I have a requirement where I intend to build a tool to scan the email contents including the attachments. The email servers is either going to be SendMail or z/OS Communication Server, both support SMTP. The sever is not Miscrosoft implementation so MAPI or Outlook API is not there into picture. The tool would be Java based code and basically need to look for contents that are not-permitted based on some rules. What are my options here? There is the possibility of using a proxy server but we are looking for a more direct approach.
The z/OS Communication Server SMTP implementation has a built-in "exit" capability - see http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/F1A1B4B0/30.3?DT=20110609204120#HDRWQ1299.
The exit is called for just about any SMTP activity and it can examine, change or reject just about anything based on the rules you establish. It is generally written in IBM Assembler Language, but there's no reason you couldn't have a thin assembler layer that passes data to a Java app using whatever protocol you like (say, a pipe or a socket).
There are many little details to handle, such as character encoding (EBCDIC vs. ASCII or UTF-8, for example) plus weeding out attachments from email content. But using the exit preserves all the z/OS specific features of IBM's SMPT server without trying to recreate any of that yourself.
Good luck!
Related
In Java, I am building a stand alone web service client that manipulates records in a cloud based CRM by using its SOAP API. I generated my classes using the wsimport utility with WSDLs that all have addresses prefixed with https in the port binding section of the WSDL. Is Java handling behind the scenes all the wire-level security simply because the address is https? If so, how can I confirm that the SOAP message is being encrypted? My code does work, and I have not needed to worry about security until now, because I am developing in a staging environment with temporary passwords.
Thank you for your help!
Putting https in the URL will almost always do the trick. Even if your code is not capable of https, the webserver at the other end will almost never allow you to talk in HTTP when using the HTTPS port. At least, I've never seen one that does.
It's not a 100% guarantee that you'd bet your business on, but it is close.
If the code you write works on any website that does require https, you are the rest of the way there in terms of assurances.
You can confirm the traffic is encrypted by running a traffic analyzer aka packet sniffer.
It's a pretty common thing to have to send mails from your app and in most cases it's a real pain in the ... you know where.
So what I'm doing is taking Apache Commons Email (which is based on top of the "official" java mail api) and I'm sending out email in the most simple way there is, i.e. without authenticating to a smtp server. I just do a simple MX lookup on the destination hostname, get the MX servers and try to drop my message at the first one (whether the mail gets rejected or not is a completely different issue and I might sometime soon ask a further question about the whole mess up with return-path: vs. from: vs. reply-to: and the way these headers are (not) handled in java). Back to business... So I've just tried to drop my Message at the mail server with the least preference score.
Here is an example: I want to write to recipient#domain.com. The MX Lookup tells me that domain.com is aware of two MX servers and these are e.g. mail1.domain.com with preference 10 and mail2.domain.com with preference 20. The rfc way to do things is to go to the server with the least preference and drop the mail there. So that's what I do.
And finally my problem: What happens if that server is not available in some way or another? It's pretty simple - I go to the other server, but Apache Commons (and I suspect java mail api) doesn't allow me to do just that. The mail.smtp.host variable is rooted inside the props of the session in the message in the email. And I cannot get at it.
So what's the best way to handle this problem? Should I build my Email completely from the top with the new hostname (mail2), or is there some clever way to make this all work in java without much pain?
It sounds if you are trying to implement a partial mail server, not just merely sending an e-mail. Routing, relaying, caching and delivery retrials are operations implemented and offered by all mail servers and not usually done by mail clients.
What you should do is either use an (one!) existing mail server, which is configured for you to allow relaying outbound mails or if you don't have access to such a server (which I doubt), setup and operate your own server. You then configure this server in mail.smtp.host and forget all you've learned about DNS lookups, server priorities and your worries about what to do if none of the MX servers are reachable.
Is anyone aware of a way to retrieve and send mails by talking directly to the GroupWise server.
I want to be able to retrieve mail using Java if possible.
I wrote a Outlook Plug-In that retrieved mail out of GroupWise via the Groupwise Outloop Plug-in (If that makes sense).
Then dropped the message in a directory where I retrieved it with a Java App.
The problem is that I cannot add more than one GroupWise account in Outlook and need to.
I had a look at this question, but would like to know if there is a Java API
that will allow me to retrieve/send mail from the GroupWise server in a JavaMail like manner.
