTA, not MDA. As I said before this is done easily using .forward file.
[UPDATE]
Unfortunately it seems this solution can not be implemented as well. The way to insert a new email to IMAP server is APPEND command, and to have the UID of the recently added mail server must support UIDPLUS extension. Neither Dovecot nor Courier supports this extension at the moment! If they did it seems the server would return the UID with a APPENDUID response.
[UPDATE]
It is my bad since Courier does support UIDPLUS. So this solution is valid and the one I'm going to implement.
My Delphi program has a built-in protection mechanism to check for banned license keys on the Internet and displays a message to the user if a blacklisted key is found.
I'd like to store the blacklisted key in the registry, so if the user tries to re-enter it (and he/she is not connected to the Internet), it's not accepted.
What is the best way to hide an obfuscated entry in the Windows registry?
Thanks!
Edit: You guys have some good answers there, but I feel like I need to expand the question.
This is not mainstream software but a corporate one. Clients pre-pay one year and get a one-year license key for activation. The license key includes a machine ID and can't be used elsewhere.
The problem is that some clients tend not to pay in time or they don't pay at all. Since I don't want to bother with shorter than one year license keys (too much administrative overhead) I need a way to disable their licenses till they pay.
So the app now will connect to the Internet upon launch and check if their key is blacklisted. If it is, I need to disable access. In case they reinstall or block Internet access, I need to know if the key has been blacklisted.
Thus, I'm thinking it would be best to hide it in the registry. My users are not tech-savy enough to use registry tools to monitor the registry, but if I put it under HKLM/Software/MyCompany/MyProgram, some of them might do find it. So I need a place where they can't find it afterwards that it had been created. (Noone will be expecting it!)
Any ideas?
The eaysiest way to hide a key or a value is to create a key/value having '\0' inside of the name. You can do this wth respect of the native functions NtCreateKey (see http://msdn.microsoft.com/en-us/library/ff556468.aspx) NtSetValueKey (see http://msdn.microsoft.com/en-us/library/ff557688.aspx) which use UNICODE_STRING as parameters instead of LPCTSTR. You can read more about usage of native registry API in http://www.codeproject.com/kb/system/NtRegistry.aspx for example. A Delphi code you will find here http://www.delphi3000.com/articles/article_3539.asp.
UPDATED: Because many people read this question I want to add some words to my answer. I want divide the part of the question which we can read also in the title "best place to hide a key in the Windows Registry" from the subject with license keys. Because I read some answers (written before me) which concerned almost only the part of license keys and read practically no answer on the question from the title I wrote me answer.
The subject with license key I find very complex. It depends on the licensing model choosed. It's important how to generate, to distribute (to install) and to verify the key. Is key should be hardware depended or not? It can be one per computer or one per computer group. The key generation, key installation or key verification can be either with respect of some online services (also from the internet) or without there. I can continue... There are a lot of aspects, advantages and disadvantages of different approaches.
So I decide to answer only on the main question from the title which is clear and have a separate interest. All other questions about license key should be discussed in my opinion in the separate question after clearing all requirements.
UPDATED 2 based on the updated question: It seems to me in your case would be better to use some scenario based on cryptographic signing of an activation ticket. For example the schema can looks like following:
You software installed on the client computer will need an activation. Before activation it can not work or work in very restricted form (for example only some menus needed for software activation are enabled).
You write a server component which will be used by client during the activation to generate the license key based of the activation request received from the client.
If a client pay for the software you include the information about the client's "machine ID" (in any form which you want) in the database on the server.
After starting of the activation process from the client software (either at the program start of from menu or in any other way like you want) it collects some information about the computer like computer name ("machine ID"), some serial numbers or some other information about hardware or operation system which can not be changed without a new activation. This information the software send to your server (it is the activation request).
The server verify that the the client with the "machine ID" payed for the software and is not yet activated. Then the server calculate the hash (SHA1, MD5 or some other) from the information send from the client and sign the respond with the server's private key (or servers certificate). The signed ticket server will be send back to the client. This ticket will play the role of licence key.
The server can add any additional information to the ticket before signing. For example it can add the information about the date till one the software should be valid (for example, current day plus one year). So the ticket which will be send back to the client can contain the hash of input activation information and any additional information, all what you want. Important is only that the information should be signed. In general you can include full client's request as clear text in the servers ticket instead of including of the hash, but the usage of the hash a) reduce the ticket size and b) makes the ticket a little more secure.
Every client have public key corresponds to the private key used by server for signing of the activation ticket. The client save the ticket received from the server during activation in any place in registry of in the file system.
