Home » Posts tagged "mail" (Page 3)

交大的 Single Sign On 系統

Facebook 上看到這個消息:「交通大學 OAuth 平台上線!」,由於 D2 E-mail 系統上沒什麼資料,主要賣點還是 Single Sign On 的部份。

當初想要做 OpenID 的 SSO (當年已經有 OpenID 1.0),跟 cschen 申請了 sso.nctu.edu.tw (還掛在 ccreader 上呢),但後來還是沒實做出來 (也忘了是什麼原因),過了快十年總算有人跟計中合作跳下來做了 XD

SSO 很多人都能做 (像是透過 POP3S 或是 IMAPS 認證,甚至透過網頁登入確認),但只有帶著官方名義做才有意義 (也就是本來就碰的到密碼的人來管理),這次唯一可惜的是還沒有讓系統完全自動化... (i.e. 自由申請)

Mutt 1.7.0!

Mutt 最近更新的好快啊 XDDD (相較於富奸的速度):「mutt 1.7.0 released」。看一下官網上這一波的更新記錄:

  • Mutt 1.7.0 was released on August 18, 2016. This release has several new features. Please see the UPDATING file for details.
  • Mutt 1.6.2 was released on July 6, 2016. This is a bug-fix release, fixing two issues found with 1.6.1.
  • Mutt 1.6.1 was released on May 1, 2016. This is a bug-fix release, fixing three issues found with 1.6.0.
  • Mutt 1.6.0 was released on April 4, 2016. This stable release has an enormous number of changes compared to the 1.4 series. Please review the changes file for an overview of changes since the 1.4 series, or the UPDATING file for a more detailed breakdown by each previous development release.
  • Mutt 1.4.2.3 was released on June 9, 2007. This release fixes CVE-2007-2683 (gecos overflow) and CVE-2007-1558 (APOP MD5 collision attack).
  • Mutt 1.4.2.2 was released on July 14, 2006. This release fixes CVE-2006-3242, a buffer overflow that could be triggered by a malicious IMAP server.

2016 開始更新的速度快好多... XD

自建 Mail System 的難度

Hacker News 上的「Ask HN: Is it possible to run your own mail server for personal use?」這篇道出了現在自建 mail system 的難度。作者遇到信件常常被各大 mail 服務歸類成 spam:

The problem is making sure my mail is not marked as spam by the major MTAs out there, gmail and hotmail both mark my mails as spam.

整理一下現在自己建 mail system 要做到哪些事情:

  • 確認 IP (包括 IPv4/IPv6) 沒有列入任何 Open Relay 清單中。
  • 確認 IP 的反解可以查出對應的正解。
  • 確認 SPF 設定。
  • 確認送出去的信件有 DKIM 簽名,而且 DNS 也有設上對應的設定。
  • 確認 TLS 的發送與接收都正常。
  • 確認 DMARC 機制正確運作。

如同「Exercising Software Freedom in the Global Email System」這邊講的,現在要自己搞 mail system 超累...

MediaWiki 的 EmailDiff 套件

先前 MediaWiki 所提供的「變更通知」都只有在信件裡「通知」,而沒有在信件裡列出「改變的內容」,這使得讀信的人要再點進去看... (於是就懶的點了)

而前陣子看到有人寫了 extension 來輸出 diff,解決了這個問題:「MediaWiki extension EmailDiff: notification emails improved」。

信裡變成有這樣的內容:

Version differences:
@@ -846,5 +887,3 @@
 In cattle, temperament can affect production traits such as carcass and meat 
 quality or milk yield as well as affecting the animal's overall health and 
-reproduction. Cattle temperament is defined as "the consistent behavioral and physiological 
-difference observed between individuals in response to a stressor or environmental 
+reproduction. If you succeed in tipping a cow only partway, such that only one 
+of its feet is still on the ground, you have created lean beef. Such a feat is 
+well done. Naturally, being outside, the cow is unstable. When it falls over, 
+it becomes ground beef. Cattle temperament is defined as "the consistent behavioral 
+and physiological difference observed between individuals in response to a stressor or environmental 
 challenge and is used to describe the relatively stable difference in the behavioral 
 predisposition of an animal, which can be related to psychobiological mechanisms.

這樣可讀性高非常多,來找人裝看看好了...

追蹤開信的能力

追蹤開信的能力是廣告信經常會用到的能力,為了要看「成效」而要追蹤開信率之類的數字。

在「Email Privacy Tester」這邊看到有趣的工具,介紹了「Email Privacy Tester」這個網站可以拿來測試各種 mail client 上可被追蹤的功能。

依照作者測試,Gmail 完美的擋下目前所有追蹤技巧:

Apple Mail 還很慘,有一堆方式可以被追蹤開信:

不知道其他家 (像是 Yahoo) 的情況...

Gmail 將會提示沒有支援 STARTTLS 的信箱

Gmail 界面將會提示不支援 STARTTLS 的信箱:「Making email safer for you」。

先確認 msa.hinet.net 的 MX record:

;; ANSWER SECTION:
msa.hinet.net.          86174   IN      MX      0 msa-smtp-mx1.hinet.net.
msa.hinet.net.          86174   IN      MX      0 msa-smtp-mx2.hinet.net.

以及不支援 STARTTLS (在 EHLO 後不會出現 STARTTLS 選項):

$ t msa-smtp-mx1.hinet.net 25
Trying 168.95.6.53...
Connected to msa-smtp-mx1.hinet.net.
Escape character is '^]'.
220 msa.hinet.net ESMTP Sendmail 8.14.2/8.14.2; Thu, 11 Feb 2016 04:52:16 +0800 (CST)
EHLO localhost
250-msa.hinet.net Hello 114-32-152-63.HINET-IP.hinet.net [114.32.152.63], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
QUIT
221 2.0.0 msa.hinet.net closing connection
Connection closed by foreign host.

打開 Gmail 在收件人的地方輸入 test@msa.hinet.net 後,就會跳出紅色鎖頭表示不支援 STARTTLS。

Archives