Thanks.
GroupWise allows mails to be retrieved using IMAP and POP3 which are standard supported by JavaMail. (And outlook too for that matter)
Sending mail should also be possible using smtp.
If it is for plain email I prefer to use these basic proptocols like smtp, pop3 and imap because they work almost everywhere, anytime and on any platform. They are less feature rich than the proprietary protocols, but that point is often not very relevant since many of these features are only meaningful for a subset of the mailclients out there.
I'm embarrased of how I'm unaware of SMTP / POP3 / IMAP protocols,
as much as I thought I know HTTP and TCP/IP it apears that I took email as granted, and never had to write any piece of code that will do other than sending an email via an existing SMTP server.
My task is to write an incomming email channel and I would like to hear what is the basic aproach
What I need is the ability to listen to a specific email address, and capture the body, subject and attachment of that email for further processing.
I understand you want to programatically recieve mail...use subethasmtp (much lighter and easier than james etc, works very well.
If you want your server to receive e-mails, it's an SMTP server that you need.
(You'll also need to make sure that the e-mail address is set up to be sent to that server, via the MX entry in the DNS.)
Note that, depending on how you want to install this service, you might not need to write an SMTP server yourself (or even use a library). Existing SMTP servers are often capable of delegating the processing of an e-mail to external applications.
You could use somelike Postfix and configure it to use pipe for that address, to send the e-mail to process to the program of your choice (including one that you develop yourself). I'm fairly sure Exim, Sendmail and other MTAs have similar features.
With this sort of configuration, your application would usually need to be able to read the e-mail from the standard input (and have the ability to split/process headers and body), but that's usually much simpler that writing an MTA/SMTP server.
If you really want tighter integration with the MTA, perhaps this could be a good starting point (I've never tried it): http://james.apache.org/
An SMTP server is usually how you'd refer to an outbound mail server; it sends mail.
POP and IMAP allow you to connect to a mail server, to read the mail that's already been received.
You need the receiving/server side of SMTP, and you might benefit from reading up on MTA; mail transfer agent.
You might also be interested in reading about SMTP proxies; so, sent mail would go through your server - and could be filtered/listened to, I suppose - and then get sent further to it's actual recipient.
Use the JavaMail API
My program needs to download object definitions (basically xml files, maybe binary files) on demand via the net. The program will request objects from my server during runtime. The only thing the program has to send the server is a string that identifies the object it needs (e.g. RedCubeIn3DSpace23). So a basic Key, Value system. My app also has to have some basic authentication mechanism to make sure only legitimate programs access my server’s info. Maybe send the license number and a password.
What is the best way to go about implementing this? I have 0 web knowledge so I'm not sure exactly what technologies I need. I have implemented socket programs in college so maybe that is what I need? Are there frameworks for this type of thing? There could be thousands of users/clients simultaneously; maybe more but I don’t know.
One super important requirement is that I need security to be flawless on the server side. That is, I can't have some hacker replacing object definitions with malicious one that clients download. That would be disastrous.
My first thoughts:
-Set up an ftp server and have each xml file will be named by the key value. Program logs in with its product_id and fixed password and just does downloads. If I use a good ftp server, that is pretty impervious to a hacker modifying definitions. Drawback is that it's very non expandable nor flexible.
-RESTful type system. I just learned about this when searching stackoverflow. I can make categories of objects using URL but how do I do authentication and other actions. Might be hard to program but is this a better approach? Is there a prebuilt library for this?
-Sockets using Java/C#. Java/C# would protect me from overflow attacks and then it is just a matter of spawning a thread on each connection and setting up simple messaging protocol and file transfers.
-SOAP. Just learned about it while searching. Don't know much.
-EC2. I think it (and other?) cloud services add a db layer over it.
That's what I can come up with, what do you think given my requirements? I just need a little guidance.
HTTP seems a better fit than ftp, since you only want to download stuff. That is, you would set up a web server (e.g. Apache), configure it for whatever authentication scheme you need, and have it serve that content.
SOAP is clearly overkill for this, and using raw sockets would be reinventing the wheel (i.e. a web server).
I'd do security on the socket level, using HTTPS. That way, the client will verify the identity of the server prior when establishing the connection, and nobody can intercept the password sent to the server. Again, a decent webserver will support this out-of-the-box, you just need to configure it properly.