I have a Java application which uses Javamail (v.1.5.4) for send and review mails into a POP/SMTP mail server. This application must run in our coporate network, where we have a proxy (f*ck!) that blocks my requests. I have googled possible solutions and Javamail says that we can use SOCKS5:
Q: How do I configure JavaMail to work through my proxy server? [updated!]
A: JavaMail does not currently support accessing mail servers through a web proxy server. One of the major reasons for using a proxy server is to allow HTTP requests from within a corporate network to pass through a corporate firewall. The firewall will typically block most access to the Internet, but will allow requests from the proxy server to pass through. In addition, a mail server inside the corporate network will perform a similar function for email, accepting messages via SMTP and forwarding them to their ultimate destination on the Internet, and accepting incoming messages and sending them to the appropriate internal mail server.
That solution is not valid for me, so I have to look for new alternatives. Some people say that they implements a custom SocketFactory, but I am not sure if that is enough. Someone has tried?
Another possible solution could be use another library, but I don't find anything that could avoid this proxy.
Has anyone treat this problem? How do you solve it?
Summary
Problem: I have to send and read e-mails in a Java application, but my proxy blocks the requests.
What I have tried? Using javamail, I have tried to use SOCKS5 solution, but with no effect.
What I am looking for? A way to avoid this proxy. Someone tells about a custom SocketFactory(but I am not sure if this is valid). I don't find any alternative to Javamail.
Regards!!
Actually JavaMail does support SOCKS proxy, just not authenticated proxies.
That solution is not valid for me
But you don't explain why.
There's another way of configuring Java Mail with SOCKS proxy (even authenticated one) that doesn't involve configuring your own socket factory. There's an open source library called Simple Java Mail (full disclosure: I maintain it), which is really simple to use:
new Mailer(
new ServerConfig("smtp.host.com", 587, "user#host.com", "password"),
TransportStrategy.SMTP_TLS,
new ProxyConfig("socksproxy.host.com", 1080, "proxy user", "proxy password")
).sendMail(email);
However, if your proxy is actually an HTTP proxy, you're out of luck and you will need to resort to something like Corkscrew or connect.
Although it's not a programmatic solution, the cleanest way would be to check if your company has an internal mail server and use that one to send your emails. It doesn't require using SOCKS or proxies, just configuration.
A nice side-effect may be that emails sent in name of your company are also sent by your company. If the mail administrators have set-up SPF records correctly, it greatly reduces the risk of your emails ending up in someone's junk / spam folder.
Using your own mail server is generally the best solution, but if you don't have your own mail server the JavaMail FAQ describes other solutions, such as using Corkscrew or connect to work through your web proxy server.
As per the latest release of Javamail API 1.6.2 , JavaMail supports accessing mail servers through a web proxy server and also authenticating to the proxy server. See my answer here stackoverflow.com/questions/36278073/how-to-let-javamail-support-http-proxy/52855090#52855090
Related
I need something that can intercept HTTP requests, extract their information (content, destination,...), perform various analysing tasks, and finally determine if the request should be dropped or not. Legal requests must than be forwarded to the application.
Basically, same functionalities as an IDS. But mind, I am NOT looking for a packet sniffer/filter. I want something that operates on the HTTP level.
It should be implementable on linux and run on the same system as the application(s) to which the requests are headed.
As a bonus, https could be supported (unencrypted viewing of the request content)
Try mitmproxy.
mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly.
mitmdump is the command-line version of mitmproxy, with the same functionality but without the user interface. Think tcpdump for HTTP.
Features
Intercept HTTP requests and responses and modify them on the fly.
Save complete HTTP conversations for later replay and analysis.
Replay the client-side of an HTTP conversations.
Replay HTTP responses of a previously recorded server.
Reverse proxy mode to forward traffic to a specified server.
Make scripted changes to HTTP traffic using Python.
SSL certificates for interception are generated on the fly.
Screenshot
Example
I setup an example Jekyll Bootstrap app which is listening on port 4000 on my localhost. To intercept it's traffic I'd do the following:
% mitmproxy --mode reverse:http://localhost:4000 -p 4001
Then connect to my mitmproxy on port 4001 from my web browser (http://localhost:4001), resulting in this in mitmproxy:
You can then select any of the GET results to see the header info associated to that GET:
Try using
Burp Proxy, sounds like what you need.
I use Wire Shark for this, if you provide all the server certs it wil even decypt HTTPS.
You should be able to use squid proxy for that (https://en.wikipedia.org/wiki/Squid_(software))
You should learn more about ICAP, then make an ICAP server of your HTTP filtering application.
I ended up using LittleProxy because it is java, fast and lightweight.
It is a originally forward proxy, so I had to adjust it for reverse proxy functionality by forwarding every request to the local host.
I did this simply by editing the HttpRequestHandler. I hardcoded the host and port address.
hostAndPort = "localhost:80";
Why not Apache HTTP Client http://hc.apache.org/httpclient-legacy/tutorial.html
This simple lib is useful.
