I'm considering adding email addresses to a marketing web app. Currently users are able to sign up and get a subdomain address that they can choose (theychoose.domain.com). So I'm thinking of also offering theychoose#domain.com for an email address they can use.
I've pretty much decided on sendgrid.com for sending email through the web interface which takes care of a ton of sending headaches. I'd also like to avoid setting up an email server if I could so I'm looking for services that allow me to set up an account and then programmatically create addresses when a user signs up. I want to find a service that will deal with all the spam filtering etc.
Also, this probably makes no difference but it's a Rails app.
One possibility is to use Google Apps Premier Edition. The API description can be found at http://code.google.com/apis/apps/gdata_provisioning_api_v2.0_reference.html.
Keep in mind though, that each user will cost $50/year. However, if you make significantly more than that per registered user, then it may be worth it.
Related
I am creating a service in which services can upload files from different methods.
One of them is by sending the file to a specific email address that is linked to the app.
I have managed to do so with a unique email address that is the same for all the users (generic#mail.com), but I would like that have a different address for every user (like user_specific_email#mail.com).
I am using MailBox on rails.
Do you know if it is possible ? And if so, is it more secured and generates less risks of bottleneck if a lot of mails are processed at the same time ?
Best
Zendesk Support is a world-class site full of useful information. But after searching for, and reading, lots of articles I still have some very basic questions:
We run a travel site that takes bookings. We have a need to organise our emails so that everyone can easily find every email regarding an individual booking, both incoming and outgoing. (And later we would add other channels like chat and WhatsApp).
It seems to me that Zendesk Support would do this job well. But throughout the Zendesk site there only seems to be talk of using Support for problems.
1) I assume that it would also be good for bookings, is that right?
Ok, so we set up Zendesk and start using it. A client then writes to our chosen email address (we will retain and use one of our domain email addresses) and Zendesk Support automatically starts a thread and sends us an email to tell us about the new thread. We then open the Zendesk console, and find the thread.
2) To reply by email to the client we then write a comment in the Zendesk console - is that right?
3) And presumably our email system gets a copy of the comment?
4) What happens to our actual email system? - We will be doing everything in Zendesk, so all the usual maintenance of our email inbox is not being done - marking as read, cancelling stuff, moving to other folders and so on. How do people manage the inbox on the original email server?
Thanks for any help on this.
Zendesk Support is a world-class site full of useful information. But
after searching for, and reading, lots of articles I still have some
very basic questions:
We run a travel site that takes bookings. We have a need to organise
our emails so that everyone can easily find every email regarding an
individual booking, both incoming and outgoing. (And later we would
add other channels like chat and WhatsApp).
It seems to me that Zendesk Support would do this job well. But
throughout the Zendesk site there only seems to be talk of using
Support for problems.
You are correct in that a plurality if not majority of use cases are
for customer contact centers which usually focus on addressing issues
after they arise. At the same time, I know Zendesk is used for a
variety of other use cases including in your space.
1) I assume that it would also be good for bookings, is that right?
Ok, so we set up Zendesk and start using it. A client then writes to
our chosen email address (we will retain and use one of our domain
email addresses) and Zendesk Support automatically starts a thread and
sends us an email to tell us about the new thread. We then open the
Zendesk console, and find the thread.
Yep, that sounds correct. Details on the mechanism for configuring
the Support Address and redirecting messages to Zendesk can be found
here.
2) To reply by email to the client we then write a comment in the Zendesk > console - is that right?
While it is possible to work from an inbox, Yes, the main emphasis is
on working in the Zendesk agent console.
3) And presumably our email system gets a copy of the comment?
I would suggest to check out some of the articles provided by Zendesk
about email. forwarding, SPF, email archiving
4) What happens to our actual email system? - We will be doing
everything in Zendesk, so all the usual maintenance of our email inbox
is not being done - marking as read, cancelling stuff, moving to other
folders and so on. How do people manage the inbox on the original
email server? Thanks for any help on this.
Basically, Zendesk will be used by agents to respond to communications
and guide the interactions, and the email box can be considered as
operational in directing emails as needed. Separately you can
configure email archiving as linked above.
Depending on what system you're using, Gmail has a built in connector
described here, details on Exchange here, or something else here.
What do you want the interaction to look like between it and Zendesk
and what does your current operation look like compared to motivation
for using something like Zendesk?
I am building an application using Ruby on Rails. I want to do something that I am not even sure is possible;
I have a mailer that is working, however I want to enable users to send emails using their own email address in the FROM parameter. Its almost as if the ":from" parameter has no effect on the email sent.
I'm a bit of a noob when dealing with email servers so please be as detailed as possible. I doubt there is a smtp mail server set up on my hosting account, so if I need to do something like install smtp on my hosting account please be as descriptive as possible.
You are able to set the From: field to whatever you want, theoretically, but in practice you are often limited as to what you can put in there. Many email providers will automatically replace the From address with your own regardless so that you can't masquerade as someone else.
You're probably intending to do something like this:
From: Example Customer Name <name#example.com>
Also keep in mind that sending email from arbitrary domains will result in a very high chance of being flagged as spam since you are most likely not listed as as a host authorized to send for those domains which is typically implemented with SPF.
The best practice is to set the address to be something like this:
From: Example Customer Name <you#yourdomain.name>
That way you're not spoofing your actual email address, only the associated label, which is not typically verified.
I have a web app that requires a user to have an account. This user can then vote 'once' on a specific item. However, some users are signing up for lots of accounts to 'game' the system.
Does anyone have any ideas how you can restrict this type of thing?
