I know of Domino C API EMs that add signatures via server not client to outbound SMTP emails, so this must be possible.
EM_MAILSENDNOTE can only be used on a client.
Here is another post that is relevant, but I'm not allow to add any content to it !!!
NSFItemAppend doesn't add text
Related
I want to strictly enforce TLS on all inbound/outbound emails from gmail (gsuite basic) for a particular organization/domain. I did read this article:
https://support.google.com/a/answer/2520500?hl=en
It asks to create an address list to setup inbound/outbound rule to enforce TLS. However I want to have TLS enforced irrespective of address and want to enable following behavior:
Outgoing mail: Mail won't be delivered and will bounce. You'll get a non-delivery report (NDR). Only one send attempt is made (no tries again).
Incoming mail: Mail is rejected without any notification to you, although the sender will receive an NDR.
Any suggestions on how this can be accomplished?
You can’t do that, in fact based in this article at point 6.:
https://support.google.com/a/answer/2520500?hl=en
“You must create a domain or address list to enforce TLS compliance for any inbound or outbound messages”
Gmail by default will use TLS, however, if the destination domain can’t establish TLS connection, Gmail will do an insecure connection. However, nowadays all domains are all by default establishing TLS connection and transmitting data over it. It’s rare you will find a domain that doesn’t support TLS connection.
Therefore, first of all, you should know which domains you usually contact that doesn't support TLS connection, and listed in the TLS compliance rules.
The idea of this policy is not making a long list of domains but only a few that customers already know that they don’t support TLS connection hence list them on the TLS.
There is a feature for a higher message encryption but is available for G Suite Enterprise edition: https://support.google.com/a/answer/6374496?hl=en
In fact what it may be a workaround is to Send and receive your email first to an external server that allows you to achieve this.
If this is the case you should Set up:
Set up an inbound mail gateway: https://support.google.com/a/answer/60730?hl=en
Set up an outbound mail gateway: https://support.google.com/a/answer/178333?hl=en
An consider a third party tool as : https://zix.com/products/email-encryption
If you use smtp.gmail.com, you have to specify your mail credentials. To send a mail to a gmail account you need that server right? How is it possible for outsiders to send a mail to a gmail address?
Found it myself:
smtp.gmail.com is a relay server, relay servers only receive mail to redirect it to a so-called mx server, a mx server is a smtp server that is configured to receive mail and directly deliver it (to a user inside) the gmail mx server (they do not require authentication) is: gmail-smtp-in.l.google.com
There are four alternative servers, you can prefix altx. to use one of those e.g. alt3.gmail-smtp-in.l.google.com
The mail program knows where to send the mail by an mx lookup database, so basically a list of #example.org and corresponding mx servers. See mxtoolbox.com for more info
I'm accessing my email address via imap protocol using Java Mail.
The server name I'm using is something like impa.somename.secureserver.net
Dose this mean I'm consuming messages using a secure channel? how can I verify this?
If your program is using the "imaps" protocol, has set the "mail.imap.ssl.enable" property, or has set the "mail.imap.starttls.required" property, then you're using a secure channel.
You can verify what JavaMail thinks it's doing by enabling JavaMail session debugging and examining the debug output. It's possible to configure things so that it looks like it's using a secure channel, but it really isn't, but that's not likely to be done by accident. For complete verification, you'll need to get a packet sniffer.
I'm coding an SMTP Server here and wondering an issue which I don't know how to proceed.
You know that when you using Outlook, ThunderBird or any email client to send email, we need (the most of times) username and password to authenticate with the SMTP Server. In this case, SMTP Server requires an "AUTH LOGIN" before other commands such as MAIL, DATA...
I completed this stub in my project. But I'm wondering about a case, when another SMTP Client send directly to my SMTP Server. I mean our server is the final destination of the email. In this case, the authentication with AUTH LOGIN should not be required.
How can I organize my code for 2 cases above. How does the professional MTA such as Postfix, PowerMTA, Exim organize for these.
I hope you will help me
Most outgoing SMTP servers do one of the following:
1) Require SMTP Authentication
2) Alllow relaying without SMTP Authentication only from clients within a certain IP range
If you are doing neither of the above, then that means that your SMTP server is basically operating as an 'open relay', meaning that spammers can abuse your server to send outgoing spam mail.
Many ISP-hosted SMTP servers do #2 above, to allow their clients (and only their clients) to send mail through their SMTP server - as long as the client is on their network.
Im trying to send an html email with attachment to list of users. Our client also requires the track of undelivered email ids, so we thought of using sp_send_dbmail feature available in SQL server, which has logs for email sent using it. Our client also mandate to DKIM sign the emails. Im not able to find how to DKIM sign the emails sent through sp_send_dbmail.
Please help!..
Normally DKIM signing is a SMTP server business, not SQL. You want to talk to postmaster. There are several steps involved in enabling DKIM signing outgoing email:
Generation of RSA crypto key pair
Publication of public key in DNS (so receiving server is able to verify the signature)
Setting up signing service
Modifying your SMTP server configuration to use this signing service for all or specific outgoing emails
There are third party controls that enable signing from within SQL, but not using sp_send_dbmail. See here for example: http://www.example-code.com/sql/dkim_sendDkimSigned.asp
However they don't eliminate the 1 and 2 above.