I am using mailapi.jar to sene mail.i am using gmail smtp details.i am setting authentication for that session.
i also setting from address in setfrom() method.
i can receive mail..but that from address was wrong .
for Example.
I am setting from address like from#gmail.com
To address like to#gmail.com
i can receive the mail in to#gmail.com id.
But the from address is my authentication id.not the from#gmail.com
that may be enforced by the mail server. decent mail servers don't generally let you impersonate anyone you like.
Related
I know that Kerberos does not work with IP adresses, it relies on domain names and correct DNS entries only.
But I found that old versions of overthere library allows to use IP address with Kerberos authentication.
I extracted code from overthere and created small java project that demonstrates that https://github.com/igolikov/KerberosWithIP
It uses Apache HttpClient to send WSMan request to hyper-v host.
I also found that it works with httpclient 4.3.3 and it doesn't work with httpclient 4.4.1
How it is possible that it works with IP?
UPD1. I suppose that httpclient or something in sun.security may use revers DNS lookup. I tried to intercept traffic with Wireshark, and found 1 Revers DNS lookup (in-addr.arpa), but it responded with "No such host" because default DNS server cannot do revers DNS for this IP.
UPD2. Here is server configuration
There are SPNs for host name and for IP address
SPN( 1 ) = WSMAN/10.10.64.60 1+=1
SPN( 1 ) = HOST/somehost.corp.org.com 1+=1
SPN( 1 ) = HOST/somehost 1+=1
Kerberos can work without DNS just fine, the problem DNS solves is both sides of the connection agreeing on the same service principal to use. If I use the kerberos API to fix that principal to standard one, then as long as the server side has that prinicpal in it's keytab it will continue to work.
I.E. you have to know the kerberos principal that the service you are connecting to uses before you can connnect. Most service principals are of the form
service/dns.name.of.host
But the service principal can be anything as long as the client software knows what to use "somehow".
I have setup mail server mail.example.com at smtp. Trying to send email with that, and the mail server send the mail correctly.
But if the email bounces, I want them to read at another email address, thats one gmail address. So for that i have tried doing this
SMTPMessage sMTPMessage = new SMTPMessage(mailSession);
sMTPMessage.setRecipient(Message.RecipientType.TO, new InternetAddress(to));
sMTPMessage.setFrom(new InternetAddress(from));
sMTPMessage.setSubject(subject);
sMTPMessage.setContent(body, contentType);
sMTPMessage.setEnvelopeFrom(bounceAddr);
SMTPTransport smtpTrans = new SMTPTransport(mailSession, new URLName("smtp", smtpServer, port, null, userid, password));
smtpTrans.connect();
smtpTrans.sendMessage(sMTPMessage, sMTPMessage.getAllRecipients());
System.out.println("transport "+smtpTrans.getReportSuccess());
smtpTrans.close();
But it didn't worked. and so I am not getting the bounce email information. Also I tried by setting mail.smtp.from property that also didn't worked.
Also I saw this
props.put("smtp.mail.from", bounceAddr);
But the from email address is not at the mail server, its on my gmail address. So is there any issue with from address domain ?
If you're using properties, make sure you don't have a typo in the property name, as you do above.
You can make sure that JavaMail is using the envelope From address that you specify by turning on JavaMail session debugging and looking for the MAIL command in the SMTP protocol in the debug output.
But the real problem is likely one of:
Not all mail servers honor this information, even though they
should.
One of the mail servers starting with your mail server and through to the destination mail server may not have forwarded this information as it forwarded your message, thus leaving the mail server that detects the problem without the information to return the error message to the proper place.
Your mail server may not be honoring this information because it's not an email address in the domain managed by your mail server.
Some of these problems may be fixable by checking the configuration and behavior of your mail server. But in the end you simply can't rely on always getting an error message back when you send to an invalid address.
You can find more information in the JavaMail FAQ.
