I'm adding a tracking pixel at then end of the emails I send via Gmail:
<img src="http://myserver.com/test/1pixelimage.png?id=track_emailSentToBob" />
and then I have a script on my server which sends me a notification via email when Apache sees 1pixelimage.png?id=track_* in the logs. It works perfectly.
Problem: I receive a notification each time I open my own email in Gmail's Sent folder.
I've thought about:
filter by IP: not working because I often Gmail on phone, which has a dynamic IP, changing very often.
filter by UserAgent (that I could customize, e.g. I could set user agent = blabla, and send me notifications only if user agent is NOT blabla): this would require that I install a UserAgent modifier extension on all my browsers (not possible on phone), so this is not a solution.
anyway, when opening an email in Gmail, Gmail caches the images, so the request would not be done by my own browser but by Gmail's image caching server
How would you filter out your own visits of the tracking pixel image?
Note: I don't want to use a third-party app that requires "Send, write, manage your emails" permissions on Gmail.
Do it the way you prevent tracking pixels from others, too. Disable HTML-Mail in your mail programs and adblock tracking pixels in your browser for webmail.
If the gmail app does not allow this, get another e-mail app. Loading content linked in a e-mail is a bad idea anyway. If you want an easy example, then think of read receipts for spammers ...
On the other hand: Why do you want to track others? They will be as annoyed as you, because they like their privacy as well.
Related
I came across a newsletter in which they have a WhatsApp link and when i click on it i am able send predefined message to predefined number.
SEND INQUIRY VIA WHATSAPP button is linked to below for example
https://whatsapp://send?phone=XXXXXXXX&text=Hi%2C%20this%20is%20test%20message.
Can i use this link in my newsletter without any restriction as i have a database of 2000 subscribers...
or i have to use some sort of verified mechanism using API so that whatsapp is not abused.
This link seems to be vulnerable and can be used for spam or its fine to use it
your URL is basically mal-formed.
The whatsapp:// is a kind-of protocol for transmitting information, and what you can do is to add it to a webpage as a link, so the visitor, upon clicking on that link from their phone, can access directly to Whatsapp.
Remember the oldie-goldie mailto:// which allow visitors to directly open the mail client they have on their computer, and pre-fill some email fields? This is the same.
Here is a really simple code-pen showing how can this be achieved.
Be sure to visit the codepen from your mobile:
https://codepen.io/diereysaa/pen/QWbjXGW
Replying to your specific question, there's no limitation on the use of this, since the executor will be each one of your subscribers, not your webserver. The only limitation will be your own phone, because if all of those 2,000 subscribers reply using the whatsapp link... you'll get 2,000 messages :D
I am using AWS Cognito to verif users' emails by sending verification links to users' email. After users click the links, a default confirm message "Your registration has been confirmed!" is shown. Is there a way to customize this message?
Thank you!
Currently (late June 2018) this still appears to be not supported. It is a pain because users should be redirected to the app in question after confirming their account, but currently they must navigate themselves.
There is a proposed workaround (essentially customizing the confirmation e-mail to send the user to your own API that performs the confirmation in a lambda), but I have not tried it. There does appear to be demand for this and AWS is aware of it as a feature request. I've seen them adding more customization abilities to the Cognito console recently, so keep checking there for updates.
If you're using the Cognito-hosted pages, you only get what you get which is going to vary depending upon when you're reading this message. Here in late 2019, the Cognito-hosted page redirects successful logins and confirmations (of phone/email) to whatever you specified as the redirect URL.
My issue is similar. After the user signs up, I want to customize the CSS of the confirmation page which doesn't appear possible. The confirmation page isn't great because it means that if the user closes the confirmation code entry tab before entering it, then their email is in the system but unconfirmed. And there's no way to confirm it. It's stuck. I'd like to have giant red letters that say "DO NOT CLOSE THIS CONFIRMATION TAB. CHECK YOUR EMAIL FIRST!" but there doesn't appear to be any way to do this at present.
The solution to any of these "how do I customize X of the Cognito-hosted flow" is either (a) look in the available UI customizations or (b) if they aren't available, change to an entirely hosted flow (still Cognito... just using your own pages and URLs).
I am currently trying to figure out how to send an email behind the scenes. Basically, I don't want an MFMailComposeViewController popping up making me press the send button. All the fields are pre-populated so there is no need to type anything out. Is this possible? Will I have to use another framework?
Thanks
You'll have to use your own mail server (or ask the user for credentials for their own, which you probably don't want to do). The iOS SDK intentionally doesn't allow you to send an email on behalf of the user with no user interface; making the user press "Send" is the whole idea so that they are never surprised.
Apps that push email out automatically either do so from their own servers, or integrate with a server framework like Mailgun, or Parse, or etc, that offer this feature.
I've done that in one of my apps using Mailgun, which is a hosted email web service.
we have a use-case wherein a notification email is sent out in response to some postings on forum. This notification emails carry a AHREF link which basically allows to launch the post page from the email itself. Additionally, these links carry an authentication token so that the user don't have to sign in when opening the page. This works fine in the normal use case, but in the scenario when the original recipient forwards the email to some other account we are not sure how we identify that the link is opened from forwarded email address. Can somebody provide some insight ?
There is principally no way for you to detect that a link was clicked in an email that was forwarded vs. an email that you sent directly to someone.
Do not put an authentication bypass in the link if the need to secure your content outweighs the need for user friendliness.
You can weigh allowing the user, once they log in, to set a persistent authentication cookie in the browser they logged in from. That way, if they click a link in an email and that cookie is set, they can get directly into the website. StackOverflow.com works that way, which is convenient and the downside risk is not too great. Fortunately my bank does not work that way. The potential for loss is much greater with home banking.
I use a backup app to backup SMS text messages to my GMail account registered on my HTC Desire Z Android 2.3 phone.
The app requests access to the gmail account. But what does this actually mean? Does it mean:
the application has write-only access to the gmail - i.e. can insert emails but not delete or adjust other existing emails (does the Android API provide for that?)
the application has full access to the email, and could potentially delete emails if there was a bug
First off: this question doesn't seem to belong on Stackoverflow. This site is for asking specific questions about coding problems, not about how some code in some program based on some SDK on some device may or may not work.
If an application can access your Gmail account, as far as I know, this means full control, including deletion.
That doesn't have to mean there is actual code in the program that even tries to delete something, but I guess you're right: coding bugs could probably delete your email.
But that goes for a lot of applications: you trust the developer to test extensively before you rely on him/ her to handle your photos, email, passwords etc with care right? :)