Could I restrict number of signups per day per IP address? (what are problems with this?)
Any other suggestions???
You would do yourself one better by restricting the sign-ups to just a single IP address per user. This may not be good if you plan on having families all living under the same roof to have their own accounts, but in most cases this is practical.
Yes, restricting signups per IP is reasonable. I'd probably go with signups per rolling time period (say, a maximum of one new account in any one-hour period per IP). You might also flag suspicious signups (say, more than five per day per IP) for later followup.
You might also restrict users from voting until they've passed some hurdle, similar to SO's reputation system. Prevent poll voting until they've been a user for a week, have posted at least twice, have one friend request, etc.
I remember when I ran a online RPG I flagged when more than 5 or so accounts logged in with the same IP in the same day.
People mention the NAT issue. Read the header x-forwarded-for and compare that to the standard ip address.
If x-forwarded-for is present use this value. Most properly configured NAT routers will populate this field. The only ones that do not are typically anonymous proxies.
If you really are worried about people gaming the system, using a flash bit that uses sockets to connect, and provide say, session id, to the socket listener. You can then compare that with the ip address and x-forwarded for. If it does not match, they are behind an anonymous proxy. You could feel safe to not allow them to create accounts.
This works because most anonymous proxies out there aren't full Socks proxies where all network traffic goes through it, just HTTP. This worked very well for me in the past where we had a contest with voting and folks were using anonymous proxies to game the system.
Instead of limiting by account, you could set up limitations by email address. If users need to provide their email address, you already create one hurdle for them. Make sure they have to respond to a confirmation email to make sure the email address is real. Also keep track of email address and IP address, marking any count as suspicious where a single IP address has e.g. 5 or more email addresses. (In which case you could check those addresses to see if they are somehow related, like all from the same domain or similar names.)
Sure, people can create dozens of email addresses using GMail or Hotmail or even if they have their own private domain. But for many people this is already a bit too much. Basically, if you see 5 email addresses from gmail.com with the same IP address, it's suspicious.
One potential problem is if your users are behind a NAT such as a home router, ISP proxy, or corporate firewall. You will see the same IP for all of them.
Instead of blocking people I would simply record their IPs, create a report of duplicate IPs that you can run periodically to investigate suspicious activity.
In addition you can take a social approach, post the user's IP somewhere. This will provide a gentle warning and disincentive to people who fake accounts, as well as allow your community of users to potentially identify fakers.
I would recommend implementing a different authentication mechanism such as OpenID, or are Alex said, force the users to specify a valid email and send them confirmation links via email before accounts get created.
My preference is OpenID for sure.
When a user completes an order at my online store, he gets an email confirmation.
Currently we're sending this email via Gmail (which we chose over sendmail for greater portability) after we authorize the user's credit card and before we show him a confirmation message (i.e., synchronously).
It's working fine in development, but I'm wondering if this will cause a problem in production. Will it require making the user wait too long? Will many simultaneous Gmail connections get us in trouble? Any other general caveats?
If sending the emails synchronously will be a problem, could someone recommend an asynchronous solution (is ar_mailer any good?)
The main issue I can think of is that Gmail limits the amount of email you can send daily, so if you get too many orders a day it might break.
As they say :
"In an effort to fight spam and
prevent abuse, Google will temporarily
disable your account if you send a
message to more than 500 recipients or
if you send a large number of
undeliverable messages. If you use a
POP or IMAP client (Microsoft Outlook
or Apple Mail, e.g.), you may only
send a message to 100 people at a
time. Your account should be
re-enabled within 24 hours. "
http://mail.google.com/support/bin/answer.py?hl=en&answer=22839
I would recommend using sendmail on your server in order to have greater control over what's going on and don't depend on another service, especially when sendmail is not really complicated to set up.
The internet is not as resilient as some people would have you believe, the link between you and GMail will break at some point or GMail will go offline causing the user to think that they have not paid sucessfully.
I would put some other queue in place, sendmail sounds acceptable and you can't create your site now for where it 'might' be hosted in the future.
Ryan
If the server waits for the email to be sent before giving the user any feedback, were there problems connecting to the mailserver (timeouts, server down etc) the user request would timeout too and he wouldn't be told anything about the status of his order, so I believe you should really do this asynchronously.
Also, you should check whether doing that is even allowed by GMail's TOS. If that's not the case, you may check if that's allowed if you purchase one of their subscriptions. Also, there's surely a limit to the number of outgoing emails you may send within a given timeframe so if you're expecting your online store to be successful, you may hit that limit and bump into some nasty issue. If you're not self-hosting the site, you should check whether your host offers email servers (several plans include them for free) as then using your host's ISP would be the most obvious choice.
FACT: Gmail crashes. Not often, but it happens, and you can't control it or test it.
The simplest quick-fix is to start a separate thread or fork a subprocess to send the email. Yes, there likely will arise problems from using Gmail, and I really have no input on that vs. the alternatives. But from a design perspective, there's just no reason to make the user wait for that process to complete.
From a testing perspective, this might be where a proxy pattern might come in handy. It might be easy for you to directly invoke Gmail to send a message. Make it harder. Put in a proxy object that does the mailing for you that you can turn off (because heaven knows you can't for testing purposes make Gmail crash). Just make your team follow what happens in the event of an email malfunction by turning off the proxy and trying to complete an order. If you are doing it synchronously, then all the plagues mentioned here by other posters will rear their heads. If you are doing it asynchronously, you should be able to allow it to fail silently (from the user's perspective--from your perspective there should be enormous logging statements and text messages in the middle of the night and possibly a mild electric current arcing across the surface of someone's skin).