To obtain the client IP address in my ASP.NET application I've used the X-Forwarded-For, and get the first IP address from the list (accordingly to the information I've found, there is a client, proxy1, proxy2..). But I've heard recently that it is better to get this information from X-Forwarded-IP header because the client IP address in X-Forwarded-For can be modified by proxy, what is the difference, and which one address should I use?
X-Forwarded-For is the conventional way of identifying the originating IP address of the user connecting to the web server coming from either a HTTP proxy, load balancer.
X-Forwarded-IP is the conventional way of identifying the originating IP address of the user connecting to the email server through an HTTP mail service.
X-Forwarded-For is a non-standard header, introduced originally by Squid. It is a proxy- specific header, that helps a server identify the original requestor of a call that did pass-through the proxy - so obviously any proxy on the request path should/will modify X-Forwarded-For. Without proxy on the request path, this header shouldn't even be in the request.
Because this header is non-standard, there is no guarantee you'll get it, and the way it is handled can differ on the proxy implementation. You have no guarantee either that it will contain a proper IP.
Since 2014, the IETF has approved a standard header definition for proxy, called "Forwarded", documented here https://www.rfc-editor.org/rfc/rfc7239 that should be use instead of X-Forwarded headers. This is the one you should use reliably to get originating IP in case your request is handled by a proxy.
In general, the proxy headers (Forwarded or X-Forwarded-For) are the right way to get your client IP only when you are sure they come to you via a proxy. If there is no proxy header or no usable value in, you should default to the REMOTE_ADDR server variable.
My program will use (http) proxy to send out http requests. And the proxy address is known to the program. But the program also want to get the current IP address while behind proxy. What is the best way to retrieve that?
The only way you could do that would to have your program explicitly send its IP address to the server encoded in the request URL, a custom request header, or in the request body.
If the proxy is under your control, you could configure it to add your client's IP address to the request. (It may already do this; e.g. "x-forwarded-for")
The other problem (in general) is that the IP address of your machine could well be a private IP address. It is not guaranteed that the IP will be addressable by the server. Or if the server is using it to identify the client, then there is no guarantee the IP will be unique ... or reliable; e.g. not spoofed in some way.
There is one alternative though. If you configure your server and client correctly, the server can rely on an SSL client certificate to establish the identity of the client. But this requires a few things:
The user's firewall must allow HTTPS connections.
The client application (or user's browser) must have a client certificate in its keystore.
The server must be able to trust the client certificate and know what identity it establishes (a person? a machine?)
The client application must know to send the certificate when establishing the HTTPS connection.
There are also security issues with sending SSL/TLS through a proxy. There is the potential for "man in the middle" attacks if the proxy can't be trusted.
All in all, this is a "difficult" approach.
You could query What is my ip address?, or any of the other websites that can tell you (e.g. google what is my ip address).
do like this
String ipAddress = request.getHeader("X-FORWARDED-FOR");
if (ipAddress == null) {
ipAddress = request.getRemoteAddr();
}
System.out.println("ipAddress:" + ipAddress);
I have a Java app that sends email via Apache Commons Email. The app works just find on my development environment, but when I deploy it to the server, I'm getting an error that Commons couldn't connect to the email server.
org.apache.commons.mail.EmailException: Sending the email to the following failed : 255.255.255.255 :587
...Error authenticating with server.
Just to be sure this wasn't my configuration, I've tried on 2 different email providers, 1) Our email company email provider 2) Gmail. Both work on my dev and both fail with the same message on the server.
I've tried several ports and IP combinations. I've turned SSL on and off. I've checked with our email provider. I'm left with a configuration of either the server or the network.
I work remotely so I'm not on the same network as our servers, but I the app works for me even if I am on VPN.
I've used telnet from within the server and I can connect to the email provider on the proper port.
Does anyone have anything else I can try?
Thanks.
Edit
The error I'm getting is an authentication error. Could there be a security setting to prevent the credentials from being passed?
Still sounds like a permission problem. Ports below 1024 are restricted. Start your app with sudo permission.
It appears I was missing 1 line of code.
Assume "email" is my mail object...
email.setSSL(true);
All is working now. I'm not sure why it wasn't working before.