I am trying to use JavaMail talk to gmail/imap, but could not make it work. I am behind firewall and have the right setting for proxy.
JavaMail does not currently support accessing mail servers through a web proxy server.
Environment: NetBeans 7.0.1, GlassFish 3.1
I want to sniff the communication between a WCF (.NET Framework 4) client and a Metro (2.1.1) web service, and then check the messages to be sure everything is how I want it to be. The web service uses Transport Security (SSL). I already know of Fiddler, but I did not have any success using it; only HTTPS browser traffic was visible. Is there a way to set up Fiddler to capture traffic between my services? Is there any other way?
UPDATE
I tried to start client and server on different machines and then use Fiddler, but no success. I tried Wireshark to capture traffic, but did not have any success running both on localhost. If i tried them on different machines, all I could see was TCP data exchange between the services.
On localhost + Wireshark, the packet counter next to the interfaces remained the same however I was calling the service lots of times.
UPDATE2
Tried to set up the proxy for NetBeans manually in the options, and programatically, but no success:
System.setProperty("http.proxyHost", "localhost");
System.setProperty("http.proxyPort", "8888");
System.setProperty("https.proxyHost", "localhost");
System.setProperty("https.proxyPort", "8888");
Tried to start GlassFish with these JVM options, but no :( :
<jvm-options>-Dhttp.proxyHost=localhost</jvm-options>
<jvm-options>-Dhttp.proxyPort=8888</jvm-options>
<jvm-options>-Dhttps.proxyHost=localhost</jvm-options>
<jvm-options>-Dhttps.proxyPort=8888</jvm-options>
As an alternative to Fiddler, if you control the WCF client, you could enable WCF Message Logging, and it will save all the unencrypted SOAP messages to a trace log. The logging can be enabled in the app.config file, so you don't even have to rebuild the app to enable or disable the logging.
you can setup metro to dump SOAP messages, info here. personally, i use charles proxy to watch soap exchanges. you configure the java proxy using the system properties in your "update2", works very well.
Use http://portswigger.net/burp/
It has a proxy. The proxy can be used for viewing the http traffic. It can also display SSL traffic by generating self signed certificate on the fly. You need to import the generated certificate into the java key store at the jax-ws client. Ensure that you have enabled "Support invisible proxy for non-proxy aware clients"
I often use commview to monitor traffic over the local loopback adapter. One of the few tools allowing traffic capture when both your client and service are on the same computer.
You can download a trail at http://www.tamos.com/products/commview/ and see if it works for you.
May be WebScarab is what you need. There are many manuals for sniffing ssl traffic, for instance that.
One approach I've tried successfully, is to make sure SSLv2 is used (as opposed to SSLv3), and then use Wireshark as described on the SSL page on the Wikishark Wiki, but better on Citrix support page "How to decrypt SSL and TLS traffic using Wireshark ". This works by giving Wireshark the private key of the server's SSL certificate, so that it can decrypt the conversation.
To force SSLv2 in your scenario, it seems sufficient to set -Dhttps.protocols=SSLv2Hello on your server-side JVM, but I googled that together. (See, e.g., the "Why do I get a javax.net.ssl.SSLException" question on the Java 1.4.2 Troubleshooting page, and the part on https.protocols in the JavaTM Secure Socket Extension (JSSE) Reference Guide.) I haven't done this part myself, and I can't seem to find clear documentation on this point.
(P.S. In my case, when I was decrypting .NET-to-.NET SSL traffic, I thought it was the switch back to SSLv2 which made the traffic readable by Wireshark. However, this blog post suggests that I was switching at the same time from a Diffie-Hellman cipher to a non-DH one.)
I've having a slight problem and i'll like you so share you opinion experience on it.I've deployed a jasperserver on tomcat 6 in a environment where anything has to pass through the proxy server to have access to the internet.
i'm wondering about where to put the proxy params and credentials. at tomcat level or at jasperserver level ?I've seen that JavaMail does support retrieving or sending mail through proxy server.Another thing is that i've also seen that all Java Tcp can be configured using the Java Runtime to direct socket connection to the proxy server which can harm performance.
What other options do i have?
thanks for reading this!
I want to send an email without using SMTP protocol. Is that possible to implement using Java? Since, my remote machine does not have access to google, yahoo and other accounts. and even my office mail can not be configured using SMTP server due to some security issues. Is any other way to send an email from remote machine.
The JavaMail section at java.sun.com lists many third party products that plugin to the JavaMail API. Hopefully one of those will fit your needs but I can't be more specific because you don't say what non-SMTP sending options you have open to you.
You could setup Your own SMTP server on remote machine, IMHO, it is better than incorporate it into program directly.
I want to send an email without using
SMTP protocol. Is that possible to
implement using Java?
With Java you can implement any Layer-5 network protocol.
ALL mail servers using SMTP to receive messages. At any time you have to connect with SMTP to the destination mail server.
If you cannot get out from local network to the Internet with some services you will need a proxy or network tunnel to connect the destination.