Every next time if the client software will be started the software will read the saved activation ticket from the registry (or from the file system). Then the software collect the same information, which are used for generation of the activation ticket, calculate the hash and compare it with the hash from the saved ticket. It verify of cause the signature of the ticket with respect of the public key (or with respect of the server's certificate). Moreover the software can verify any other additional policy information from the ticket like the time till one the ticket is valid.
All written is a roughly schema only, but it is very simple and it is extensible. You need only study how use some simple cryptographic operation and implement there in your software.
As a option you can don't have a server online, but instead of that implement in the software (in menu for example) a possibility to generate the activation request and send it per email for example. Then you can offline (!!!) generate an activation ticket based of the server request and send the ticket back to the client also per email. A simple Reg-file which can be imported by double-click or some other simple import possibility in your software (cut & paste in the activation dialog) can end the process of the software activation.
I don't think that the registry is a good place to hide such info, because anyone can download and use the Process Monitor (http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx) tool and see what your program does with the registry.
And thinking about this again. You will probably make users of your software unhappy if it will leave things in registry and other "secret" places on the user's hard drive. Locations like that are also easily discovered by tools that monitor what system functions your software calls.
As an alternative you could embed the banned keys in your application when you release new versions. This way the banned keys will be hidden in the application making it much harder for crackers to bypass the protection.
The downside of this is that a user can potentially run older version with a banned key with internet access blocked to your site, but if your software is actively developed with new features and bugfixes added, then nobody would want to run older versions. And if you are very paranoid you could release "updates" which update just the embedded banned key list.
But in the end no software protection scheme is perfect. If your software is popular enough there will always be a pirate cracker who will figure out your protection and make a patch or even a key generator.
If you really want to go that way, hash or encrypt the keys and then check the hashed or encrypted user key to those on the registry.
Be sure to check if there's any keys in the registry to be sure if the user didn't erased them.
It will be very challenging to achieve what you're trying to do, since a user can simply uninstall and re-install, and savvy users can wipe all traces of your app from the system (including the registry).
Other apps (like Windows, for example), instead of checking for a negative (banned key), instead check for a positive (good key). You "activate" the software once (when connected online) and this activation stores the "good key", which you can then check for whenever running the software (whether online or offline).
I'd suggest the second approach for you.
Note that there are ordinary end-consumer tools that monitor what applications write to the registry (like Cleansweep). This goes on API call level, so it will probably catch #0 workarounds too.
You could try to encrypt the whole shebang in a registry key, with something that uniquely identifies the machine (like a mac address) and a timestamp, to avoid that people can move the key to other machines. THen always require the presence of such key to startup, and demand to connect to internet for updates/activation if it is not there. (or the timestamp is very old)
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I often connect to my work TFS instance over VPN. Becasue my home computer is not on the domain, I'm forced to enter my userid/password for each tf.exe command. Is there a way to cache or save this locally?
You can definitely do it! I am running off the domain on Windows XP. A coworker of mine just showed me how. Here are the steps:
Open up Control Panel.
Open up User Accounts.
Select Change an Account and then choose your current account.
On the left, under Related Tasks, select Manage my network passwords That will launch the Stored User Names and Passwords dialog.
From here, you click the Add button and type in the full server path of the TFS server (server.abc.xyz), the full username (ABC\username) and password to use for TFS access.
That should do the trick for you. I hate TFS a little less now. ;)
In Win7 with VS2010, I was able to do the following when connected to my VPN,
Go to Control Panel\User Accounts and Family Safety\Credential Manager
Add a Windows credential
Enter your TFS server name (mine was "http://tfs:8080", I entered "tfs")
Enter username qualified with the domain (e.g., mycompany\jdoe)
Exit Control Panel when done, and restart VS2010
Though I can't solve your problem completely, I can make half of it go away (this command is set up to run SSMS, not VS, though you can change it):
%windir%\system32\runas.exe /netonly /user:DOMAIN\UserID "C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\SqlWb.exe"
The "/netonly" switch on RUNAS.exe authenicates it at the destination, meaning that you can give it a username and password that you don't currently have access to the DC for. We use it to run SSMS and login using Integrated Authentication to a SQL Server that sits on a different domain. Even though I can't see to DC for that domain from my computer, this command still allows me to pass my username and password for that domain to that server.
You could set a shortcut to this command and it would only prompt you for your password when you launch VS, which makes this a little easier, as you don't have to type in your Domain\Username every time anymore.
Have you tried setting your username and password to exactly the same as your work environment? I seem to recall that this works for file shares because it passes the hashed credentials along and as long as they match it succeeds.